Overall it does sound like a a good idea.
Someone mentioned PGP and I think it's a valid case, but we can go even further.
To make it secure
: I can imagine a system where you can store your private key into your browser local storage, and the browser will decrypt the message for you - not phpBB
at that stage. Same for the encryption, the message is encrypted by the browser before sending
The keys will need to be generated inside the browser as well, as the OP could intercept them if generated by phpBB.
It is technically possible, but a little more challenging