Secure E-mail Alternatives

Previous page
Table of content
Next page

As noted at the beginning of the chapter, a number of different e-mail techniques exist for the purpose of purpose of securing e-mail messages. Most of the popular methods rely on public key cryptography, which has proven to be a very secure and effective method when used correctly. Unfortunately, public key systems also suffer from two fundamental problems. First, a user needs to have at least a basic understanding of the purpose of certificates and public/private keys, as well as why encryption and digital signatures are important. Second, the same user needs to figure out how to get the whole system up and running correctly, including the processes by which certificates are obtained, installed, and ultimately used. In a nutshell, using public key cryptography to secure e-mail communications is a great idea, but understanding its underlying theories and processes is often too much to ask of inexperienced users.

With the complexity of traditional public key systems in mind, a number of different e-mail security products and services have been developed as alternatives. Some of the more popular methods include the following:

  • Pretty Good Privacy (PGP), a public key system that functions in a manner similar to S/MIME, but relies on user-created certificates and key pairs rather than those created by a CA. PGP is a very popular secure e-mail alternative that uses a web-of-trust model to verify user identities - in effect, users sign each other's keys as a way to promote and generate trust in the system. The ideas behind PGP have spawned work on a proposed Internet standard known as OpenPGP. Unfortunately, while both S/MIME-and PGP-based public key systems offer fundamentally similar levels of e-mail security, the two methods are not interoperable. For more information on PGP, visit http://www.pgp.com. For details on OpenPGP, visit http://www.openpgp.org.

  • Secure e-mail services, a broad group of e-mail providers that offer secure messaging services. Some secure e-mail providers offer a webmail-style product, while others protect messages using different security plug-ins for e-mail clients like Outlook and Windows Mail. The encryption and authentication techniques used by these providers vary widely, ranging from certificate-based systems to password-based encryption and signing. Some of the more popular secure e-mail service providers include Hushmail (http://www.hushmail.com), S-Mail (http://www.s-mail.com), and Stealth Message (http://www.stealthmessage.com).

  • Secure e-mail programs, another broad group of dedicated security programs designed to help users easily secure their e-mail messages. An example of one such program is Steganos E-mail Encryption, part of the Steganos Security Suite. This tool creates encrypted e-mail messages that can be added to normal e-mail messages as a password-protected ZIP or CAB file. In this case, the recipient must know the password used to decrypt the message and read its contents. To learn more about Steganos Security Suite, visit http://www.steganos.com.


Previous page
Table of content
Next page
PC Magazine Windows Vista Security Solutions
PC Magazine Windows Vista Security Solutions
ISBN: 0470046562
EAN: 2147483647
Year: 2004
Pages: 135
Authors: Dan DiNicolo
BUY ON AMAZON
Beginning Cryptography with Java
Documenting Software Architectures: Views and Beyond
Microsoft Windows Server 2003(c) TCP/IP Protocols and Services (c) Technical Reference
Mastering Delphi 7
802.11 Wireless Networks: The Definitive Guide, Second Edition
Visual Studio Tools for Office(c) Using C# with Excel, Word, Outlook, and InfoPath
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy