The process of encoding data to prevent unauthorized access. An encrypted message is unreadable to all but the recipient, who has a public key that will decrypt it because the key matches the private key that the sender used to encrypt it.
Encryption of e-mail messages is needed:
- in order to protect the content from being read by unintended recipients.
- so to have more secure communications, even when the transmission medium (for example, the Internet) is untrustworthy.
- to help ensure data integrity as well as to maintain secrecy.
- to verify the origin of data and messages, by using certificates.
When using cryptographic methods, the cryptographic keys must remain secret. The algorithms, key sizes, and file formats can be made public without compromising security.
The two fundamental operations of cryptography are encryption and decryption (decrypt: The process of converting cipher (scrambled) text back into plain, readable text. Recipients decrypt (unlocks) the e-mail messages sent to them using their private key.). Encryption involves scrambling the data in such a way that it should be infeasible to deduce the original information, unless one has access to the appropriate key. Decryption is the reverse process: Scrambled data is turned into the original text by using a key.
In order to encrypt and decrypt, one needs an encryption algorithm and a key. Many encryption algorithms exist, including Data Encryption Standard (DES), Rivest/Sharmir/Adleman (RSA) encryption, RC2, and RC5. A key is used in conjunction with the algorithm to convert the plain text (readable by people) into cipher text (scrambled, unreadable by people).
DES, RC2, and RC5 are known as symmetric key technology because the key used to encrypt the data is the same one used to decrypt it. Hence, the key must be a shared secret between the party encrypting the data and the party decrypting it. One can use public key technology to pass the key securely to the other party.
RSA is known as public key, or asymmetric, technology, because two keys are used: a public and a private key (private key: The secret key kept on the sender's computer that the sender uses to digitally sign messages to recipients and to decrypt (unlock) messages from recipients. Private keys should be password protected.). The keys are mathematically related, but cannot figure out one without knowing the other. The private key is kept private - only the party generating the key pair should have access to it. The public key can be freely shared over an insecure medium such as the Internet. With public key systems, there is no shared secret between the two parties. If the public key is used to encrypt the data, then only the private key can decrypt it. Similarly, if the private key is used to encrypt the data, then only the public key can decrypt it.
ODS Webmail offers both Symmetric and Asymmetric Key Technology Implementation. Assume the following simple scenarios:
- ODS Webmail Example for Encrypting Emails
- ODS Webmail Example for Encrypting Emails using special search by domain
- ODS Guide for Sending Digitally Signed Messages
- ODS-Mail Evaluate SMIME + WebID Support Guide