Email encryption is used to send sensitive information encrypted via email. There are two different principles for this, which are used independently of each other. First, end-to-end encryption encrypts an email end-to-end between the sender and recipient. Second, with point-to-point or transport encryption, the transmission distance of an email is encrypted between two components in the email system, for example between the sender and the email provider or between different providers.
End-to-end encryption often goes hand in hand with digital signatures and is used as a standard combination in standards such as S/MIME or PGP. The goal of a digitally signed email is to send information from the sender to the recipient in such a way that the sender is clearly identifiable and no one can manipulate the email unnoticed on the way from the sender to the recipient. The email signature thus ensures authenticity and integrity, while confidentiality is ensured by encryption.
TLS or STARTTLS is used for transport encryption, which ensures the integrity and confidentiality of a transmission link. To additionally ensure end-to-end security, transport encryption and end-to-end encryption can also be used together, as they work at different levels and independently of each other.
---
What Does Email Encryption Do?
Email encryption is a security measure that protects the content of email messages from being accessed or intercepted by unauthorized parties. It achieves this by encoding the contents of an email message in such a way that only the intended recipient can decipher and read it.
It ensures that the contents of an email message remain confidential and cannot be read by anyone other than the intended recipient. This prevents unauthorized access to sensitive information, such as personal data, financial details, or confidential business communications. Naturally, by encrypting email messages, sensitive data within the emails, such as passwords, credit card numbers, or trade secrets, is protected from interception or eavesdropping during transmission over the internet. Even if an attacker intercepts the email, they would only see encrypted gibberish without the decryption key.
Email encryption enhances user privacy by safeguarding the privacy of communications. It prevents third parties, including internet service providers (ISPs), government agencies, and hackers, from accessing or monitoring the contents of email messages without authorization. This helps users maintain control over their personal and sensitive information.
Some email encryption methods also provide authentication mechanisms to verify the identity of the sender and ensure that the email has not been tampered with during transmission. This helps prevent email spoofing and phishing attacks by ensuring that the recipient can trust the integrity of the message.
Email encryption is often required to comply with data protection regulations and industry standards, such as the General Data Protection Regulation (GDPR) in the European Union or the Health Insurance Portability and Accountability Act (HIPAA) in the United States. Encrypting emails containing sensitive or personally identifiable information helps organizations meet legal and regulatory requirements for data security and privacy.
Email Encryption Architecture and Methods
There are various forms of application for email encryption and email signatures.
Classic email encryption and signature is done from client to client (end-to-end encryption).
Example: Alice emails an encrypted and signed message to Bob.
- The encryption and signature of the message is handled by Alice’s e-mail client. For encryption, Bob’s public key is used. The signature is done with Alice’s private key.
- The decryption and signature verification of the message is handled by Bob’s e-mail client. Decryption is done with Bob’s private key. Verification of the signature is done with Alice’s public key.
Client-based solutions have the disadvantage that they are suitable for many organizations (companies, associations, …) are too complex. Because the appropriate IT infrastructures do not exist, the temptation is great to organization to completely dispense with email encryption and signature.
To avoid the drawbacks of client-based encryption, server-based solutions are the way to go. The work of encryption and signature is not done by clients, but by servers.
Example 1: Alice works in a company A and sends an encrypted and signed message to Bob via email.
- The encryption and signature of Alice’s message is carried out by an e-mail server (a so-called encryption gateway) located in Company A.
- The decryption and signature verification of the message is handled by Bob’s e-mail client.
Example 2: Alice works in a company A and sends an encrypted and signed message to Bob via email. Bob works in a company B.
- The encryption and signature of Alice’s message is carried out by an e-mail server located in Company A.
- The decryption and signature verification of the message at Bob is carried out by an e-mail server located in Company B.
The advantages of a server-based solution are as follows:
- The members of the organization (e.g. the employees in the company) do not have to deal with the issue of encryption and signature. The work is done by the administrator, who maintains the centrally located server.
- Nevertheless, all e-mail traffic can be encrypted and signed, as long as the internal users want it and the external communication partners participate.
The disadvantage of this solution is that the administrator or third parties can eavesdrop on the path between the sending e-mail client and the internal mail server (encryption gateway) and thus read and modify e-mails.
