Public key message encryption is also known as public key cryptography or asymmetric encryption. It is a type of encryption which uses a pair of different keys known as public and private keys. A public key is used to encrypt messages and a private key is used to decrypt messages. A pair of public and private keys is specific for a particular individual. He or she distributes the public key so that anyone who wishes to send a message to him or her can encrypt the message using the public key. The private key remains known only to that individual and is used to decrypt received messages.
Note that encrypted messages can still be altered by an attacker if you use some types of encryption algorithm. Encrypted messages can also be decrypted by a dedicated attacker with unlimited computational power (such as the government of a country). Besides these, encryption can go wrong if not used properly. The following are tips that will help you avoid some of these pitfalls.
Do Not Selectively Encrypt Your Messages: It is best to encrypt all your messages if you use message encryption. Encrypting only the messages you consider important such as those that contain financial information sends a signal to anyone intercepting your messages that such mail contains important information.
Use a Digital Signature: Message encryption only protects the confidentiality of your message by preventing it from being read if it is intercepted before it reaches the intended recipient. The use of some types of encryption protocols may leave your mail vulnerable to alteration even if it cannot be deciphered. The use of a digital signature with message encryption provides for this situation. Digitally signing a message allows the recipient to tell whether it has been tampered with or not since the digital signature is invalidated once the message is altered. Digital signatures also allow the recipient to confirm that the message is from a particular sender.
Authenticate/Verify Your Public key: Since public keys are publicly available, the following scenario is possible: Person A publishes a public key which purports to belong to Person B. Any messages sent to Person B which have been encrypted by the false key can be decrypted and read by Person A before being passed on Person B. To avoid this, you should have your key published by a certificate authority (CA) or use a web of trust (WOT). These allow other people confirm that a public key really belongs to you.
Protect Your Private Key and Digital Signature Information: The information in your messages only remains secure as long as your private key has not been comprised. If an attacker infiltrates your computer and determines your private key, then he or she can decrypt and read your messages. Same goes for the digital ID which is used to sign your messages. If an attacker can get to this information, the information contained in your messages can be altered. The person can also use your digital signature to sign messages which are not from you. Therefore, you must protect your computer with security software such as firewalls. Click here to get free firewalls for Windows and Linux computers. If you lose your private key, you will not be able to decrypt your messages.
Use Encryption Software with Non-malleable Algorithms: Certain encryption algorithms like RSA or ElGamal are known as malleable encryption i.e. the person intercepting your messages can still modify the messages even if he or she cannot read them. Non-malleable encryption algorithms such as the Cramer-Shoup system can prevent this from happening.
Make Use of Long Keys: Encryption is not invincible. People with enormous computational power may still be able to decrypt encrypted messages if they are determined to do so. Using very long keys makes it harder, longer and costlier to decode your messages.
Use Compatible Encryption Software or Protocols: Different encryption protocols use different algorithms. As an example, if the sender makes use of PGP encryption, the receiver should also use PGP so that he or she can properly decrypt the message. Your digital signature will also be affected if the encryption software is incompatible.
Use Compatible Email Clients: Different email clients support different encryption protocols and it is a good idea for both sender and receiver to use the same email software.
Encryption Protocol with Web-based Email: PGP can be used on the Mozilla Firefox browser to send encrypted mail using Gmail. This is done by installing an addon for Firefox called FirePGP.
Download free authenticated firewalls for Windows PCs