Public/private keys, or keypairs, as they're also called, are a way of encrypting messages without using a certification authority. You use a piece of software to generate a pair of cryptographic keys, each key being a short alphanumeric string. One key, the "public" key, is given out to others and used to encrypt messages sent to you. The other key, the "private" key, is kept secret and used by you to decrypt such messages. Such tools don't depend on any particular mail program or server, although some people have created extensions for Outlook and Exchange that can be used.
The private key can also be used to sign messages with a digital signature. Those receiving a message from you match the signature against your public key to show that you did indeed create the message in question. If either the signature or the message is tampered with, the message won't verify correctly.
Simple e-mail encryption
Step 1: Outlook's S/MIME
Step 2: Public keypairs
Step 3: GnuPG and WinPT: Setup
Step 4: Encrypting e-mail in WinPT
Step 5: Verifying signed e-mail in WinPT
Step 6: Extras: Symmetric encryption and hotkey commands
More information from SearchWindowsSecurity.com
|ABOUT THE AUTHOR:|
Serdar Yegulalp is editor of the Windows Power Users Newsletter. Check it out for the latest advice and musings on the world of Windows network administrators -- and please share your thoughts as well!|
Copyright 2005 TechTarget
This was first published in November 2005