Email Encryption

One of the most important security components in TFS Secure Messaging is the ability to encrypt email messages coming into and going out of the organization. The capabilities of both OpenPGP and S/MIME can be used with the Secure Messaging Server. Since the handling of the encryption keys is performed at the server level, the end-users do not have to remember when to encrypt, where the keys are located or master any encryption software. This of course saves time and allows the administrator to get a good general view of the organization’s encryption key policies.

Secure Messaging supports both OpenPGP and S/MIME, by far the most trusted and most popular encryption algorithms available. The Server is not only compatible with both OpenPGP and S/MIME, it can handle a transaction between the two encryption types.

OpenPGP

OpenPGP encryption converts information into something unintelligible and then reconverts it back into an intelligible form by using two keys, one public and one private. The private key is kept private and stored on the Server. The other key as the name implies, is made public. The public key is used to encrypt a message and the corresponding private key is the only one that can decrypt that message.

OpenPGP relies on users to exchange keys and establish trust in each other. This process is called a Web of Trust. This web involves people (or companies) trusting other people (or companies) directly, without a third party.

S/MIME

S/MIME uses a similar approach as OpenPGP, except that S/MIME generates keys through a Certificate Authority (CA). CAs create private/public key pairs along with X.509 digital certificates. The X.509 format is used due to its wide acceptance as the standard for digital certificates. The Server supports keys generated as a result of getting an X.509 certificate.

S/MIME utilizes hierarchies in which the roles of the user and the certifier are formalized as opposed to the trust relationship involved in OpenPGP. A third-party (the Certificate Authority) establishes the trust that is assigned to public keys.

Encryption Process

After writing a message, and including possible attachments, the following happens in the originator's Secure Messaging Server (if used) :

1.	Your private key is used to sign the message. This process results in a digital signature and is later used to verify the sender and the content of the message.
2.	For each intended recipient, the message, attachments and the digital signature can be sealed (encrypted) with the recipient’s public key. This ensures that only the recipient can read the message.

Before the recipient can read the message, the following happens in the recipient’s Secure Messaging Server (if used):

1.	Using the recipient’s private key, the message can be decrypted. (If the process would be stopped here, the recipient would be able to read the message.)
2.	Using the originator's public key, the digital signature is verified, thereby proving that both the sender and content are authentic and completely untampered.