Email Cryptosystems

Two basic forms of cryptographic systems are utilized for e-mail encryption: symmetric and asymmetric. Both systems are standards and are used in several kinds of software applications. (“Email Encryption”)

  • Symmetric Key Cryptography
    In Symmetric systems, both recipient and sender share a common key or password that is used to decrypt and encrypt the message. Symmetric key has some advantages over asymmetric, including ease of usability, speed, management, and cost. Symmetric systems are often found in e-mail encryption software because of these benefits. Symmetric systems often implement key strengths of Data Encryption Standard (DES), Advanced Encryption Standard (AES) and Triple DES. (“Email Encryption”)
  • Asymmetric Key Cryptography
    In 1976, Whitfield Diffie and Martin Hellman developed asymmetric cryptography, which uses two keys: one public, the other private. The public key can be shared with everyone and is used to encrypt the message. The private or secret key should be known only to the recipient and will be used to decrypt the message. (“Email Encryption”)

    Standard approaches to Email encryption
    Some of the solutions to provide email encryption are-

  • S/MIME
    (Secure/Multipurpose Internet Mail Extensions) is a standard for public key encryption signing e-mail. S/MIME was developed by RSA Data Security, Inc. S/MIME provides the cryptographic security services for authentication, message integrity, and non-repudiation by combining a digital signature with encryption.
  • PGP and OpenPGP
    Pretty Good Privacy (PGP) is a standard that delivers cryptographic privacy authentication. The first version of PGP, by designer and developer Phil Zimmermann, was released as an open standard.
    PGP uses both public-key cryptography and symmetric key cryptography.
  • PostX Registered Envelope Encryption and Security
    The PostX Registered Envelope is a secure delivery model for PostX Envelope. The Registered Envelope uses online authentication for decryption key retrieval to provide secure auditable message delivery. The Registered Envelope delivers both the encrypted payload and necessary decryption code via an e-mail attachment to the recipient. (“Email Encryption”)

  • Identity-Based Encryption
    In this model, the e-mail address of the recipient is used to perform the e-mail encryption. In order to provide the strength of a password or authentication, identity-based encryption requires client software.

    What are some of the biggest challenges in securing Web activity?

  • Government buy-in: Governments and States view encryption with suspicion – more so end-to-end encryption.
  • Costs involved: The current shift of websites from HTTP to HTTPS shows a marked resistance – as SSL certificates cost money. If HTTPS needs to be made the default protocol, it should be made “free”, as HTTP is.
  • Technical limitations: Security and cryptography are constantly evolving, and no one system is perfect and completely fail-proof.


Encryptomatic. (n.d.). Email Encryption. Retrieved from