Revealing the Secrets of Email Encryption
Do you know how modern email protection works?
Not really? You are not alone.
For a simple picture of email encryption most people think of a box in which they place their message that can be locked with a single key. Once the message is in the box and the box is locked, it can safely be handed over to someone (the mailserver) taking care of the transport to the intended recipient. This simple picture is not too bad because, in a way, that's what happens. But on the other hand this picture is fundamentally misleading to understand how email encryption really works. In other words, the reality is different.
If you follow this simple model alone, and many of us have no alternative, chances are, that you will make dangerous mistakes when you use email encryption or that you simply don't know how to use it. And that is not your fault.
Let me help you understand the basic idea behind modern email encryption to get a realistic picture of how it really works. A picture, that can lead you to do the right thing and to know why.
Why is the simple picture fundamentally misleading?
Because modern email encryption has two very different boxes used to lock a message. You probably haven't heard of the other type of box yet. But the second one plays the most important role in the whole process.
The Ordinary, Single-Key Box
Of course, there is a place for the ordinary box in email encryption that can be locked with a single key. In the real world such a box would come with a pre-fabricated key attached when you buy one in the shops. But the single-key box for email encryption works a little bit differently. You can buy a single-key box without a key and pick any key afterwards in a way you like, because a key is only a very, very large number. Once you lock the box with the key you have deliberately chosen (and nobody knows which one you took) the internal mechanism of the box changes in a way that this box (once locked) can only be opened with the same key or a copy of the same key. The experts today call this box the AES-box and the number you've selected the AES-key.
Well, the message locked in the box is ready for travel and the recipient receiving your locked box will only be able to open it, if he has a copy of the key you used to lock it.
I'm sure you see the problem that arises here. How would your partner on the other side know the key? Without the key it will be impossible to open the box.
That's a really hard problem, because you cannot attach the key to the box or send it with another courier. The key has to reach your partner in a safe way, or all security is lost.
The Invention of a Double-Key-Box
Some three and a half decades ago three clever guys invented an entirely different kind of box that revolutionized the digital world. The new box opened up new possibilities that were unthinkable before. I admit, there is no real-world example of such a box and that may be the reason why most people don't understand what they do when they use this kind of box in practice. And we all do use it when we surf the internet. Believe me, everything we do today to secure our online life is based on this new double-key-box. Paying credit to the inventors, experts call the new box the RSA-box.
How Does the Double-Key Box Work?
You can put a message into the box and lock the box with one key that you own. But once you've locked the box with this key you cannot open it with this key again, it remains locked. The only chance to get the box open again is to use a second key, which is a totally different one but which is related to the key used to lock the box. Both keys form a tightly bound pair where one key can undo the locking done by the other.
For email encryption those double-key-boxes are used to make sure that only one person is able to open the box, the recipient of your encrypted message.
But there was a problem, do you remember? You cannot send the key across the world together with the locked box.
Well, actually you can, and the message in the box will remain secure, too.
Sounds like a miracle? No, not at all, we now have double-key-boxes.
Imagine, you can make copies of your keys very easily. After all, keys are only large numbers. For email encryption to work properly, all you have to do is, make a key pair and circulate copies of one of your keys to everyone who may wish to send you an encrypted email. There is no risk in sending one key (the public key) out into the world so that everyone can get a copy. As long as the other key (the secret or private key) remains secret, all is fine. The secret key, on the other hand, has to be guarded as carefully as the crown jewels. If it falls into the wrong hands, all is lost (again).
What is really going on?
Before we can start to encrypt a message we have to get the recipient's public key. If we don't have it, we cannot do anything. I suppose you know why? To prepare our message for safe travel, we want to use a double-key-box and lock it with the recipient's public key. In doing so we make sure that the only person that would be able to open the box will be our partner, because only he has the corresponding secret key.
And what would he find inside the box after he has opened it? I bet you will be convinced that he will find our message inside. But no, actually he will find a key for a single-key-box in which we have placed our real message for travel together with the double-key-box. With this clever trick we have solved the problem of safe key transmission.
But only if we have used the correct public key to lock the double-key-box. If we happen to select the wrong public key, we are going to make a dangerous mistake. Not only will we give someone else the ability to open the box unintentionally, but we also prevent the intended recipient from reading our message. We are doing the complete opposite of what we intend to do, and we do not recognize that we've done something terribly wrong.
I hope, understanding the crucial part of the double-key-box will help you to avoid such terrible mistakes when you use email encryption in future. Now that you've come to terms with the basics of email encryption you will be immune to making silly mistakes, so go ahead and use email encryption.
posted on December 19th 2011