The Role of Public and Private Keys in Email Encryption and Transparency


Thought Leadership

The Role of Public and Private Keys in Email Encryption and Transparency

Zix Staff

A fundamental technology that makes email encryption possible (though not at all easy) is Public Key Cryptography (PKI). To understand how PKI works in email encryption, it’s important to start with three basic ideas:

    1)Keys (public or private) are just big binary numbers (chains of ones and zeroes).
    2)Emails are stored and transported in the form of big binary numbers as well.
    3)Encryption and decryption are calculations (like what a spreadsheet ‘on steroids’ might do), each with two inputs and one result.

    With these in mind, we can outline how all three work together.

When an email message is encrypted, the two inputs are the public key of the intended recipient and the binary representation of the email message. The binary result of that calculation would appear to be a random, useless number to everyone except the holder of the private key. This is the ‘secured data’ that is sent over the Internet. If that data somehow ends up in the wrong place or in the wrong hands, no information can be drawn from it.

The recipient of the message is the holder of the private key. The private key is securely and safely stored at the recipient’s end of the Internet. The recipient’s decryption calculation is performed, using the received ‘secured data’ and the private key as the two inputs. The result is the original message in readable form.

One area where ZixCorp differentiates itself from other email encryption providers is in the creation, storage and management of public and private keys. As customers subscribe to our email encryption service, all public keys are put into the world’s largest shared community known as ZixDirectory. By including all public keys in one community, ZixCorp automatically looks for and retrieves the keys necessary to deliver the industry’s only fully transparent email encryption, which enables senders and receivers to exchange secure email without extra steps or passwords.

To learn more about our unrivaled key approach, please visit the ZixDirectory Web page.