Updated March 31, 2023
Introduction to Email security protocols
Email i.e. electronic mail is perhaps the most widely used application on the internet. Using email, the Internet user can send messages or data kike pictures, video, sound, files to the other internet user. Consequently, the security of email messages has become an extremely important issue. email security is the process that protects an email account and its contents from hackers i.e. unauthorized users. There are some email security protocols which has been used to secure the user’s account and its data from hackers.
Protocols of Email Security
There are three main email security protocols namely PEM, PGP, and MIME. Let’s discuss these protocols one by one.
PEM stands for Privacy-Enhanced Mail, which is an email security protocol adopted by IAB(Internet Architecture Board) to provide secure email communication over the internet. PEM was initially developed by IRTF (Internet Research Task Force) and PSRG (Privacy Security Research Group). Then they handed over this PEM protocol to the IETF(Internet Engineering Task Force) PEM working group. Privacy enhanced mail is described in four specification documents- RFC 1421, RFC 1422, RFC 1423, and RFC 1424. It supports cryptographic functions such as encryption, non-repudiation, and message integrity.
Working of PEM
Privacy enhanced mail starts with canonical conversation which is followed by digital signature then by encryption and finally Base-64 encoding.
Step 1: Canonical conversation
There is a distinct possibility that the email message of the sender and receiver use computers which has a different operating system and different architecture, so these computers may show the same concept in two different manners. For example, the message digest of email message calculates on a computer that runs MS-DOS can differ from one that runs on a computer with Unix operating system, as input used for creating message digest is not the same in both the cases. PEM transforms each email message into abstract, canonical representation. That is regardless of operating system and its architecture of the sending and receiving computer, email message always travels in uniform and independent format.
Step 2: Digital Signature
In this step, the message digest of an email message is created using an algorithm like MD2, MD5. Once the message digest is created, it is encrypted with the private key of the sender to create the digital signature for the sender.
Step 3: Encryption
In this step, the original email message and digital signature are encrypted together using a symmetric key.
Step 4: Base-64 encoding
Base-64 encoding process transforms the arbitrary binary input into printable character output.
PGP stands for Pretty Good Privacy, which is an email security protocol, developed by Phil Zimmerman. Benefits of pretty Good Privacy are it supports basic cryptographic requirements, simple to use, and completely free, including its source code and documentation. However, for those organization that requires support, a low-cost PGP commercial version is available from an organization called via crypt. PGP protocol has become extremely popular and most widely used as compared to PEM protocol. Pretty Good Privacy support cryptographic functions like encryption, non-repudiation, and message integrity.
Working of PGP
Pretty Good Privacy works as follows
Step 1: Digital Signature
In this process message diest of an email, the message is created using the SHA-1 algorithm. then this message digest is encrypted with the private key of the sender to create the digital signature.
Step 2: Compression
In this step, to reduce the size of a message that will be transmitted, both the input message and digital signature are compressed together.
Step 3: Encryption
In this step, the compressed output of step 2 is encrypted with a symmetric key.
Step 4: Digital Enveloping
In this step, the key used in step 3 is encrypted with the public key of the receiver. The output of step 3 and step 4 together form a digital envelope
Step 5: Base-64 encoding
In this step, the output if step 4 is encoded.
MIME stands for Multipurpose Internet Mail Extension is an email security protocol that extends the basic email system by permitting users to send binary files using a basic email system.
The functionality provided by MIME are as follows
- Enveloped data: It consists of encrypted content of any type and the encryption key which is encrypted with the public key of the receiver
- Signed data: It consists of a message digest which is an encrypted private key of the sender. Both content and digital signature are Base-64 encoded.
- Clear-signed data: It is similar to signed data, the only difference is here only digital signature is Base-64 encoded
- Signed and enveloped-data: Signed only and enveloped only entities. can be combined, so that enveloped-data can be signed or signed data can be enveloped.
- MIME version: It contains the MIMR version number, the current value is 1
- content-type: It describes the data contained in the body of the message. Details provided are sufficient so that the email system can deal with received email message in an appropriate manner
- content transfer encoding: It specifies the type of transformation that has been used to represent the body of the message.
- Content ID: It identifies the MIME entities uniquely about multiple contexts
Content description: It is used when the body is not in readable format e.g. image, video.
This is a guide to Email Security. Here we discuss the various Email security protocols which helps to encrypt a communication channel between computers over the Internet. You may also have a look at the following articles to learn more –