E-mail Encryption Clarification.

"The recipient's public key encrypts when encrypting an e-mail message. The recipient uses the recipient's private key to decrypt an encrypted e-mail message. In most cases, the public key doesn't actually encrypt the message, but instead encrypts a symmetric key used to encrypt the e-mail. The recipient then uses the private key to decrypt the symmetric key, and then uses the symmetric key to decrypt the e-mail."

Is this basically saying that the sender will be using the recipients public key to encrypt the symmetric key used to encrypt the e-mail. Then when it is sent to the recipient, the recipient then uses their own private key to decrypt the symmetric key, and use that symmetric key to decrypt the email?

Since it never really mentions the sender at all, I guess this is assumed? Just need clarification!

Thanks!

Find more posts tagged with

Save $250 on 2025 certification boot camps from Infosec!

Book now with code EOY2025

Button

Comments

LeifAlire

When UserA sends an email to UserB.
1. UserA encrypts the email using the public key of UserB
2. UserB receives the email and opens it using UserB private key that only UserB know.

Some other info to compare

What is the difference between Symmetric Encryption and Asymmetric Encryption?• Symmetric Encryption uses a single secret key that needs to be shared among the people who needs to receive the message while Asymmetric encryption uses a pair of public key, and a private key to encrypt and decrypt messages when communicating.• Symmetric Encryption is an age old technique while Asymmetric Encryption is relatively new.• Asymmetric Encryption was introduced to complement the inherent problem of the need to share the key in symmetric encryption model eliminating the need to share the key by using a pair of public-private keys.

bostianz

Ah that's what I figured then, thanks!