Well SSL POP3 and IMAP are supported. There's no TLS smtp, however -- so if you're using our outgoing mail server, you'd still need to authenticate in plaintext. However, for the paranoid, you could either tunnel an ssh connection to your user machine (and forward a local port to port 25 on the mail machine), or else you could sign up for a VPN account and set that up.
I think this is a really bad idea from a security perspective. While there are no untrusted users on the webmail machines, doing this just doesn't strike me as a good idea (reasons why have been hashed out on the Squirrelmail mailing list in the past; I don't have an exact link at the moment). You're much better off using a client on your home machine, or (if you must) a shell based client on the server side.
It's possible that we might add the plugin for verifing S/MIME and PGP signed messages, but it's unlikely that we'd add the encryption modules. I think there may be some issues doing this when there aren't home directories for local users (since the keyring for each user would probably have to be held in a database of some sort).