Digital Signature vs. Email Encryption

click to enlarge

As an inevitable consequence of the Internet, electronic communication has become acceptable in many contexts, altogether replacing traditional written communication. However, traditional documents were usually validated with the presence of a signature, which is more difficult to attest on an electronic document. A digital signature conceptually mimics a person’s unique signature, in that it validates an electronic document.

Digital signatures are composed of two elements – a message hash and a private key. A message hash is a uniquely generated sequence of numbers, which cannot be reverse engineered to obtain the original message. The hash is then encrypted using the sender’s private key. The recipient decrypts the hash using the sender’s public key. The electronic document is also run through the hashing algorithm to check whether both the hashes are the same- thereby confirming the sender did indeed author the document in its current form, and it was not altered in any way before reaching its intended recipient.

There are a number of methods by which emails can be encrypted for secure transfer, and public-key encryption is one of them. The premise is similar to that used when digitally signing electronic documents, in that there is a pair of keys generated- one private and the other public.

In the case of email encryption, the idea is to keep the contents secure from all unauthorized viewing. Therefore a sender identifies a recipient’s public key, and encrypts the email with that key. The private key is retained with the recipient, and is used to decrypt all communication encrypted using the corresponding public key.

Using this method, any communication encrypted using the recipient’s public key can only be read by those people with access to the correct private key. Therefore all senders can be assured of complete privacy of their emails, given that the private key is secure.

Although both methods of encryption use asymmetrical keys, the goal of a digital signature and that of email encryption are entirely different. A digital signature is used to verify that a particular electronic document was created by a particular individual and has not been altered in the transmission process. The process is used to authenticate the author and the contents of the document beyond a shadow of doubt. Email encryption, on the other hand, is used to maintain the privacy of the contents of an email. Generally, information that should not be privy to everyone is subject to email encryption.

When implementing digital signatures, the public key is used for decryption while its corresponding private key is used for encryption. The process for email encryption is exactly the opposite.

Email encryption and digital signatures are certainly not mutually exclusive, even though they have differences. There are occasions where establishing the identity of an email’s author is equally as important as maintaining the security of its contents. This is a scenario where both technologies would be used in conjunction with each other.

Image Credit:

E-Sign by erkinsahin