When are emails secure?

E-mails accompany us through our everyday lives and are used for communication in a wide variety of situations, e.g. with friends and family, orders for articles and services, or inquiries to companies and government offices. Often, sensitive information is passed on in the process, which should be transported and stored securely.

Protection of e-mails - what to consider?

Sent e-mails pass through several stations on the transport route until they reach the recipient. They are transferred from the sender's computer to his e-mail provider and stored there in the mailbox. The e-mail is then transferred to the recipient's provider and stored in the recipient's mailbox. Finally, the e-mail is transferred to the recipient's computer the next time it is retrieved so that it can be opened and read there.

In order to preserve the confidentiality of the information sent, the e-mail must be protected on all transport routes and at all filing locations. Encryption is used to achieve this protection.

Transport between user and e-mail provider

Composing or retrieving e-mail is done via an e-mail client on a user's terminal device, and the e-mail must be transmitted between the terminal device and the e-mail provider.

This transmission takes place over the Internet and could be intercepted, e.g., by attackers in the same network, inside perpetrators at Internet providers, or state actors who intercept central Internet nodes. For security reasons, connections to the e-mail provider should therefore only be established in encrypted form. To do this, the e-mail provider must offer a server that enables encrypted communication via protocols such as SMTPS, POP3S or IMAPS, and the client must be configured to request the use of encryption.

Use of webmailers

When using webmailers, the e-mails are retrieved via an Internet page. For secure retrieval, the web interface must be accessed via an encrypted HTTPS connection. In addition, the login form of the webmailer must also be properly secured to avoid creating another attack vector; cf. here.

Was kann ich tun?

As a user, you should choose an e-mail provider that offers encrypted retrieval of e-mails via its servers and webmailers, and that only allows access to the webmailer and the associated login via HTTPs.

The use of secure encryption algorithms also depends on one's own computer, as the server and computer must agree on an algorithm supported by both systems. It is therefore important to always keep your own system and the e-mail clients or browser used up to date.

Transport between email providers

E-mails are exchanged not only between the user and the e-mail provider, but also between e-mail providers if the sender and recipient use different providers. The most likely attackers here are state actors or internal perpetrators at the network providers over whose networks the e-mails are transported.

Network - Source: pexels.com

For this communication link to be secure, the servers of both providers must support encryption and the connections must actually be established using transport encryption.

What can I do?

As with the transport between user and e-mail provider, the first step here is to use an e-mail provider that enables encrypted exchange with other providers. Information on the use of encryption during transport should be available on the website of a security-sensitive provider.

However, again, both sides of the communication must support encryption. So the use of encryption also depends on the e-mail provider of the communication partner.

The use of transport encryption can be checked via online services, e.g. checktls.com. https://www.checktls.com/perl/TestReceiver.pl can be used to check whether e-mails can be received in encrypted form, and https://www.checktls.com/perl/TestSender.pl makes it possible to check whether e-mails have been sent in encrypted form.

If the recipient's e-mail provider does not offer transport encryption, the only options are to try to convince the recipient to change provider, to protect the contents of the e-mail via end-to-end encryption (see below for more information) or to refrain from sending sensitive data via e-mail.

Secure storage in the e-mail inboxes

E-mails can be accessed not only during transport, but also when they are stored in the e-mail mailboxes on the providers' servers. With unencrypted mailboxes, an attack by hackers would mean access to all stored e-mails.

As a safeguard, the entire mailbox can be encrypted and thus protected from unauthorized access.

What can I do?

There are several e-mail providers, e.g. https://posteo.de/ or https://mailbox.org/, that enable encryption of e-mail mailboxes. With these providers, the entire mailbox is encrypted and only the mailbox owner has access to the decryption key. This can be achieved by never storing the decryption key on the server or only uploading it to the server in a password-protected manner.

Important: When using an encrypted mailbox, the decryption key is required each time the mailbox is accessed. If the key is lost, all e-mails will be lost. It must therefore be weighed up whether the restrictions on access and additional risks due to loss of the key are commensurate with the protection requirement gained, or whether this protection requirement is needed at all.

End-to-end encryption

Source: pexels.com

The encryption options presented so far offer protection in transit, against third parties uninvolved in the transport, and for storage in the recipient's own e-mail inbox. Secure transmission and storage of the content can only be ensured with the use of end-to-end encryption, because this also ensures secure storage at the recipient's end. With end-to-end encryption, the e-mail is encrypted by the sender before it is transferred to the provider and is only decrypted again by the recipient on their own computer.

End-to-end encryption therefore requires a known key between sender and recipient. The most common end-to-end encryption methods, Pretty Good Privacy (PGP) and S/Mime, are therefore public-key methods. Before using encryption, the communication partners exchange their public keys and then encrypt the e-mails with the recipient's respective public key. The e-mails can then only be decrypted using the recipient's private key.

The biggest problems with end-to-end encryption include key exchange and often integration with webmail clients. Browser plug-ins such as Mailvelope are increasingly being used to integrate with webmailers and exchange keys. In Germany, Mailvelope is supported by GMX.de and WEB.de, among others, in their webmailers, allowing customers to use end-to-end encryption with relative ease.

Please note: With end-to-end encryption, only the content of the e-mail is protected. Meta data, e.g. the names of the senders and recipients, are only transmitted securely through the additional use of transport encryption.

What can I do?

Um Ende-zu-Ende Verschlüsselung einsetzen zu können, benötigen beide Kommunikationsteilnehmer den öffentlichen Schlüssel ihres Kommunikationspartners. Daher sollte man im Vorfeld abstimmen ob und mit welchen Verfahren die E-Mails verschlüsselt werden sollen und die dazugehörigen öffentlichen Schlüssel austauschen.

Um den Empfang von verschlüsselten E-Mails vorzubereiten, kann der öffentliche Schlüssel noch an weitere potenzielle Kommunikationspartner verteilt werden. Selbst kann man aber nur verschlüsselte E-Mails versenden, wenn der öffentliche Schlüssel des Empfängers bekannt ist.

... what does it all mean now?

How securely one's own e-mails are transmitted and stored depends on the e-mail providers used. In any case, it is recommended that you select an e-mail provider yourself that enables encrypted e-mail transport. The provider of the communication partner is then ultimately responsible for the use of encryption. If transport encryption is not used, the sending of e-mails should be weighed up according to the content.

Whether encrypted e-mail mailboxes or end-to-end encryption should be used should be evaluated based on the confidentiality of the information to be sent, the storage location, and the loss of usability that would result from using encryption methods.

It should also be noted that encryption should only be considered as part of the security measures to be implemented. Taking basic rules to heart, such as choosing a strong and complex password for the e-mail account, is just as important.