The PGP (Pretty Good Privacy) and S/MIME (Secure Multipurpose Internet Mail Extensions) are the security protocols designed to serve for securing the electronic mail facility. The prior difference between these protocols lies within their security mechanism type of algorithms used. PGP uses either digital certificates or key rings for building trust between the users. In contrast, S/MIME employs encryption, message digest and digital signatures.
We are aware about the electronic mail services like ymail and gmail provided by yahoo and google. Electronic mail is a one of the highly used applications over the internet which allows a user to send a message (can contain text, image, pictures, video, audio, etc.) to another user connected through the internet. Wherefore, security has become a crucial issue. So, in this article, we are going to discuss the two protocols used for securing the electronic mail.
Content: PGP Vs S/MIME
|Basis for comparison
|Pretty Good Privacy
|Multipurpose Internet Mail Extensions
|Various multimedia files
|Every user key exchange
|Hierarchically validated certifier for key exchange.
Definition of PGP
The PGP (Pretty Good Privacy) is an open source software package designed for email security. It was developed by Phil Zimmerman. The most important feature of the PGP is that it provides the basic requirements of the cryptography. It uses various steps such as authentication, confidentiality, compression, e-mail compatibility, segmentation and reassembly for securing the email. To implement public key trust model and public key certificate management tools are included in the PGP to develop it.
Working of PGP
In the beginning, identifiers of the algorithm used in the message are required to be incorporated along with the values of the keys. The security options permitted by PGO while sending an email message are described below:
- Signature only
- Signature and Bade-64 encoding
- A signature, Encryption, Enveloping and Base-64 encoding.
Now let us understand the whole process of PGP step by step.
- Digital Signature: In this step, the message digest of the email message is produced using the SHA-1 algorithm and then the sender’s private key is employed for encrypting the message digest.
- Compression: This step compresses the email message and the digital signature together in order to decrease the size of the resulting transit message. One of the examples of compression is the ZIP program based on the Lempel-Ziv algorithm.
- Encryption: It encrypts the compressed form of the message which we got in the previous step using a symmetric key.
- Digital Enveloping: In this step, the receiver’s public key is used for encrypting the symmetric key used in the encryption step. The combination of step 3 and step 4 creates a digital envelope.
- Base-64 encoding: Here the output of step 4 is Base-64 encoded where a bunch of arbitrary binary inputs are translated into printable characters.
PGP supports the following given algorithms:
Key rings – A key ring is composed of a public key and corresponding private key which are used to read or decrypt the data. Sending an email message to a single recipient is not troublesome for a sender but it is difficult to send it to several multiple recipients. So, every PGP user must contain two pair of key rings – one for its personal public-private key pairs and one for the public keys of other users.
Definition of S/MIME
S/MIME (Secure/Multipurpose Internet Mail Extension) is a security-enhanced version of MIME internet e-mail format, founded on the technology from RSA Data security. MIME replaced the SMTP protocol as it was limited to just text where only text messages were allowed to transmit. The restricted protocol SMTP was not able to exchange the multimedia files, documents in various arbitrary formats because it uses 7-bit ASCII representation of characters of an email message which cannot represent the special characters having the value greater than 127.
Therefore, there was a critical need for a standard which can also exchange multimedia files. That is how the features of the primary email system are extended through MIME.
A MIME email message is comprised of a text message along with some special headers and formatted sections of text. Each section could contain an ASCII-encoded part of data and also the mechanism of decoding the data at the receiver’s end. MIME headers include specification of – MIME version, Content-Type, Content-Transfer-Encoding, Content-ID, Content-Description.
Algorithms used in S/MIME:
- Digital Signature Standard (DSS) for digital signature
- Diffie-Hellman for encrypting the symmetric session keys.
- RSA for digital signatures or for encrypting the symmetric session keys
- DES-3 for symmetric key encryption.
It is a secure form of MIME message created by a signature, encryption or both. When the security-relevant data for example identifiers of algorithm and digital certificates are added to the MIME it is called as Public Key Cryptography Standard (PKCS) object.
Key Differences Between PGP and S/MIME
- PGP is designed to process plain text emails while S/MIME allows the emails containing the multimedia files too.
- S/MIME is appropriate for industry use. As against, PGP serves a good purpose for personal and office use.
- S/MIME is expensive as compared to PGP.
- In terms of efficiency, the S/MIME is better than the PGP because of its centralized key management.
PGP can only support text-based email while S/MIME is enabled with different forms of multimedia and both of them uses different key exchange methods.