Question

Difference between signature and encryption and combo

Answer 1

In the past we’ve talked about how to scan your signature to help go paperless. In this post, we are going to look at the fundamentals behind sending truly encrypted emails and documents that can be verified with a digital signature.  The idea is to show you the concepts so you understand what is going on behind the scenes to make a secure communication channel over email.

So why spend the time on this?  As we switch to doing more business over the internet, secure communications are going to become much more important.  Even if you don’t have a use for encryption right now, you probably will over the next 3 to 5 years (if not before).  There is a lot of value in understanding why email encryption is secure–even if you don’t understand all the complicated math behind it.

I find it frustrating that so few people and businesses use email encryption and a digital signature on their emails.  If businesses would use encrypted emails, they could just send me a PDF of my bill instead of requiring me to login and download my bill from their website. Many of the processes that currently require printing on dead trees and then using dead dinosaurs to transport sheets of paper through the mail could be done electronically if more people would use encryption.  This article is me doing my little part to help raise awareness of how encryption works. If you want to help save paper and think this article is useful, please pass it on to someone else.

Encrypting a Document

To use a digital signature or encryption you must have a digital id also known as a digital certificate.  A digital id/digital certificate used to do two things.  First, it can be used to do email encryption or encrypt files so that they can only be read by the person they are intended for.  Second, it can be used to “sign” or place a digital signature on a document to guarantee that it arrives in the same state it was originally sent and no one has added or changed things.



A digital id or digital certificate consists of a public and private key.  Your public key is shared with everyone.  Your private key is kept private.  These keys are text documents full of what appears to be random numbers and letters, but with the proper algorithm, these numbers and letters have a very unique property.



If you take a document and run it through an algorithm with your public key, you get back an encrypted document or an encrypted email.



Once it is encrypted, the public key can’t be used to decrypt the document. The process is one way so it doesn’t matter if other people have the public key, they can’t read the document.



To decrypt the document you must have the private key.  If you give the encrypted document to an algorithm with the private key, you will get back the original document.