Encryption

Ever since email became the primary electronic communication medium for personal and business purposes, a legitimate concern over privacy and authentication has arisen. In general terms, the email format is transmitted in clear text, similar to a postcard which anyone could read. Moreover, as assimilating false identities is an easy process, it is important for the recipient to be able to tell if the sender is who they claim to be.

Solutions to these issues are typically accomplished with email encryption and digital certificates, where an email message is electronically signed and cryptographically encoded. This assures that the message recipient exclusively can open and view the contents of the email (privacy), verifying the identity of the sender (authentication). In other words, this process negates the idea of being sent an "e-postcard", and introduces a process much like registered or certified mail.

Modern cryptography has two methods to encrypt email: symmetric and asymmetric. Both have become standard methods and are utilized in several types of applications. Symmetric key cryptography refers to encryption methods in which both, the sender and receiver, share the same key.

On the other hand, asymmetric key cryptography (also known as public key cryptography) is a form of cryptography in which each user has a pair of cryptographic keys; a public key, which encrypts data, and a corresponding private or secret key for decryption. Whereas the public key is freely published, the private key will be securely kept by the user.

One drawback with symmetric encryption is that for a sender and recipient to communicate securely, they must agree upon a key and keep it secret between themselves. If they are in different physical locations, they must prevent the disclosure of the secret key during transmission. Therefore, the persistent problem with symmetric encryption is key distribution: how do I get the key to the recipient without someone intercepting it? Public key cryptography was invented to exactly address this problem. With public key cryptography, users can securely communicate over an insecure channel without having to agree upon a shared key beforehand.

The need for email encryption has produced a variety of public key cryptography standards, most notably S/MIMEClosed and OpenPGPClosed, both of which are supported by Sophos UTM. S/MIME (Secure Multipurpose Internet Mail Extensions) is a standard for asymmetric encryption and the signing of emails encapsulated in MIME. It is typically used within a public key infrastructure (PKI) and is based on a hierarchical structure of digital certificates, requiring a trusted instance as Certificate Authority (CA). The CA issues a digital certificate by binding an identity to a pair of electronic keys; this can be seen as a digital counterpart to a traditional identity document such as a passport. Technically speaking, the CA issues a certificate binding a public key to a particular Distinguished Name in the X.500 standard, or to an Alternative Name such as an email address.

A digital certificate makes it possible to verify someone's claim that they have the right to use a given key. The idea is that if someone trusts a CA and can verify that a public key is signed by this CA, then one can also be assured that the public key in question really does belong to the purported owner.

OpenPGP (Pretty Good Privacy), on the other hand, uses asymmetric encryption typically employed in a web of trust (WOT). This means that public keys are digitally signed by other users who, by that act, endorse the association of that public key with the person.

Note – Although both standards offer similar services, S/MIME and OpenPGP have very different formats. This means that users of one protocol cannot communicate with the users of the other. Furthermore, authentication certificates also cannot be shared.

The entire email encryption is transparent to users, that is, no additional encryption software is required on the client side. Generally speaking, encryption requires having the destination party's certificate or public key on store. For incoming and outgoing messages, email encryption functions as follows:

Note – Adding a footer to messages already signed or encrypted by an email client (e.g., Microsoft's Outlook or Mozilla's Thunderbird) will break their signature and render them invalid. If you want to create digital signatures on the client side, disable the antivirus check footer option. However, if you do not wish to forgo the privacy and authentication of your email communication and still want to apply a general antivirus check footer, consider using the built-in email encryption feature of Sophos UTM. Email encryption done on the gateway means that the footer is added to the message prior to creating the digital signature, thus leaving the signature intact.