SECURITY


Mail encryption
Mail encryption protects messages from unauthorized access. Only the body of a mail message is encrypted; the header information -- for example, the To, From, and Subject fields -- is not.

IBM® Lotus® Notes® users can encrypt mail sent to other Lotus Notes users or to users of mail applications that support S/MIME -- for example, Microsoft Outlook Express.

Users can use Lotus Notes mail encryption to encrypt mail sent to other Lotus Notes users, encrypt mail received from other Lotus Notes users, or encrypt all documents saved in a mail database. Lotus Notes uses the recipient's public key, which is stored in the sender's Contacts or in the IBM® Lotus® Domino® Directory, to encrypt outgoing and saved mail.

In general, mail sent to users in a foreign domain cannot be encrypted. However, if the recipient of the mail uses Lotus Notes and the sender has access to the recipient's public key, the sender can encrypt the mail message. The recipient's public key can be stored in the Lotus Domino Directory, in an LDAP directory to which the sender has access, or in the sender's Contacts.

Lotus Notes users can also use S/MIME to encrypt mail sent to recipients who use mail applications that support S/MIME. Senders must have the recipient's public key in order to encrypt the message for S/MIME. The recipient's public key is stored in an Internet certificate in either a Lotus Domino Directory or LDAP directory to which the sender has access or in the sender's Contacts. The sender must also have a cross-certificate that indicates to Lotus Notes that the recipient's public key can be trusted.

Encrypting a message -- with either Lotus Notes mail encryption or S/MIME encryption -- does not affect the speed at which the message is routed from sender to recipient. However, encryption does increase the time required to send and to open a message. The extra time is required because the message must be encrypted at the beginning of the transmission and decrypted each time the recipient opens it. The time required to send and open a message is based on the size of the message and the number of bitmaps and other graphics, objects, and attachments in the message. In most cases, the delay is not noticeable.

How outgoing Notes mail encryption works

1. The sender sends an outgoing message and selects the Encrypt option.

2. Lotus Notes generates a random encryption key and encrypts the message with it.

3. Lotus Notes encrypts the random encryption key with the recipient's public key and appends the new key to the message. The recipient's public key must be stored in either a Lotus Domino Directory or LDAP directory that a user can access or in the sender's Contacts.

4. If the encrypted message is addressed to multiple recipients, the message is encrypted only once with one random key, and the random key is encrypted using the public key of each recipient.

5. When the recipient attempts to open the encrypted message, the user's mail application attempts to decrypt the random key, using the recipient's private key. If this is successful, the random key decrypts the message.

6. If decryption is successful, the recipient can read the message. If decryption is unsuccessful, the user receives a message indicating that the decryption failed and the mail application does not allow the user to access the message.

How outgoing S/MIME mail encryption works

1. The sender sends an outgoing message and selects to encrypt it. (The exact option to do this depends on the mail application used.)

2. The sender's mail application (IBM® Lotus® Notes® or another S/MIME-compliant mail program) generates a random encryption key and encrypts the message with it.

3. The sender's mail application looks for the recipient's public key. For S/MIME mail sent from Lotus Notes, the recipient's Internet certificate must be stored in the sender's Contacts or a Lotus Domino Directory or LDAP directory to which the sender has access.

4. The sender's mail application encrypts the random encryption key with the recipient's public key and appends the encrypted key to the message. Lotus Notes uses the recipient's public key, found in the certificate, to encrypt the message.
5. If the encrypted message is addressed to multiple recipients, the message is encrypted only once with one random key, and the random key is encrypted using the public key of each recipient.

6. When the recipient attempts to open the encrypted message, the user's mail application attempts to decrypt the random key, using the recipient's private key. If this is successful, the random key decrypts the message.

7. If decryption is successful, the recipient gains access to the message. If decryption is unsuccessful, the user receives a message indicating that the decryption failed, and the mail application does not allow the user to access the message.

Related topics