Mail encryption ensures the complete confidentiality of the correspondence, both the content of the electronic letter as well as the attachments. The use of cryptographic algorithms guarantees that no unauthorized person will know the content of correspondence sent via the Internet, except for a specific recipient. In addition, the content of the email remains encrypted even after receiving the message and saving it in the mailbox on your computer. Reading of the information contained in the sent message will each time require a special verification key.
Encryption of messages can be done according to two alternative security methods: OpenPGP and S / MIME, as described below.
Mail encryption using the Open PGP (PGP) method
Authentication of recipients in PGP relies on a web of trust (WoT) in which users confirm their identity by each other. Simply put, this is done by exchanging keys between people known to aech other. In practice, network users place a virtual signature on another user’s certificate (key) and thus verify their identity. At the same time, the person who use the key is also a subject to verification.
Mail encryption using the S / MIME (X.509) method
This method uses digital certificates issued to users by the certification center. User verification is therefore based on trust in the center that issues identifiers. However, it should be noted that the center in no way confirms the identity of the user, to whom such digital certificates are issued for free.
In the event of theft or seizure of a private key by unauthorized persons, the key is revoked by the revocation certificate.
Mail encryption by private key – what you should know?
Both the PGP mechanism and the X.509 one use the asymmetric cryptography. It uses public and private keys to encrypt e-mail messages.
The public key is public, so it can be freely sent even in unsecured network communication or it can be given openly for example on the website. The recipient’s public key is used by the email sender to encrypt the information contained in the message. In turn, reading of the message is possible only after entering the private key in which the e-mail address is held.
S / MIME digital ID – what you should know?
Digital IDs are a must when encrypting mail and signing correspondence using the X.509 method. Each user receives an individual digital certificate, also called a digital identifier, from the certification center or the IT department of the company . When choosing a digital certificate, it is very important to opt for a trusted certification authority that is recognized by web browsers and popular email clients. Otherwise, after encrypting the email, you may receive a message saying that the message was encrypted with an ID that you do not trust.
Comodo Certificates are the most popular and recognized by as much as 99% of email programs. Each such certificate can be freely saved on a computer in the “certificate store” or “smart card”.