Encryption and Decryption in emails

In today’s digital era, each one of us might have sent and recieved a large number of emails. But have we really bothered to know whether what we transmit is really confidential ? Is someone spying on the data we send through an email or is it only the reciever who reads what we send ? If one had spent time finding answers to these questions, one surely would have used a security mechanism each time a confidential or secret information is being shared on an email. Interesting !
In this article, we’ll spend time understanding ways in which confidentiality of information sent using emails can be achieved.
How is confidentiality of information achieved in general ?
Let us say Alice wants to send some information to Bob over a network and Alice does not want anyone except Bob to read what she had sent.
Surely, Alice can’t send the information as it is (in raw format) as she is aware (and probably we are too) of the fact that the network over which data is transmitted is insecure. So, she needs a mechanism through which her data gets converted to an unreadable format before being transmitted and this unreadable form of data gets converted back to the same original data that she intented to send when it reaches Bob.
This technique of converting data to be sent on a network to a format that is not understandable, is called Encryption. And, the technique of converting the ‘not understandable data’ back to its original form is called Decryption.
It is through this process of Encryption at Sender’s side and Decryption at Reciever’ side, that the data is transmitted with Confidentiality.
It is obvious that an attacker can steal Encrypted form of the data being transmitted over the network and try to decrypt it. Thanks to Cryptography, there are techniques that prevents the attacker from decrypting it but at the same time, keeping it possible for the reciever to decrypt it, as a result making sure that confidentiality is achieved. One obvious technique to allow only the reciever to decrypt is to have a shared secret key between sender and a reciever. The sender uses the key to encrypt and the reciever uses the same key to decrypt. This technique falls under the category of Symmetric Key Cryptography. There is also another way to achieve the same thing called Asymmetric Key Cryptography, which is also called Public Key Cryptography. Curious to know how the other method works ? Read on!
Email encryptions make use of Public Key Cryptography and Hashing

Public Key Cryptography
If Alice wants to use email to send the information she had to Bob, Alice is the sender of the email and Bob is the reciever. It is the responsibility of Bob, the reciever to generate two keys — a public key and a private key and to publicize the public key. Using the public key publicized by the reciever, Alice, the sender will encrypt her data before sending it to Bob. The only person to know the private key is Bob. Therefore, the only person who can decrypt what Alice had already encrypted is Bob. Upon arrival of the data in encrypted form, Bob will decrypt the data and will be able to make sense out of it.
Hashing
Hashing in cryptography is a method in which data of arbitrary size (called message) is mapped to a string of fixed size (called message digest) using a one-way function, which is a function that is practically infeasible to invert.

An ideal cryptographic hash function has the following properties:
- Deterministic: The same message should result in the same hash.
- Efficiently Computable: It should be quick to compute the hash value for any given message.
- Infeasible to Invert: It should be infeasible to generate a message that corresponds to a given hash value.
- It should be infeasible to find two different messages with the same hash value.
- Avalanche Effect: A small change to a message should change the hash value extensively.
The figure above shows the hash values of some messages generated using SHA1 algorithm.
Email Encryption Protocols
Now, we are good enough to describe protocols used to encrypt emails.
1. Pretty Good Privacy (PGP)
Pretty Good Privacy (PGP) is a popular encryption program which is used for encrypting and decrypting emails over the Internet, as well as authenticating messages with digital signatures, which is a combination of Hashing and public key encryptions. This algorithm was invented by Phil Zimmerman in 1991.
PGP was designed to provide all four aspects of security, i.e., confidentiality, integrity, authentication, and non-repudiation in the sending of email.
Now, let us describe the way in which PGP works.
In a system that uses PGP, each user has a pair of keys — a public key, known to all others and a private key, known only to itself.
At the sender’s side, a digital signature of the email is created for authentication, integrity as well as non-repudiation. The content of the email is hashed using Cryptographic Hash functions (either MD5 or SHA algorithm) to form a message digest. The digest is then encrypted using the sender’s private key. The signed digest (encrypted digest) is then combined with the original email and then this combination is encrypted using a one time secret key created by the sender using a symmetric key encryption algorithm. The one time secret key is then encrypted using the public key of the reciever. The combination of encrypted one time key and the encrypted email and digest is then sent over the network. The steps described are shown in the diagram below:

