Step 2: Public keypairs

Public/private keys, or keypairs, as they're also called, are a way of encrypting messages without using a certification authority. You use a piece of software to generate a pair of cryptographic keys, each key being a short alphanumeric string. One key, the "public" key, is given out to others and used to encrypt messages sent to you. The other key, the "private" key, is kept secret and used by you to decrypt such messages. Such tools don't depend on any particular mail program or server, although some people have created extensions for Outlook and Exchange that can be used.

The private key can also be used to sign messages with a digital signature. Those receiving a message from you match the signature against your public key to show that you did indeed create the message in question. If either the signature or the message is tampered with, the message won't verify correctly.

Simple e-mail encryption

 Home: Introduction
 Step 1: Outlook's S/MIME
 Step 2: Public keypairs
 Step 3: GnuPG and WinPT: Setup
 Step 4: Encrypting e-mail in WinPT
 Step 5: Verifying signed e-mail in WinPT
 Step 6: Extras: Symmetric encryption and hotkey commands

More information from

  • Whitepaper: Contributing to regulatory compliance with e-mail encryption
  • Opinion: How much encryption is enough?

    Serdar Yegulalp is editor of the Windows Power Users Newsletter. Check it out for the latest advice and musings on the world of Windows network administrators -- and please share your thoughts as well! Copyright 2005 TechTarget

    Read more on Operating systems software