Email Encryption- How to Encypt Email

WebMail Assistant .

This program is designed to extend the capabilities of Hotmail and Yahoo Mail, and to make them faster and easier to use.

More importantly it lets you save messages and address book information on your own hard drive.

Subscribe to The Easy Email Newsletter

Email Encryption Methods

If you are sending and receiving confidential information by email then it is important that you secure your email messages by using some form of encryption.

Email Encryption Methods

The message is encrypted (hidden) by

Applying a cipher (method or algorithm) to the message
Applying a cipher (method or algorithm) and a key or password to the message.

Applying a cipher

Perhaps the simplest form of encryption is by using a substitution cipher.

This is a method of encryption by which units of plaintext are replaced with ciphertext according to a regular system; the "units" may be single letters (the most common), pairs of letters, triplets of letters, mixtures of the above, and so forth.

The receiver deciphers the text by performing an inverse substitution.-Wikipedia

The most well known as easiest to implement and also to break is the Caesar cipher.

In cryptography, a Caesar cipher, also known as a Caesar's cipher, the shift cipher, Caesar's code or Caesar shift, is one of the simplest and most widely known encryption techniques.

It is a type of substitution cipher in which each letter in the plaintext is replaced by a letter some fixed number of positions down the alphabet.

For example, with a shift of 3, A would be replaced by D, B would become E, and so on. The method is named after Julius Caesar, who used it to communicate with his generals.- Wikipedia- Caesar cipher

Example Using a shift of 3:

Plain:   ABCDEFGHIJKLMNOPQRSTUVWXYZ
Cipher:  DEFGHIJKLMNOPQRSTUVWXYZABC

The becomes wkh when encrypted.

There are software tools available that will perform the operation automatically.

Applying a Cipher and Key

This method is much more secure than using a simple cipher and is the one most commonly used to encrypt email.

There are two key types in use- Symmetrical Keys and Asymmetrical Keys (Public and Private Keys).
today employ public and private keys.

The keys are simply numbers (128 bit being common) that are then combined with the message using a particular method/cipher (algorithm- RSA) to either encrypt the message.

Symmetrical key Encryption

Symmetrical keys are the simplest to use but are not considered as strong as Asymmetrical Keys.

Symmetrical keys use the same key (password) to encrypt and decrypt and don't require any special key infrastructure. All you need to do is to choose a password/key and then inform the recipient of the chosen key.

You can change the key at any time and will simply need to inform the recipient of the new key.

Symmetrical key encryption is usually the best choice for small businesses/personal use.

Asymmetrical Key Encryption

Asymmetrical Keys use two different keys to encrypt and decrypt the email and are distributed using a certificate which requires a certificate infrastructure. This type of encryption is typically found in large companies/organisations.

Use of this method is inbuilt into most email clients including outlook express and thunderbird. Clicking the security icon in thunderbird gives you the option of encrypting an email.

If you don't have a valid certificate then you get the following warning message and you are unable to encrypt the email.

In order to use this method you need to obtain and install a certificate and install it.

Obtaining A digital Certificate

You get a digital certificate from a recognised Certificate authority. Just like you get a passport from a passport office. In fact the procedure is very similar.

You fill out the appropriate forms add your public keys (they are just numbers) and send it/them to the certificate authority. The certificate authority does some checks ( depends on authority) and the send you back the keys enclosed in a certificate.

The certificate is signed by the Issuing Certificate authority and this it what guarantees the keys. Now when someone wants your keys you send them the certificate, they verify the signature on the certificate, and if it verifies then they can trust your keys.

Manual Encryption Using FireFox Add-on and Online Tools

There is an add-on available for firefox that can be used for encrypting and decrypting messages/message parts when using a webmail service like gmail. The add-on is called lock the text and uses a password/passphrase to encrypt the desired text.

If you use a standard email client like outlook/thunderbird you can do the same by using the online tool.

The process is a little cumbersome but you only usually need to do it on a few emails. In addition with the online tool both parties can send/receive encrypted email without the need to subscribe to a service or download software.

Online Email Encryption Services

This is another approach to encryption designed to make it easier for small businesses and individuals.

The email is not sent directly to the recipient but it is sent via a secure sever. The recipient must access that server via link in the email to read the message.

This method has the advantage that no software need to be downloaded and it works in any email client.

In addition other services like expire email and read limits are available. Many providers like jumbleme provide free trials.

References and related security articles:

--------------------------------------------------------------------