At the reciever’s side, the secret key encrypted using reciever’s public key is extracted and decrypted using the reciever’s private key. The encrypted email and digest is then decrypted using the secret key. Hence, we obtain the email content and the digest encrypted using sender’s private key. As the reciever has the public key of the sender, the encrypted digest is decrypted. The email recieved is hashed using the same cryptographic hash function used by the sender and the new message digest obtained is matched with the digest decrypted in the previous step. The digests have to match to ensure data integrity. Hence, the email is recieved at the reciever’s end ensuring data confidentiality, integrity as well as authentication. The steps mentioned are depicted in the diagram below:

2. S/MIME (Secure Multi-Purpose Internet Mail Extensions)
S/MIME is a secure e-mail standard based on an earlier non-secure e-mailing standard called MIME. Previously, mails carried only text, S/MIME provided the support to carry varying content.
S/MIME approach is similar to PGP. It also uses asymmetric key cryptography, symmetric key cryptography, hash functions, as well as digital signatures and hence provides similar security services as PGP for e-mail communication.
S/MIME provides:
1. Enveloped Data, which helps in applying privacy protection to a message. The sender needs to have access to the public key for each intended message recipient.
2. Signed Data, to provide authentication. Only a S/MIME enabled mailer can view this message.
3. Clear-signed Data, to provide authentication for users with S/MIME capabilities, but to retain readability for other viewers.
4. Nesting of signed and encrypted data.
RC2 and TripleDES are the most common symmetric ciphers used in S/MIME. On the other hand, the usual public key crytography method used is RSA, and the hashing method used is either SHA-1 or MD5.
Now, let us describe the way in which S/MIME works.
At the sender’s side, EnvelopedData MIME entity (encrypted mail) is made by first generating a pseudo random session key to be used by symmetric key encryption algorithm. The email message is encrypted using the session key generated. This session key is then encrypted using the public key of the reciever.
Now, the email content is hashed using a cryptographic hash function to form message digest. This message digest is then encrypted using the private key of the sender. The signed S/MIME message consists of the encoded message and the signed digest (encrypted digest). A SignedData MIME entity is also made using the steps that follow. The email is hashed using a cryptographic hash function to a message digest. The message digest is encrypted using the private key of the sender (signer). This forms a part of the SignedData MIME entity which is encoded using base64 format. Clear signing uses the multipart content type in MIME to transmit the email body and the signature separately. The email body is encoded so that it is not altered during transit. The second object, the signature, is sent in base64. Thus, only S/MIME enabled mail readers can use the signature.


At the reciever’s end, the S/MIME encrypted message is used to get the content of the email. The encrypted session key is decrypted by the private key of the reciever. The session key is used to decrypt the email. Now, the signed S/MIME message is used to verify data integrity and authentication. The encrypted digest is decrypted using the sender’s public key and the encoded email body is hashed. The encoded message hashed is then compared with the digest, which should match.
The signed entity and encrypted mail of S/MIME are depicted in the two figures shown above.
Difference between S/MIME and PGP
You might be wondering that there is not much difference between the two algorithms presented.
But the difference lies in the way a user of the system with S/MIME and PGP obtains the keypair. In S/MIME, a user has to obtain the keypair (used in public key crytography algorithm) from a trusted Certificate Authority. And if one wants to verify if the obtained public key is really an authenticate public key of that user and is not forged by some attacker, he needs to verify it with the trusted authority and then use the key. On the other hand, PGP uses the concept of signing the keypair. Every user needs to sign his own keypair as well as of others with whom he wishes to communicate. Signing a key vouches for the authenticity of the public key. As a result, unlike S/MIME, PGP does not require a centralized trusted authority for verification of keys involved in public key cryptography.
In this post, we have discussed protocols for end-to-end encryption, meaning none except the sender and the reciever, not even services like Gmail can read the email. There are transport level encryption protocols as well, STARTTLS being one of them. We’ll discuss them in a seperate post some time later !
Although many of us do not care about encryption in emails in our day-to-day life, it is really necessary to encrypt emails end-to-end if the information transmitted is really sensitive.
I hope that you might have enriched yourself with a good knowledge about how the end-to-end encryption in email really works !
Blog compiled by:
Abdul Sattar Mapara
References:
