Cyber Security: Cryptography in action Transport-level encryptionTransport-level encryption encrypts the text of the message between your device and the server that receives the data. One of the most common is StartTLS. StartTLS is a protocol command used to inform the email server that the email client wants to upgrade from an insecure connection to a secure one using TLS or SSL. StartTLS is used with SMTP and IMAP, while POP3 uses the slightly different command for encryption, STLS. However, your messages may not be encrypted while sitting on a mail server. End-to-endEnd-to-end encryption ensures that the message remains fully encrypted all the way from the sender to the recipient. Many websites, such as those for internet banking and online shopping, routinely use encryption to ensure that the data sent to and from your computer is safe from eavesdroppers. However, configuring the same technologies to protect activities such as email communication can be quite difficult because the tools involved are complicated to install and configure. Most end-to-end encryption tools depend on a collection of cryptographic techniques, commonly called 'Pretty Good Privacy', PGP for short. PGP includes algorithms for symmetric and asymmetric cryptography. In order to help software vendors develop systems that can easily exchange encrypted information, a standard called OpenPGP was developed and agreed on by the Internet Engineering Task Force (IETF). It can be a problem for organisations and individuals to set up the software for encrypted emails on all the devices that they use. End-to-end encryption can be provided as a service. FREE (at the time of writing) tools available for encrypting emails
Secure email servicesA secure email service like Proton Mail or Tutanota can hide the metadata that links the sender to the recipient of the message. In its most secure usage pattern, a user logs in to Proton Mail and leaves an email message for another Proton Mail user to log in and collect. The metadata about the users is never revealed and the message is also securely encrypted from end to end. When the Proton Mail user sends an email to an external email address the metadata of the sender remains secure. Proton Mail sends an invitation to the recipient to view the encrypted message on the server. The mail service of the recipient may record that a message was sent by the Proton Mail server. If the user of Proton Mail uses the free service to send encrypted email to an outside email address they will have to send a key to the encryption to the recipient by some other means for the recipient to log in, such as a text message or phone call. This may reveal a link between sender and recipient. A paid for service with Proton Mail allows use of PGP, so that a message can be sent to an external address using the recipients public key. No link need be created between the sender and recipient. However, the subject line isn't encrypted. |
|