Server-based solutions can provide the administrator with the following services:
- Automatically generate, manage and, if necessary, publish secret and public keys of internal users (e.g. in the case of public LDAP directories)
automatically query and validate the certificates of external communication partners and possibly store them for later use - Fully automated certificate issuance
Underlying Technology of Email Encryption Methods
The common method of achieving confidentiality and authenticity in email is PKI-based email encryption and signature. PKI stands for Public Key Infrastructure. PKI-based email encryption and signing almost always uses one of the following two standards:
- S/MIME: Secure / Multipurpose Internet Mail Extensions
- OpenPGP: Open Pretty Good Privacy
PKI-based email encryption and signature is used in both client-based and server-based solutions.
S/MIME-based email encryption and signature in detail
As with pure hybrid encryption, each communication partner must generate a key pair, before they can sign emails or receive encrypted emails. Without your own key pair, only the verification of foreign signatures and the encryption of messages is possible.
In the S/MIME world, it is common for new communication partners to have their public key signed by a certificate authority. To do this, the public key is sent to the certificate authority. Depending on the security class, the CA checks more or less rigorously whether the public key actually belongs to the person who claims it. After passing the check, the CA creates a certificate of the key by signing it with its secret signing key. The certificate consists of the public key itself, the signature and administrative data. The signing key used for signing has a public verification key that can be used to verify the signature. There is also a certificate for this verification key of the CA, the CA certificate, which in turn has been signed by a certificate authority. In this way, a chain of CA certificates is created. The last link in such a chain is called the root CA certificate. The root CA certificate has been self-signed, so in practice, there are more ways to ensure that the root CA certificate is genuine.
Messages can be signed as well as encrypted. A signature ensures that a message has not been altered and provides information about the identity of the author. Encryption guarantees the confidentiality of the message, usually ensuring that the sender and all recipients of a message can decrypt it.
Password-based email encryption is an option that can be offered by server-based solutions. It solves the following problem:
If server-based solutions are PKI-based, they can relieve the internal communication partners of the operating organization of complicated PKI, but not the external communication partners. The external communication partners must either operate a server-based solution in their organization themselves or, if this is not possible, operate their PKI client-based. If they can’t do both, then email encryption is not possible, at least PKI-based.
To avoid not encrypting at all, server-based solutions can offer password-based email encryption in addition to PKI-based email encryption. For external communication partners who have a PKI, PKI-based encryption is then used. For communication partners who do not have PKI, password-based encryption can be used.
Example of OpenPGP Based Email Encryption
First, ensure that you have GnuPG (GNU Privacy Guard) installed on your system. Most Linux distributions come with GnuPG pre-installed.
Generate Your Key Pair
If you haven’t already generated your OpenPGP key pair, you can do so by running the following command and following the prompts:
1 | gpg --full-generate-key |
Encrypt the Email
Once you have your key pair, you can encrypt an email using the recipient’s public key. Assuming you have the recipient’s public key imported into your keyring, you can use the following command:
1 | gpg --encrypt --recipient recipient@example.com file.txt |
Replace recipient@example.com with the email address of the recipient and file.txt with the file you want to encrypt. This command will create an encrypted version of the file with a .gpg extension.
Send the Encrypted Email
You can now attach the encrypted file to an email and send it to the recipient. The recipient will then use their private key to decrypt the email and read its contents.
Decrypt the Encrypted Email
To decrypt the email encrypted with OpenPGP, the recipient needs access to their private key and the encrypted email file.
If the recipient hasn’t already imported the sender’s public key into their keyring, they need to do so. This step ensures that the recipient can verify the sender’s signature if the email was signed as well.
1 | gpg --import sender_public_key.asc |
Replace sender_public_key.asc with the file containing the sender’s public key. Once the recipient has imported the sender’s public key and received the encrypted email file, they can use their private key to decrypt it. They can do this with the following command:
1 | gpg --decrypt encrypted_file.gpg |
Replace encrypted_file.gpg with the filename of the encrypted email file. GnuPG will prompt the recipient to enter their passphrase for their private key. The recipient can then read the decrypted email message.
It’s important to note that the private key should be kept secure and protected with a strong passphrase to prevent unauthorized access. Additionally, the recipient should verify the authenticity of the sender’s public key to ensure the integrity of the communication.
