Email and Cryptography

"For email, the old postcard rule applies. Nobody else is supposed to read your postcards, but you'd be a fool if you wrote anything private on one."
Judith Martin

E-Mail is extremely insecure because many different servers providing Simple Mail Transfer Protocol (SMTP) interact to deliver an email, and an eavesdropper could be in or in between those points if the traffic isn’t encrypted.

 I analyzed the headers of an email I received a few days ago, and check all the systems it traversed:
  • app51.wa-webapps.iad3a (unknown ip)
  • localhost
  • (unknown ip)
  • (unknown ip)
Each of those 8 different SMTP relay servers connects to the following one in the chain and sends a copy of the email. That connection could be plain text, and anyone in the network could be recording your email, or be encrypted with TLS, we expect that nowadays all SMTP traffic should be using TLS, but sadly isn’t the case.

Using you can verify if all the servers used to reach an email address have TLS working, or not.

Yahoo has a problem with their certificate, so the traffic would be using TLS but you don’t really know if is Yahoo or there is someone in the middle.
Hotmail is even worse, they don’t have any kind of TLS in their SMTP Relays.

For TLS to work both sides of the communication should support TLS, so it doesn’t matter what your email provider is, if you write to Hotmail, your emails can be read by anyone.
You also need to consider the how the end user connects to his email provider, that connection should be encrypted using HTTPS otherwise people in the same local network, wireless or in the ISP could be recording the emails.
As you can see, email communication has a lot of fail points.

What email provider should I use?

Is all the same security wise, use whichever you like.
Your emails can be eavesdropped in one of the many fail points I detailed previously or if the email provider is from the US/Canada they can be legally obliged to provide your email contents.
The encryption solution they provide just encrypt the emails stored in their servers but when the emails are sent the security is the one implemented by the weakest link.
The only secure alternative is end to end encryption using GPG.

Check the following articles to know more about the government pushing to get access to emails:

Hushmail providing email to gov agencies
Lavabits creator "If you knew what I know about email, you might not use it either."
Email privacy problems by Phil Zimmermann


In the previous lesson we installed GPG and created our key to exchange encrypted mail using it. But as you may have noticed is cumbersome to be encrypting a text file and copy pasting the armored text to your mail.

That’s why in this lesson we will install Enigmail, that is a plugin that integrates the Thunderbird email client with GPG.

When you’re writing an email with Thunderbird you will have new options to encrypt and sign the email.

Enigmail will automatically select the key to use from your keyring based on the email recipient list and the mail saved in your “sent emails folder” will be encrypted with your own key.
If your email has multiple recipients Enigmail will encrypt each email with his corresponding key.

You can also create rules to define what key would you like to use for specific email addresses etc.

Guys using GPGTools for Mac already have the “GPG for Mail” in the suite that does the same that Enigmail, but if you don’t have it installed or aren’t using GPGTools suite, you can install Thunderbird and Enigmail too.

Visit for more information about it.


In this lesson practice we will install Thunderbird and then install Enigmail and configure it to use our previously generated keys.

1 - Install Thunderbird and configure your email account.

2 - Install the Enigmail plugin:

3 - Restart Thunderbird and you’ll see the Enigmail setup wizard.
The wizard will guide you through the options, and then will ask about your public and private key that you will use to encrypt/decrypt your mails.

4 - Send me an email encrypted and signed.

No comments:

hit counter script