What is S/MIME and How Does it Work?

March 1, 2021

1:00-2:00AM PST

These days, sending and receiving email messages is one of the easiest ways to communicate with our friends and work colleagues. Indeed, what we used to do with written letters we now do with taps on keyboards and the internet. Given this, it is not unheard of to receive dozens of email messages per day. Recent research published by the Radicati Group noted that by the end of 2022, the number of sent and received daily emails by both businesses and consumers will be more than 333 billion. Up by 52 billion from 2018, this represents a substantial increase.[i] While this number is almost incomprehensible, a large number of these emails will be sent and received in the public domain and be viewable by anyone that wants to. To ensure email privacy, Trustifi offers unmatched email encryption solutions

Unfortunately, the privacy attached to sending letters through the mail does not transfer to email messaging. Instead, email users must make efforts to ensure they maintain email privacy. According to a leading telecommunications company, 92% of malware gets into our computers via email messages.[ii] That said, Trustifi’s email encryption protects users from phishing and other malicious cybercrimes.

The Secure/Multipurpose Internet Mail Extension (S/MIME) Protocol

Email messaging started as a simple text-based (ASCI) message transfer system used by a small group of researchers. This group did not need privacy for this messaging system because they were just sending messages between them using their university’s private network. However, as email use expanded into the public domain with the popularity of the internet, use limitations emerged. For example, an early internet-based email could not send other digital items such as images or audio files. This changed with the invention of “multipurpose internet mail extensions,” or MIME.

As the use of internet-based email messaging gained popularity in the late eighties and early nineties, it became clear that emails were not secure. Fortunately, email security is possible with protocols such as S/MIME, which make use of encryption key technology. S/MIME was developed in 1995 by three MIT graduates who formed RSA Data Security. While there have been several upgrades since RSA first developed S/MIME, companies like Trustifi rely on the underlying principle of using encryption key technology to maintain email privacy.

 

Asymmetric Cryptography

The S/MIME protocol uses asymmetric cryptography. This is a pair of mathematically connected keys, one of which is private, and the other is public. It is impossible to figure out the private key using the public key. Here’s how it works. The person that sends the email uses the public key to encrypt the message. The email recipient then uses the private key to decrypt the message. This works because only the recipient has the private key. It is the only one that can open the lock on the message’s contents.

Enhanced Email Security

Using encryption key technology, Trustifi offers email users security functionality and other features based on the original S/MIME protocol. This includes non-repudiation of origin, message integrity, authentication, email privacy, “signed receipts, security labels, secure mailing lists, and an extended method of identifying the signer’s certificate(s).” [iii] Because S/MIME can be added to email clients, it does not require special email servers.

Non-Repudiation of Origin

In general, non-repudiation of origin means an email recipient cannot question the validity of the sent email. This also the recipient with proof of where the email came from. Non-repudiation of origin is crucial for recipient protection against spoofing and phishing. This is one of Trustifi’s email encryption solution’s main benefits.  

Message Integrity

Another key benefit of Trustifi’s email encryption solution is message integrity. This means that when a user sends an email, the encryption ensures the message was not tampered with. Basically, message integrity is maintained while the message is in transit, and while it goes through email servers.

Authentication

Closely related to non-repudiation of origin and message integrity is message authentication. This means the message is what the sender says it is. Like message integrity, authentication means the email message remains encrypted until unlocked with the recipient’s private key.

Email Privacy

A key feature of Trustifi’s email encryption solution is email privacy. This is an absolute must in today’s volatile electronic world. From a private user sending a secret password to a friend, to a business colleague sending sensitive data to another business colleague, privacy must be maintained. The basic structure behind S/MIME guarantees email privacy.

Signed Receipts and Security Labels

Two other features of S/MIME are signed receipts and security labels. A signed receipt is an assurance that the email recipient received the unaltered message. This also means the sender knows when the message was opened and who opened it. If the email message contains a security label, the recipient will need authorization to open the message.

Conclusion

Since it was first developed in 1995, the S/MIME email security protocols have been substantially upgraded. S/MIME and everything that came after it relies on asymmetric cryptography, a public and private mathematically related pair of encryption keys. These keys give email senders and recipients unbreakable email security and privacy. Using asymmetric cryptography ensures there will be no data breaches. In the standard laden regulatory environment, privacy is essential. Avoid HIPAA fines by choosing Trustifi’s end-to-end email encryption solutions.

Trustifi’s NASA grade email encryption solution uses asymmetric cryptography to give users unparalleled email security. From the corporate enterprise world to the small business world, Trustifi’s solutions are scalable. If you run a small business, Trustifi’s email security solutions will stand guard against spoofing and phishing attacks. Moreover, Trustifi’s email encryption is flexible. By offering one-click encryption and decryption, small business email users have a peace of mind that comes from knowing sensitive data is secure. And because the underlying email protocols are added onto existing email servers, there is no need to invest in an expensive IT department. Trustifi also offers whitelisting and blacklisting options. Call for a quote today.

 

Try Trustifi Today

For Individuals

Our Free Trial Is Forever Free

For Business

See if Trustifi Is Right for Your Organization