Today, there are many ways to send “encrypted” email messages over the internet. Not all these methods are equally secure. Some methods actually leave emails vulnerable to attack. This vulnerability is a result of either weak encryption standards or leaving the message unencrypted at points along its journey.
This blog will look at the methods for email encryption as well as how to build strong email encryption protocols for the enterprise.
How does email encryption work?
When email was first created, there were limited encryption standards in places to secure email messages. Messages were transmitted in plain text. However, over the years as criminals showed how easily this standard enabled the theft of information, technologist implemented security protocols to ensure messages were protected as they went from the sender to the receiver.
Today, the main protocols for email encryption are:
- encrypting an email in transit (TLS)
- end-to-end encryption.
Both standards are used widely and work in very different ways that will be explained below
TLS encryption email
Today, most email platforms use TLS (Transport Layer Security) to secure email messages in transit. This standard ensures that the message is secure traveling from an individual’s computer to the server. If the recipient’s email platform also uses TLS then the message will be encrypted between the server and the recipient’s email server.
TLS has vastly improved security for email because it protects messages in transit against opportunistic “man-in-the-middle” (MITM) attacks. MITM attacks try to read a message while the text is in transit from the sender to the recipient. MITM were very common before strong TLS protocols came out in the mid 2000s.
Today, TLS is the default standard used by providers such as Google and Microsoft for sending email.
Challenges of TLS
While TLS does provide encryption for the data in transit, it does not secure the data itself. Only the transmission channel is encrypted. So, if an attacker could get through the encryption on the channel then the data would appear in plain text.
The other major challenge of TLS is that it only provides security for your email messages as they travel from your computer to the server. You have no assurance that the message will travel encrypted from the server to your recipient. For data that needs to be secure or has sensitive information, TLS does not provide a strong assurance for security.
End-to-end email encryption
Also known as public key encryption, end-to-end encryption ensures that the messages are encrypted on the sender’s device and only ever decrypted on the recipient’s device. Servers in between can never read the message.
In end-to-end encrypted email, encryption is enabled by using public and private keys. The sender encrypts a message by using the recipient’s public key. The recipient
decrypts the message by using a private key that is stored on their device.
End-to-end encryption is important because it prevents any third party from reading messages at any point along the message’s path to the intended recipient. Since platforms like Google and Microsoft have access to a message’s content on their servers, they can read user messages stored there. If Google and Microsoft servers used end-to-end encryption, this is not possible.
In the past, Google has used its ability to read user messages to determine which ads to serve up to an account holder. In 2018, the Wall Street Journal reported that Google provided user data to third party app companies and that ‘app developers generally are free to share the data’
Microsoft O365’s platform does not read user emails in order sell ads. However, the company’s ability to read user emails means that they can and have given personal information to government entities. In fact in April 2016, Microsoft filed a suit against the U.S. government because they were required to hand over customers’ email and not inform the customers it had done so.
PGP email encryption
PGP is an end-to-end encryption standard used to send messages. In PGP, public key infrastructure is used for securing and decrypting messages.
Problems with PGP encrypted email
While end-to-end encryption is the most secure method for securing email messages, PGP makes the standard very difficult to use. In particular, PGP makes management of public keys extremely challenging for the end users. End users are responsible for distributing their own public keys to the people they want to talk to.
Additionally, if the user loses their device then they have to go through the process of exchanging their public key with all their correspondences all over again. Moreover, any email that was secured with their original keys cannot be decrypted. The loss of the user’s device means their private key is also lost.
Another problem with the PGP is the recently found security vulnerabilities. This vulnerability was discovered in the EFail attacks in mid-2018. In the EFail attacks, an attacker was able to inject code into the message that was then executed by the recipient when the email is read.
This attack was possible because the OpenPGP standards don’t require the recipient’s email to check that messages have not been tampered. In platforms like PreVeil, the software uses signatures to ensure the integrity of the message. OpenPGP does not use signatures which means someone can impersonate a user’s public key.
s/MIME email encryption
The Secure/Multipurpose Internet Mail Extensions, (referred to as s/MIME) is another platform that relies on end-to-end encryption. Unlike PGP, s/MIME uses digital email certificates provided by a certificate authority (CA) for encryption. S/MIME also uses digital signing to sign emails in order to ensure the messages are who they say they are from.
Problems with s/MIME encrypted email
One of the main challenges of s/MIME is that it is not available for web-based email clients like Gmail and cannot be accessed through a web portal. Another significant challenge is that in order to ensure that private keys can be recreated if devices are lost or stolen, s/MIME allows copies of private keys to be saved on the server. This means that if a server is attacked, criminals can get copies of users private keys which can be used to access their encrypted email.
An additional challenge is that s/MIME has proved very challenging for users in an enterprise setting, Admins inevitably spend a lot of time trying to manage multiple certificates for employees. As a result, s/MIME is not frequently used in an enterprise setting.
End-to-end email encryption for the enterprise
While PGP and s/MIME are extremely challenging platforms for email encryption, end-to-end encryption can and should still be regarded as the best way for securing email.
To ensure encrypted email uses end-to-end encryption and doesn’t face the vulnerabilities and hassles of PGP and s/MIME, the enterprise needs to have a platform that is both easy-to use and ensures that messages are always who the user says they are from. These goals can be achieved by:
- Ensuring all key creation and management takes place behind the scenes. Admins should not have to manage and support this process.
- Ensure security of messages by creating digital signatures. This makes sure that messages are definitively who the header says they are from.
- Enable email to integrate seamlessly with popular platforms like Gmail and Outlook. That way, users don’t have to switch platforms to send secure emails.
- Mobile integrations for encrypted email platforms. So much of the enterprise’s exchanges occur on mobile that without a mobile solution the encrypted email platform will become burdensome.
- Admin never have access to user’s private keys. This ensures the admin won’t be a central point of attack and that if attackers who go after the data they will only get gibberish.
By following these precepts, the enterprise will ensure their employees are using the best method for sending and receiving email.
If I use end-to-end encrypted email, can I still be hacked?
Email attacks are rampant through schemes such as phishing and spoofing. Using these techniques, attackers try to get users to click on malicious links or respond to emails where the sender’s identity has been impersonated. If there is weak email encryption, then the ability of attackers to access users’ messages is greatly enhanced.
However, if an email encryption platform uses end-to-end encryption then these issues are eliminated. First of all, by using end-to-end encryption, an enterprise ensures that even if emails are attacked, the attackers will get gibberish. This is ensured because attackers will never have access to the user’s private keys. PreVeil, for example, ensures private keys are only stored on the user’s device.
Second of all, end-to-end encrypted email protects the user and enterprise because admins never hold a copy of the private keys. In TLS-based encrypted email platforms, the admin has copies of the user’s key. As a result, if an attacker were to go after the admin, the attacker would have access to the private decryption keys of all users. In an end-to-end encrypted email platform, this cannot happen.
The most secure encrypted email
While email encryption might seem like a daunting task, an easy to use end-to-end encrypted email solution does exist. Encrypted email does not have to be something your organization tries to solve on its own. Instead, choose a provider that offers the gold standard for email encryption while eliminating friction for the user and enterprise.
Schedule a demo with PreVeil today to bring easy-to-use encrypted email to your enterprise.