Information Technology Reference
In-Depth Information
Note
:
The information that follows is slightly technical. You don't necessarily need to under-
stand how S/MIME works in order to use it, but if you're curious about what goes on behind
the scenes, read on. Otherwise, skip ahead to
Get a Personal Certificate
.
S/MIME uses a form of public-key cryptography. That means each user has a pair of keys: a
public one, normally used to encrypt messages, and a private one, normally used to decrypt
messages. So, I can share my public key freely, and anyone can use it to encrypt messages
they send to me. However, those messages can be decrypted only using my private key, which
I don't share with anyone. Similarly, as long as I have someone's public key, I can encrypt a
message to that person, but I can't decrypt that message, or any other message someone has
encrypted using that public key.
A
key
(public or private) is nothing more than a long string of random-looking characters.
Keys are normally wrapped in containers that are called
certificates,
which also include
identifying information about the key's owner and a digital signature from the
certificate au-
thority
(the person or company who issued the certificate); the signature lets users verify that
the certificate hasn't been tampered with.
So, to get a pair of encryption keys, you must obtain a certificate, which will contain both your
public key and your private key (I explain how in a moment). Mail uses OS X's system-wide
keychain to store certificates—both yours (including both the public and the private key) and
those of your correspondents (containing only their public keys). Because Mail communic-
ates with your keychain in the background, just as it does with your account passwords, you
normally don't see or interact with certificates directly.
When you
sign
a message using S/MIME, Mail does several things:
• It calculates a
hash
—that is, it performs a mathematical operation on the con-
tents of the message to come up with a unique value. If even a single character in
the message were different, the message would have a different hash.
• It encrypts the hash using your private key so that it can't be tampered with. The
encrypted hash is called a
digest
.
• It includes the digest, along with a certificate containing your public key, inside
the message (although this extra content isn't visible to you, the sender).
The combination of the digest and your certificate enables the recipient's email program to
verify that the message contents haven't changed during transit, and that your address as the
sender hasn't been forged.
Also notice something interesting about this process. By signing a message I send to you, I
also send you my public key—which you can then use to encrypt messages you send to me.
