Email Encryption Guide

Due to the ease of use and near-universal adoption, many individuals and campus departments use email as a primary form of communication for University business.  While this works well for many purposes, remember that email is not a secure form of communication and should never be used to transmit restricted data or sensitive information. 

Even if a secure email client is used (as is required by bCal), email is not encrypted as it passes between mail servers and may be forwarded by the receiving user to a mail server that does not require a secure client.  Also, the identity of the sender of the email cannot be verified, as it is easy to falsify header information in a standard email message. 

For users who wish to communicate sensitive information via email, public key cryptography can be used to send and receive email messages securely.  In public key cryptography, a pair of cryptographic keys, one public and one private, are generated for each user.  The private key is known only by the user and is kept a secret, while the public key can be widely distributed.  Public key cryptography is used for both encryption and digital signatures:

Public key encryption — the sender uses the receiver’s public key to encrypt the message.  It cannot be decrypted by anyone except the receiver who possesses the corresponding private key.  This is used to ensure confidentiality.

Digital signatures — code is added to a message using the sender's private key can be verified by anyone who has access to the sender’s public key.  This verifies the identity of the sender and that the message has not been tampered with.  This is used to ensure authenticity.

Two common standards for public key cryptography in the email are PGP and S/MIME.

GnuPG

While PGP is a commercial product, GnuPG is a free implementation of the OpenPGP standard and is available for many platforms at http://www.gnupg.org/.

GnuPG enabled mail clients, as well as plug-ins for a variety of typical mail clients, are available as free downloads.  Since OpenPGP uses a trust model that is not dependent on a central certificate authority, it is useful for communicating with others outside the campus.

CalNetPKI

S/MIME uses digital certificates issued by a trusted certificate authority for encryption.  Campus users can request user certificates from CalNetPKI at no charge:

https://berkeley.sharepoint.com/sites/calnetad/services/calnetpki

Most standard email clients, including Outlook, Thunderbird, and Eudora, support S/MIME.  Since the sender and receiver must both trust the same certificate authority, S/MIME is a better option for intra-campus communications.