Secure email takes one of two forms, each designed for a specific purpose:
Designed to provide email recipients with proof that a message was, in fact, written by you and that the message was unaltered since you sent it
Helps protect the contents of a message, ensuring that only the recipient can successfully read it
Digital signatures recognize that not all email is private and that the means to transmit email are highly susceptible to tampering. Skilled attackers can intercept email in transit, modify it, and send it to the original recipient. In this way, attackers can falsify information, give conflicting instructions, and generally disrupt business. Digital signatures place a relatively small additional load on an email, because they encrypt only a small portion of the email: the signature itself.
|
Encryption is designed to protect a message by rendering it useless to anyone but the recipient. Encrypted messages require more processing power than unencrypted messages, but provide the assurance that the message will arrive unaltered (it becomes indecipherable if altered) and uncompromised. Encryption can be combined with digital signatures to provide both privacy and proof of the sender's identity.
Encrypting and digitally signing email are two separate security processes. However, they can be used together on the same email message to provide both authentication and confidentiality of the information. Although encryption often implies authenticity, the additional signature is not a large added burden. In fact, these operations can be done with separate keys to provide two-factor proof of the message's security.