The basic idea for this key encryption is:
When you want to encrypt a message to a client, a client or key
authority gives you a key to encrypt with. So at this point we can
encrypt a new key for this conversation("session key") with client's
public key, the client can then decrypt this "session key" with it's
private key. To further ensure secure communication the client can
then encrypt an answer back to the sender with the sender's public
key, and once received and acknowledged then both sides can now use
the "session key" to encrypt this communication.
That is the basic method, however we can take further steps to make
sure that the key cannot be grabbed from mid-transmission by using
more keys and encrypting sequence #s into the messages..
The PKI could become a nightmare, but I really doubt that if done right.
I would love to hear some horror stories though if anyone on the list
would care to share :)
-Kinnell
On Wed, 9 Mar 2005 13:29:35 -0800 (PST), John Madden
<chiwawa999_at_yahoo.com> wrote:
> Hi,
>
> Looking at the potential deployment and solutions for
> encrypted emails i had a few questions.
>
> What do large organization do to ensure that email are
> securely transfered with a partner/customer for
> sensitive data ?
>
> Using public/private keys seems like a whole lot of
> problems...
>
> - How do you exchange keys ? Manually ? This might be
> ok for a couple of recipient but can you imagine
> hundreds/thousunds at different companies...
>
> - PKI, having to deal with the infrastructure could be
> a nightmare.
>
> - Employees learning curve....
>
> Are companies using an encryption software that will
> encrypt the messages/attachments and transmit the
> password to decrypt by phone ?
>
> I would like your comments/suggestions.
>
> Thanks
>
> John
>
>
> __________________________________
> Celebrate Yahoo!'s 10th Birthday!
> Yahoo! Netrospective: 100 Moments of the Web
> http://birthday.yahoo.com/netrospective/
>
Received on Mar 10 2005
Intro
