You can encrypt email using either Pretty Good Privacy (PGP) or S/MIME. Unfortunately you can't use both, because the two applications aren't compatible and use different methods for encryption. However, both use public key encryption at some point in their respective processes. Public key or asymmetric encryption is supposed to solve the fundamental problem of securely distributing a private key over a public medium like the Internet. It uses two keys: a public key, available to the world, and a private or secret key that is only kept by its owner. Both keys are needed to encrypt and decrypt the message. The system is secure because even though the two keys are mathematically related, they can't be derived from each other. Since only the public key, which is openly available but can't be used to decrypt the message by itself, is needed to encrypt a message, the private key doesn't have to be distributed in the wild, where it could be exposed and its secrecy compromised.
PGP was invented by Phil Zimmerman in 1991 and uses two asymmetric algorithms: RSA and DSA. RSA was named after its MIT inventors, Ron Rivest, Adi Shamir and Len Adleman. It uses key lengths ranging from 1024 to 2048 bits. DSA, or Digital Signature Algorithm, is a U.S. government standard which PGP uses to create a digital signature for a message to verify the authenticity of the sender.
S/MIME, on the other hand, also uses RSA and DSA, but only for providing digital signatures. S/MIME, unlike PGP, relies on the use of a certificate authority (CA) for storing certificate hierarchies, which are used for encrypting messages, instead of public key encryption. As a result, such encryption is only needed for digital signatures, when necessary.
- Visit our resource center for news, tips and expert advice on how to use SMIME/PGP encryption methods to secure email transmissions.
Dig Deeper on PKI and digital certificates
Related Q&A from Joel Dubin
Ensuring authenticity of online communications is critical to conduct business. Learn how to use a public key and private key in digital signatures ... Continue Reading
Learn about the purpose of CAPTCHA challenges that enable websites to differentiate bots from authentic users to stop spammers from hijacking forums ... Continue Reading
Proper planning is at the top of the list for single sign-on best practices, but it's important to get enterprise SSO implementations off to a good ... Continue Reading