Sending mail is a little more care free. There are some things you can do to make sure your conversation is secure though. The first is to ensure your connection is secure. There are also methods to allow you to digitally sign your messages, which guarantees that the message is from you and has not been tampered with en route. And for maximum security, you can encrypt your messages to make sure no one reads them. Digital signatures prove who e-mail comes from, and that it has not been altered in transit. If you establish the habit of using digital signatures for important e-mail, you will have a lot of credibility if you ever need to disown forged mail that appears to be from you. They also allow you to encrypt e-mail so that no one can read it except the recipient. PGP in particular offers high levels of encryption which to break would require extreme computing power.
Digital Certificates
A digital certificate is unique to an individual, kind of passport, and is composed of two parts. These two parts are called as public and private key. The certificate is unique to one person, and typically certificates are issued by a trusted Certificate Authority, or CA. The list of Certificate Authorities you trust is distributed automatically (if you are a Microsoft Windows User) by Windows Update and the list is accessible in your browser under tools>internet options>content>certificates. You can go here to view certificates installed on your machine (yours and others), and other certificate authorities you trust. You can disable the automatic update of CAs, and choose to remove all CAs from the list, although this is not recommended. Instructions on how to do this are on Microsoft’s web site.
Digital Signatures
A digital signature is generated by your e-mail software and your private key to assure the authenticity of your e-mail. The purpose of the signature is twofold. The first is to certify it came from you. This is called non-repudiation. The second is to ensure the contents have not been altered. This is called data integrity. The way an e-mail program accomplishes this is by running the contents of your message through a one way hash function. This produces a fixed size output of your e-mail called a message digest. This is a unique value, and if the mathematical algorithm that produces it is strong, the message digest has the following attributes.
Digital Certificates
A digital certificate is unique to an individual, kind of passport, and is composed of two parts. These two parts are called as public and private key. The certificate is unique to one person, and typically certificates are issued by a trusted Certificate Authority, or CA. The list of Certificate Authorities you trust is distributed automatically (if you are a Microsoft Windows User) by Windows Update and the list is accessible in your browser under tools>internet options>content>certificates. You can go here to view certificates installed on your machine (yours and others), and other certificate authorities you trust. You can disable the automatic update of CAs, and choose to remove all CAs from the list, although this is not recommended. Instructions on how to do this are on Microsoft’s web site.
Digital Signatures
A digital signature is generated by your e-mail software and your private key to assure the authenticity of your e-mail. The purpose of the signature is twofold. The first is to certify it came from you. This is called non-repudiation. The second is to ensure the contents have not been altered. This is called data integrity. The way an e-mail program accomplishes this is by running the contents of your message through a one way hash function. This produces a fixed size output of your e-mail called a message digest. This is a unique value, and if the mathematical algorithm that produces it is strong, the message digest has the following attributes.
- The original message can’t be reproduced from the digest.
- Each digest is unique.
