Private testing started!

Blog What is email encryption

If you value the confidentiality of your personal or professional data, start securing your emails with end-to-end encryption today. Liverado provides the most advanced solutions for individuals and enterprises.

A merged image of lock and email

Have you ever wondered why email services such as Gmail, Yahoo Mail and Outlook are free? In 2014, CNN unveiled that Gmail and other email services aren't free. For example, Gmail is constantly scanning your emails. Google can create a comprehensive profile of each user based on information from products such as search, maps, email and its social network Google+.

Behnam Dayanim (a partner at law firm Paul Hastings LLP in Washington) said:

Nothing in life is free, so people have to understand what value they bring to any type of free service.

People who use free email services to send and receive messages share details about their interests, relationships, and finances. This information may seem mundane on the surface, but when extracted and organised, it can be extremely precious to marketers and advertisers.

In fact, they are paying for the free email service with their data, online privacy and security.

Email encryption definition

Due to the original design of the email protocol, communication between email servers is in plain text, which poses a huge security risk. Over the years, various mechanisms have been proposed to encrypt communications between email servers.

Email encryption involves encoding or encrypting email messages to protect sensitive content from being read by unauthorised parties other than the intended recipient.

Encryption may occur at the transport level (also known as "hop-by-hop") or end-to-end. Transport-layer security (TLS) is generally easier to set up and use. End-to-end encryption provides a stronger defence but can be more difficult to set up and use. Recent technological advances have made end-to-end encryption easier to use and access.

Why using end-to-end email encryption is essential?

Email can easily leak your sensitive information. Typically, emails are encrypted during transmission but stored as the original text. By default, popular email providers do not enable end-to-end encryption. Third parties such as email providers and advertisers can easily access your email content.

Not only those who send sensitive information (such as social security numbers, login credentials, or bank account numbers) should encrypt their emails, but end-to-end encryption email service is also essential to everyone. Nearly everyone can read your email with specific tools except the intended recipient. Hackers who have unauthorised access to email accounts can access attachments and content and even hijack your entire email account.

Email is a vulnerable medium, especially when sending emails over insecure or public Wi-Fi networks. Even emails sent within a secure corporate network can be intercepted by other users, including your login credentials. Encryption makes the email content unreadable from the origin to the destination, so even if someone intercepts your email, they cannot interpret the content.

What should be encrypted?

Three things you should always consider to encrypting:

  • A connection from your email provider.

Suppose your message leaves your email provider's server and goes from one server to another through the internet. In that case, encrypted connections prevent unauthorised users on the network from intercepting and capturing your login credentials and any email.

  • Your actual email.

All your emails should be encrypted before sending. It means that even if hackers or anyone other than the intended recipient intercepts your messages, the encrypted messages are unreadable and practically useless to them.

  • Emails you store, cache or archive.

Suppose you store your backed-up emails in an email provider (such as Gmail or Microsoft Outlook). In that case, hackers may still gain access even if your account or device is password-protected. End-to-end email encryption ensures that the message is unreadable if any hackers obtain access.

How email encryption works

Email encryption relies on public-key cryptography or PKI, a combination of a private key (only you know) and a public key (only people you choose to distribute or use publicly). Those who send the email to be encrypted will use the public key, and the authorised party will use the private key to decrypt those messages into a readable format. In the PKI model, anyone can use a public key to encrypt emails, but a unique private key can only decrypt each encrypted message.

The diagram below is helpful to help you understand better. Bob wants to say "Hello" to Alice in private. Alice has a public key and a private key, which are two mathematically related encryption keys. The public key can be shared with anyone, but only Alice owns the private key. First, Bob uses Alice's public key to encrypt the email, converting "Hello" into a ciphertext that looks like random text.

The process of sending and receiving an encrypted email

Then Bob sends this encrypted message via the public Internet. In the process, it may pass through multiple servers, including servers belonging to the email service they are using and their Internet service provider. Although these companies may try to read the message (or even share the message with a third party), they cannot convert the ciphertext back to a readable plaintext.

Only Alice can decrypt it with her private key when she enters the inbox because she is the only one who has access to her private key. When Alice wants to reply, she only needs to repeat the process. She can use Bob's public key to encrypt the mail sent to Bob.

The best practice is encrypting all mail you send and receive. Suppose you only encrypt emails containing sensitive information. In that case, it will be easier for hackers to target which message contains your valuable and sensitive information. When you encrypt all emails following standard practices, hackers who want to access your personal information have a more difficult task. Searching for a single message containing sensitive information is tedious and challenging. Even the most dedicated hacker may think it is not worth doing it.

Ready to join Liverado? Start your free 14-day trial today.