Sending and Receiving E-mail Securely | Windows Vista: The Complete Reference (Complete Reference Series)

E-mail programs offer two kinds of security: signatures and encryption. Both depend on certificates that serve as electronic identity keys. The security system that Microsoft provides with Windows Mail, S/M/ME, uses certificates issued by third parties, such as VeriSign and Thawte. Another popular security system, Pretty Good Privacy , better known as PGP (http://www.pgp.com), lets each user generate his or her own encryption keys. Both are forms of public-key cryptography.

Each certificate consists of a public key (or digital ID) , a private key , and a digital signature. You keep your private key and digital signature secret, while you provide your public key to anyone with whom you exchange secure mail, either directly or via a generally available key server.

Signatures allow you to add to your mail a signature block , generated with your private key, that verifies the author is indeed you, and that the message was not modified in transit. Anyone who wants to validate your signature can check it by using your public key. The signature is added as an extra block at the end of the message, without modifying the other contents, so that the recipient can read your message, whether he or she validates your signature or not.

Encryption scrambles a message so that only the recipient can decode it. A message encrypted with someone's public key can be decrypted only with that person's private key. You encrypt a message with the recipient's public key, and the recipient uses his or her private key to decode it. Anyone else looking at the message would see only unreadable gibberish. It's possible both to digitally sign and encrypt the same message, so that only the designated recipient can decode the message and the designated recipient can then verify that the message is really from you.

Mail security depends on a key ring of keys. On your key ring, you need your own private key and digital signature and the public key of everyone with whom you plan to exchange secure mail. Windows Mail security keeps your private key and digital signature as one of the properties of your Mail account and keeps other people's public keys in the Address Book.

Windows Mail and Microsoft Outlook 2007 provide a certificate-based system (called S/MIME) for signing and encrypting mail. Signed mail uses your own certificate to prove to the recipient that the author of the message is you and that the message arrived without tampering (these are the same type of certificates described in the preceding sections for authenticating material you download from the Web). Encrypted mail uses the recipient's certificate to protect the message's contents so that only the intended recipient can read the messages. A single message can be both signed and encrypted.

Note	For more information about encryption and signatures, see RSA Security's web site at http://www.rsasecurity.com and the PGP Corporation's Pretty Good Privacy web site at http://www.pgp.com. These sites describe how to use encryption with various e-mail programs.

Getting a Certificate

The only source of certificates is a certificate authority, and for a certificate to be useful, the authority has to be one that is widely accepted. The best known certificate authority is VeriSign, at http://www.verisign.com, which also owns Thawte, at http://www.thawte.com. VeriSign provides a variety of certificates at various prices, usually including a free two-month trial of a personal certificate suitable for signing e-mail. The certificate authority's web site walks you through the process of getting a certificate. Details vary, but, generally, the steps include the following:

You enter basic information, including your e-mail address, into a form on the authority's web site.
Your browser automatically downloads your private key, part of the security information from the authority.
The authority e- mails a confirmation code to the address you give. This ensures that the address you provide is really yours.
You run Windows Mail and receive the message. It contains the URL of a page that will finish the registration and a unique code to identify yourself when you get there. Use the Windows cut-and-paste tool to copy the code from your mail program to the browser window, rather than trying to retype it.
The authority generates the public key that matches your private key and downloads it as well.

Note	This process of obtaining a certificate only verifies your e-mail address, not any other aspect of your identity. VeriSign offers more secure certificates with more careful identity checks, but the vast majority of certificates in use are the simplest kind.

Sending Signed Mail

Once you have a certificate, sending signed mail is simple. While you're composing a message in Windows Mail, click the Encrypt Message button to tell Windows Mail to sign the message as it's sent.

Sending Encrypted Mail

Sending encrypted mail is only slightly harder than sending signed mail. The difference is that before you can send signed mail to someone, you have to have that recipient's digital ID (public key) in your Windows Address Book (see "Storing Addresses in the Address Book" in Chapter 23). Once you have the digital ID, create the message as usual in Windows Mail and click the Encrypt Message button (the envelope with the little blue lock) before sending the message. The encrypted mail icon looks like this:

There are three common ways to obtain someone's digital ID: from a signed message he or she sent, from an online directory, or from a file obtained elsewhere, such as a web-based lookup system.

Getting a Digital ID from Incoming Mail

Any time someone sends you a digitally signed message, you can get that person's digital ID from the message and add it to your Address Book. (Note that the digital ID is the equivalent of the sender's public key; the corresponding private key is not disclosed.) Open the message, select File Properties, and click the Security tab; you see the View Certificates tab. Assuming that the signature is valid, click Add To Address Book. The Address Book opens, creating a new entry for your correspondent (if one does not already exist). Click the Digital IDs tab and observe that a digital ID is listed; then click OK to update the Address Book.

Getting a Digital ID from a File

Digital IDs can be stored in certificate files, usually with the extension .cer (see "Securing Your Web Communication with Encryption and Certificates" earlier in this chapter). Someone can mail you a third party's ID as a file, or you might download the file from a web-based search system.

To add the digital ID to your Address Book, open the Address Book and create an entry for the person, including his or her e-mail address. (The e-mail address has to match the one to which the certificate is assigned.) Then click the Address Book's Digital IDs tab. Click the Import button and select the file containing the ID. The Address Book reads the digital ID and adds it to the Address Book entry.

If you want to store someone's digital ID in a file to transfer it to another computer or send it to a third person, open the Address Book entry for that person, click the Digital IDs tab, click Export, and specify the file to create.

Caution

Don't try to export your own digital ID this way; bugs in Windows keep it from working. Remember, you can send anyone your digital ID by sending a signed e-mail message.

Receiving Encrypted or Signed Mail

Windows Mail and Microsoft Outlook 2007 automatically handle incoming encrypted or signed mail. Signed messages have a little orange seal at the right end of the Security line of the message headers; encrypted messages have a little blue lock. When you open the message, Windows Mail automatically validates the signature or decrypts the message. The first time it does so, it displays a special window in place of the actual message, telling you what it did. Scroll down and click Continue to see the actual message. If you'd rather not see the special window in the future, a check box above the Continue button lets you opt to avoid the window in the future.