blackbar
idcloak on Google+
IDCLOAK KNOWLEDGE CENTER
 

free web proxy

More options
Proxy server settings:



 

Email Encryption

to_the_top_navigation

What is Encryption and How Email Encryption Works?

These days, a significant amount of sensitive communication is sent and received through email, such as bills, bank statements, business transactions, or just simple greetings from a friend or family member. Unfortunately, email at its core is a very insecure way to communicate and the result is that our most sensitive information is easily accessible. Emails can easily be intercepted by a hacker, or an employee at an ISP or email service can read messages as they pass through their servers. Consequently, email is incredibly easy to intercept, leaving the user's information and identities at risk.

Descriptive Image
stealing data

Securing your email with public key encryption prevents snooping and therefore protects you and your information. Email encryption doesn't prevent interception from happening, but it does prevent anyone but the intended recipient from reading it. Email encryption also has features that ensure the integrity and authentication of the message to ensure you're receiving the message from the actual sender and that nothing has been altered in the message.

How?

When you encrypt a message, only the intended recipient can read it. Anyone else who sees the message will only see gibberish and random characters. Email encryption is done with a type of encryption algorithm which ensures that there is no feasible way that the actual message can be derived from the gibberish; if someone gets a hold of a message, there's no feasible way for them to ever know what the content of the message is.

Email encryption can be done manually through encryption software like GnuPG, or through a secure email service (see idcloak for more information on secure email service). When done manually, there are several steps to follow for each message to become encrypted, authenticated and signed for integrity. On the other hand, when using a secure email service all of the encryption, integrity and authentication processes are done automatically, without any user intervention. Furthermore, if done properly, even the secure email service provider cannot read your email.

Whether or not you want to encrypt your email messages yourself or use an encryption service, the following describes the fundamental steps of email encryption.

Public Key Encryption

Email encryption, whether done manually with GPG or through an email encryption service, is most commonly done with Public Key Cryptography. Simply, public key cryptography encrypts and decrypts data with a key pair: a public key and a private key that correspond with one another. Email encrypted with the public key can only be read by decrypting the message with the corresponding private key.

The public key of the recipient is used by the sender to encrypt a message

The private key is used by the recipient to decrypt messages, and must be kept secret by the owner

With this technique, the user has to generate a key pair before they can begin sending and receiving secure communication. For example, Bob and Alice, before sending or receiving encrypted email, have to generate their own key pair; they both need a public key and a private key. They generate this key pair through a key generation program as shown in Figure 1.

descriptive image
keygeneration_program

Part II: Figure 1. Key Pair Generation for Public Key Cryptography

Part III: How to Encrypt Messages

Written by: 
Robin Welles; expats team, internet security team