Q
Problem solve Get help with specific problems with your technologies, process and projects.

# Which public key algorithm is used for encrypting emails?

## Although PGP and S/MME both use public key encryption, Expert Joel Dubin explains PGP and S/MME's distinct approaches to e-mail coding.

Which public key algorithm is used for encrypting emails?

You can encrypt email using either Pretty Good Privacy (PGP) or S/MIME. Unfortunately you can't use both, because...

the two applications aren't compatible and use different methods for encryption. However, both use public key encryption at some point in their respective processes. Public key or asymmetric encryption is supposed to solve the fundamental problem of securely distributing a private key over a public medium like the Internet. It uses two keys: a public key, available to the world, and a private or secret key that is only kept by its owner. Both keys are needed to encrypt and decrypt the message. The system is secure because even though the two keys are mathematically related, they can't be derived from each other. Since only the public key, which is openly available but can't be used to decrypt the message by itself, is needed to encrypt a message, the private key doesn't have to be distributed in the wild, where it could be exposed and its secrecy compromised.

PGP was invented by Phil Zimmerman in 1991 and uses two asymmetric algorithms: RSA and DSA. RSA was named after its MIT inventors, Ron Rivest, Adi Shamir and Len Adleman. It uses key lengths ranging from 1024 to 2048 bits. DSA, or Digital Signature Algorithm, is a U.S. government standard which PGP uses to create a digital signature for a message to verify the authenticity of the sender.

S/MIME, on the other hand, also uses RSA and DSA, but only for providing digital signatures. S/MIME, unlike PGP, relies on the use of a certificate authority (CA) for storing certificate hierarchies, which are used for encrypting messages, instead of public key encryption. As a result, such encryption is only needed for digital signatures, when necessary.

• Visit our resource center for news, tips and expert advice on how to use SMIME/PGP encryption methods to secure email transmissions.
This was last published in September 2006

## Content

Find more PRO+ content and other member only offers, here.

#### Have a question for an expert?

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

#### Start the conversation

Send me notifications when other members comment.

## SearchCloudSecurity

• ### How Amazon GuardDuty could bolster enterprise cloud security

The new Amazon GuardDuty aims to secure enterprise AWS accounts and workloads, but does it? Expert Ed Moyle takes a closer look ...

• ### What the Azure AD Connect vulnerability can teach enterprises

Enterprises should learn from a Microsoft Azure AD Connect vulnerability that cloud security requires a hands-on approach. Expert...

• ### How the Meltdown vulnerability affects cloud services

The Meltdown vulnerability has far-reaching implications, including with cloud providers. Expert Dave Shackleford looks at the ...

## SearchNetworking

• ### Ethernet bandwidth costs fall to a six-year low

Ethernet bandwidth costs in data center switches fell to a six-year low in 2017. Crehan Research reported cloud provider demand ...

• ### Yahoo Japan deploys intent-based network with Apstra AOS

Yahoo Japan deploys an Apstra intent-based network to oversee multiple vendors. Cisco touts Los Angeles Hospital, as well as the ...

• ### Is it best to buy or build a network automation system?

Bloggers explore the question of buying versus building a network automation system, the challenges of hyper-converged ...

## SearchCIO

• ### Former Equifax CIO's indictment should be a red flag for IT execs

A former Equifax CIO has been indicted for insider trading following the company's 2017 data breach. Will it force IT execs to ...

• ### Two data scientists offer advice on breaking down siloed data

Data scientists offer insight into why the age-old problem of siloed data persists and some concrete advice to CIOs on how to ...

• ### ISACA: Build security into artificial intelligence hardware

A new paper on how to fight off malicious AI recommends adding security features to AI chips. ISACA's Rob Clyde explains why ...

## SearchEnterpriseDesktop

• ### How to take advantage of SCCM and Intune co-management

IT can combine Microsoft Intune and System Center Configuration Manager to manage users' mobile devices, as well as any legacy ...

• ### Get to know your Windows 10 update options

Windows as a service changes the way updates work in Windows 10 from past versions of the OS. Each of the three servicing ...

• ### Top six Windows 10 migration problems and how to avoid them

Users and IT professionals sometimes have issues after a Windows 10 migration. Careful planning can mitigate these issues before ...

## SearchCloudComputing

• ### Analysts: How to make IBM Cloud services more competitive

To make IBM Cloud more competitive, Big Blue must stand by its enterprise base, while it also satisfies the developer community ...

• ### Don't overlook these practices in software modernization

During app modernization projects, teams commonly overlook basic goals, processes and tools. which can sully app launches as a ...

• ### Google preemptible VMs reduce cloud costs -- with a catch

With its preemtible VMs, Google offers spare compute capacity at a discounted price. But be careful not to run certain apps on ...

## ComputerWeekly.com

• ### Employers face hiring crisis as AI replaces mid-skilled jobs

Artificial intelligence could replace two-thirds of existing jobs within 20 years, and employers will face growing difficulties ...

• ### Majority of organisations unaware of costs and responsibilities for cloud outages, research finds

Most companies are unaware about the costs associated with a cloud outage and who is responsible for getting systems back online

• ### Network security in the age of the internet of things

Wireless devices and smart technologies are increasingly being brought into the workplace, and pose a growing risk to company data

Close