Sign in with
Sign up | Sign in
Your question

Encrypted email, why do I need their key?

Last response: in Windows XP
Share
February 11, 2011 1:17:54 PM

I want to encrypt an email and send it to another user - it has my bank card details in it.Thuinderbird says I need their public key?
Why do I need their key if I am sending an email to them?

Is there any other way to do this?

More about : encrypted email key

a b 8 Security
a b 1 Email
February 11, 2011 1:25:55 PM

You need the key so the other system knows how to decrypt it. Your system needs to encode the email using their key, so when the email gets there, it can be decrypted.

You can call them and just read the info over the phone. Or send them the number but divide it by 2 or something, and call them and let them know to do the reverse to get the true number.
February 11, 2011 2:01:28 PM

hang-the-9 said:
You need the key so the other system knows how to decrypt it. Your system needs to encode the email using their key, so when the email gets there, it can be decrypted.

You can call them and just read the info over the phone. Or send them the number but divide it by 2 or something, and call them and let them know to do the reverse to get the true number.


Ok.
I don't really understand why there isn;t a way to send them an encrypted email but also send them a code to read it or is the idea that if I have their key, I know that they are the only ones reading it?
Related resources
Can't find your answer ? Ask !
a b 8 Security
February 11, 2011 2:25:54 PM

You encrypt an e-mail so that if it is intercepted it can't be read. If you send them the key, and it is intercepted, then the mail can be read (unless you encrypt the key, and then....).

Private/Public key encryption is very clever in that even if someone else has the recipients Public key they can't decrypt the message; they need the Private key to do that. So you can encrypt the message using only the Public key, but to decrypt it you need both keys; clever.
February 11, 2011 2:32:59 PM

so, if the receiver doesn't know how to or want to send a public key then there a way to send them something encrypted?
a b 8 Security
February 11, 2011 2:59:10 PM

I can't see how you could do that. How would you get the decryption key to them? I'm with hang-the-9; use a more secure transmission medium, such as a phone call.

(Although I suppose you could use encryption that requires just one key and then send that key in the post; although neither transmission medium is very secure the chances of the same person intercepting both messages is remote.)
a b 8 Security
a b 1 Email
February 11, 2011 9:02:16 PM

qwertyjjj said:
Ok.
I don't really understand why there isn;t a way to send them an encrypted email but also send them a code to read it or is the idea that if I have their key, I know that they are the only ones reading it?


That's the same thing as sending someone a locked package but including the key in the package. Anyone can open it that gets it.
February 12, 2011 1:35:38 PM

hang-the-9 said:
That's the same thing as sending someone a locked package but including the key in the package. Anyone can open it that gets it.


I would give them a code first that only they would have and then send the message. I suppose the code could be intercepted?
What's the difference if I have their code, someone could intercept that and pretend to be them reading the message that I send, no?
a b 8 Security
February 12, 2011 2:20:01 PM

No. To read the message you need the recipients Private key. You never have that; no-one does except for the recipient. You, and the rest of the world, only have the Public key.

Here's an analogy. The recipient gives you an unlocked padlock (the Public key). He can give out as many of these padlocks (all opened by the same key) as he likes. You put your message in a box and lock it with the padlock. You then send the box to the recipient. If someone intercepts that box he can't open it and read the message because he doesn't have the (Private) key. But the recipient has the key, so can open the box and read the message. At no time did you need that Private key to hide the message, but once you had hidden it only the person in possession of the Private key could open it.

It's a one-way process; anyone can lock the padlock but only the person with the key can open it. What you are proposing is to send the key and the padlocked box to the recipient; it is then possible for someone to intercept both items and so unlock the box.
!