 
 
 
 
Basic secure E-mail procedures
The procedure for securing E-mail is more or less the same in all
known secure E-mail systems.
  -  For privacy, one encrypts the mail with a known algorithm, most
       commonly a symmetric algorithm (both encryption and decryption
       use the same key) and a
       secret key. This may be generated for the occasion (session
       key), or may be one that both parties have agreed to use for
       encryption.
  
-  For integrity, one calculates a checksum over the bytes of the
       message.
  
-  For signatures, one then encrypts the checksum, and
       possibly other data, using the senders's private key and an
       asymmetric cryptoalgorithm, to form a signature.
 
-  The session key, if present, is encrypted using the
       recipient's public key.
 
-  All pieces are then put together in an envelope and passed to
       the recipient.
The reason for using two cryptoalgorithms is mostly the fact that the
asymmetric cryptoalgorithms in use today are so slow that it would
take too long to use them on the entire message, and the unique
properties of an asymmetric cryptoalgorithm are not needed for the
simple encryption of data.
When the mail arrives at the recipient (who must have the shared key
or the sender's public key), the following steps are performed:
  -  If the message is encrypted with a session key, the recipient
       decrypts the session key using his own private key.
  
-  If the message is signed, the recipient decrypts the signature
       using the sender's public key.
  
-  The recipient can now decrypt the message and verify the
       signature, and can have some faith in the
       confidentiality and integrity of the message based on his trust
       in the
       confidentiality and integrity of his own and the sender's
       private keys.
Harald.T.Alvestrand@uninett.no
Last modified: Fri Nov  3 10:40:37 1995