Re: Mail Encryption

[Jim Rueschhoff]

The most common form of encryption of email is a public key encryption system.   You can do it yourself with a package like Cryptix (www.cryptix.org) or you can use a program like enigma (enigma.intouch.ca).  Both work well.  Enigma has enough overhead to it that it won't work well in high volume situations since it is single threaded. It can handle 5000 to 10000 a day however.  It functions as a mail server that automatically encrypts and decrypts as needed (you set javamail to point at it).  It is a pure java solution.    Cryptix is an encryption package compatible with PGP and it will allow you to encrypt your own messages and then send them using JavaMail. If you have a high volume requirement this would be the better choice for you.   You will find that the recipients of the messages will be your biggest difficulty.  They will forget pass phrases, destroy keyrings, regenerate keypairs, move to a different machine and generally gunk things up when dealing with encrypted messages.  The software and encryption works fine but we find that people just do not deal well with encryption and the small amount of discipline that is needed to make it work correctly.  Make sure you are prepared to recreate messages if the recipient does something that results in the unrecoverable loss of the keys needed to decrypt the message.  We have that happen on a regular basis.  Our recipients are not employees of our company and we have no control over them so better training is not an issue for us.    You could also use a XOR based simple encryption system if the data to be encrypted is not critical.  Unless designed by a professional encryption expert this type of system is relatively easy to break because of one to one character mapping and, in most cases I have seen, poor distribution of bit patterns generated by the keys.  A professional can make this type of system VERY secure but it is relatively difficult to do.    I hope that helps you.      -----Original Message----- From: A mailing list about Java Server Pages specification and reference [mailto:[EMAIL PROTECTED]]On Behalf Of Lorena Carlo Sent: Tuesday, December 18, 2001 8:24 AM To: [EMAIL PROTECTED] Subject: [JSP-INTEREST] Mail Encryption Hello all,   Does anybody know how I can encrypt a mail that I send using Java. Does JavaMail have a method for this?.   Please help me,   Thanks in advance.   Lorena Carlo