Email Encryption, OpenPGP or S/MIME?!

Email has been with us for a long time. It is one of the old technologies that existed before internet become centralized like they are now. It is used extensively in our lives, sometimes without us realizing it. To register to (almost) any online platform, you need an email address. Therefore, who has access to your email, can know all of your online activities! 😱

The Early Web Era

Back then internet was a place where everything was open. Perhaps too literally, where HTTPS or any encryption wasn't commonly used. I remembered reading some comments online, that if email is being developed now, it won't have an open standard and will become a closed system with vendor lock-in. I think this fact has been proved with different technologies that existed now, for example social media. If I post something in Facebook, Twitter users cannot see it in their platform. Sure, you can send links to your friends or post screenshots, but the platform itself is locked.

Nowadays, emails are being used in everything. Email needs to evolve to follow modern security requirements. Standards like SPF, DKIM, and DMARC. However, these standards are there to mostly secure server to server connections (technically for the domains, but you got my points), not within or from the provider itself.

Who do you trust?

If you want to buy stuff from Amazon, if you want to chat in Discord, if you want to play with friends in Steam, you need to register with email! Since you need emails for everything, it also works in the other way. Whoever has control over your emails, can see your digital live or worse, take over it (forgot password in most places only need email verification).

I hope I convinced you how important emails are. In this modern times, emails are usually encrypted in-flight (via TLS), but not end-to-end encrypted. This means that your emails are safe from third-party like your ISP. However, if the email provider is breached (rouge employee or externally from hackers or government's subpoena), your emails can still be accessed. So now the question is, do you trust email provider..? They can read your emails. Some provider do provide at-rest encryption, like the privacy-oriented Proton Mail, but even then, they can still allegedly read your emails [src]. Also, obviously as a company, they still need to follow government requests.

So, what do we need to to have a truly secure email? On the extreme side, we can selfhost it. However, most home internet provider blocks email port, so you need a VPS to host it. There are still some obvious problems though:

• Not everyone is comfortable enough selfhosting stuff
• We only change our trust model, instead of trusting email provider, we must now trust the VPS provider

For most people, selfhosting email is overkill. So what can we do if our goal is to retain some privacy, but still have high usability? Just like in chat platform, one good solution is end-to-end encryption. End-to-end encryption ensure that the emails can only be opened by its intended recipients, not even the email provider can read the content of the emails (even though they can still see some metadata).

Signing vs Encryption

Before we talk about encryption, let's talk about signing first. There are two ways to cryptographically verify the author of an email (or any data actually), by signing or encrypting the data. In this scenario, we assume that the author holds their private key and nobody else can access them.

When we talk about encryption in emails, we talk about asymmetric encryption. In asymmetric encryption there is two keys, one key is called private key and the other one is called public key. When some data is encrypted using a private key, it can only be opened by its public key. No other key can open the encrypted data. This implicitly prove who the author is. If we can open some data with a public key of an author, that author must have written it, since only the author have its private key.

Signing means that the message itself is unencrypted, but we add cryptographic proves that the author really writes them. If the message is tampered, then the cryptographic prove is invalid. This way, the message must be written by the author, if the cryptographic prove is valid. A very short technical explanation to signing is basically encrypted checksum. We generate a checksum (like SHA) of our message, then encrypt them. The recipient then decrypt it (which must be valid to decrypt) and compare the checksum from the author and their own checksum. If both checksums are identical, then the author is confirmed.

Encryption Technologies

Now that we know understand the difference between encryption and signing, let's explore two technologies that we can use for encryption.

OpenPGP

OpenPGP is an open standard (😉), where any users can create their own key and share them. The easiest way to use it, is by using Thunderbird client. You can generate a key and upload your public key to PGP keyserver, such as https://keys.openpgp.org/, for free!

One huge downside is that many email providers doesn't offer support for OpenPGP. Big names like Gmail, Yahoo Mail or Outlook cannot use OpenPGP (at least natively). If you write an email with OpenPGP signing to users with those providers, then the cryptographic prove will show as an attachment. With signing, they can still read your emails, but cannot confirm its authenticity. However, they cannot read or send OpenPGP-encrypted mails.

Some providers do support OpenPGP, like Proton Mail or any providers that support IMAP/SMTP protocols. "Wait, but Gmail support IMAP/SMTP, so they do support OpenPGP, right?" Technically yes, but you need use external client for it (like Thunderbird).

S/MIME

S/MIME is based on certificates, like the one we use for HTTPS connections. It also uses asymmetric encryption, so it has public and private key, although they are commonly referred to as certificate (public) and its key (private). It works by trusting third-party entities (called certificate authority or CA). All of our devices (like laptops, phones, IoT, everything!) that connect to the internet have these CAs saved locally. The companies that own these CAs can issue a certificate for us, but this usually costs some money. Big upside to S/MIME is that almost every providers supports them, this includes all big names like Gmail, Yahoo and Outlook.

Encryption is two way street

OpenPGP is free, but has limited support, meanwhile S/MIME has great support, but not free. The problem with end-to-end encryption is that both parties need to support the same encryption technologies! If someone sends an email with OpenPGP, I need an OpenPGP-compatible client to check the signing or decrypt it. Same with S/MIME, if I want to send an encrypted email to someone, I need their public certificate, which means that they need to support and use S/MIME too.

Currently, I would suggest to use S/MIME signing (not encryption) for daily use, be it for personal or professional emails. If you know that the other party also uses S/MIME (e.g. when you receive email from them), only then you should enable S/MIME encryption. There is no harm to use OpenPGP, but I would only use it, if I know the other party also uses it.

Even when your recipients don't use any encryption, you can still get benefits from your OpenPGP or S/MIME. For example, Thunderbird do offer draft email encryption, so that your drafts stay private.

Conclusion

There is no easy way to do end-to-end encryption with emails. OpenPGP is less supported, while S/MIME is paid and issued by big tech company. If you want to improve your privacy, the first thing you should do is to migrate from the big corpos to a smaller (perhaps privacy-oriented) email providers. The next step is probably to generate your own OpenPGP key, but use them when you know the other party supports it! If you can spend money, then buy an S/MIME certificate and always turn on emails signing. Use encryption, only if the other party is also using S/MIME.