We encourage you to read this page in full to understand what Enigmail does. Asymmetric cryptography makes use of some concepts which, while not difficult, aren't immediately obvious e.g. the fact that there are two key involved (a public and a private) instead of one, or that a person needs to distribute his public key in order to be able to exchange secure messages with other people.

Cryptography is the art and science of techniques for secure communication in presence of adversaries. There are two main branches of cryptography: **symmetric cryptography** and **asymmetric cryptography**.

## Symmetric cryptography

Symmetric cryptography is the first type of cryptography invented, dating back well before 500 BCE, and the only one most people ever heard about. In symmetric cryptography, a **cipher** (cryptographic algorithm) is used in conjunction with a single **key** (for instance a password) to encrypt a message. The message can then be decrypted using the same key.

Examples of symmetric cryptography algorithms vary from the ancient and trivial ones that have been broken long ago (Caesar's cipher, substitution ciphers, VigenĂ¨re) to the ones used in modern cryptography (AES, Blowfish).

Symmetric cryptography poses a problem concerning the delivery of secure messages. The sender can encrypt a message and send it to the recipient, but has to provide the recipient the key to decrypt it. The key cannot obviously be sent with the message, and must be communicated through a secure channel. Encryption provides a secure channel for the delivery of messages but, in order to make it usable, the sender must first deliver the key to the recipient.

This catch-22 problem was solved only in the 1970s with the birth of asymmetric cryptography.

## Asymmetric cryptography (a.k.a. Public key cryptography)

Public key cryptography is much more interesting and useful. The main difference with symmetric cryptography is that its ciphers do not operate with a single key but with a **key pair**, composed of a **public key** and a **private key** (also called **secret key**).

Public and private key are created together at the same time using a special algorithm and they are strictly connected to each other. A message is encrypted with a public key and can only be decrypted with the companion private key. Similarly, a message is digitally signed with a private key and can only be verified with the companion public key.

Let's show how public cryptography works by taking as an example two people, Alice and Bob, that want to exchange secure messages.

Alice generates her own key pair in advance. Then she makes the public key available to anyone, for instance by publishing the key in a public directory, and carefully keeps for herself the secret key. This is perfectly safe, because it is practically impossible (or, as computer scientists prefer to say, computationally infeasible) to derive a private key from its companion public key alone. Bob does the same: generates a key pair, publishes his public key and keeps undisclosed his secret key.

When Bob wants to send a confidential message to Alice, he first retrieves Alice's public key from the directory. Then he encrypts the message with her public key and sends the message. Alice decrypts the message with her private key and is able to read it.

Public key cryptography is not only used for confidentiality (i.e. to protect the message so that it can be read only by the intended recipient), but also for authentication (i.e. to verify that the message really comes from the intended sender) and integrity (i.e. to ensure that the message has not been altered in transit). Authentication and integrity are enforced by appending a **digital signature** to the message.

A digital signature is a string of bits generated by an algorithm that uses a **hash function** in conjunction with a key. A hash function is a function that takes in input a message of any length, and outputs a string of fixed small length called **digest** which is a distillate of the message fed in input. Notable features of hash functions include that is practically impossible to derive the input from the output, and that changing just one bit of the input results in a completely different output. Examples of hash functions are MD5, SHA-1, RIPEMD-160, and SHA-512; these produce digests which are respectively 128, 160, 160, and 512 bit long.

Hence Bob writes the message, generates the digital signature for the message using a predetermined hash function and his private key, appends the signature to the message, and sends to Alice the whole lot. Alice receives the message and verifies the signature using the same hash function and Bob's public key. If the signature is valid, then the sender is authenticated, because only the owner of the private key, Bob, could have signed the message. This guarantees also the integrity of the message, because had the message been altered in transit, the hash function applied to it would resolve to a different digest and the signature would not match.

Examples of asymmetric ciphers are RSA and ElGamal for encryption, and DSA for digital signing.

## History of public key cryptography, (Open)PGP, and Enigmail

Public key cryptography was firstly discovered by James Ellis, Clifford Cocks, and Malcolm Williamson of the British GCHQ (Government Communications Headquarters) in 1975, but the discovery was filed as classified information and never divulged. In 1976 researchers Whitfield Diffie, Martin Hellman, and Ralph Merkle independently made the same discovery and published it on a paper. Then in 1977 Ronald Rivest, Adi Shamir, and Leonard Adleman provided the first practical implementation of a public key cryptography algorithm by developing the RSA cipher.

In 1991 Phil Zimmermann, a free speech activist and anti-nuclear pacifist, developed Pretty Good Privacy (PGP), the first software available to the general public that utilized RSA for email encryption and signing. Zimmermann, after having had a friend post the program on the worldwide Usenet, got prosecuted by the U.S. government; later he was charged by the FBI for illegal weapon export, because encryption tools were considered at such. All charges were eventually dropped. Zimmermann later founded PGP Inc., which is now part of Symantec Corporation.

In 1997 PGP Inc. submitted a standardization proposal to the Internet Engineering Task Force. The standard was called **OpenPGP** and defined in 1998 in the IETF document RFC 2440. The latest version of the OpenPGP standard is described in RFC 4880, published in 2007.

PGP is now a well-known commercial product for communication security and privacy in corporate, business and home environment.

Nowadays there are many OpenPGP-compliant products: the most widespread is probably GnuPG (GNU Privacy Guard, or GPG for short) which is developed since 1999 by Werner Koch. GnuPG is free, open source and available for several platforms. It is a command-line only tool, which means that it does not have a graphical interface.

Enigmail, first released in 2001 by Ramalingam Saravanan and maintained by Patrick Brunschwig since 2003, is an extension for Mozilla-based mailclients. Initially, Enigmail was developed for the Mozilla Suite (now SeaMonkey), and later Thunderbird. Since Thunderbird 78, OpenPGP is part of the product and Enigmail is no longer needed. Enigmail still works on Postbox and Interlink Mail & News. It interfaces seamlessly with GnuPG and provides a GUI to make easy for everyone to securely encrypt, decrypt, sign, and verify the signature on email messages.

Enigmail, GnuPG and the Mozilla mailclients are free and open source software (except for Postbox). They can be downloaded, copied and used for free. As open source projects, their source code is available for everyone who desires to examine or customize it.

OpenPGP-compliant software, in all its variants, is the most famous and widely used public key encryption software in the world. Since its creation it has allowed people in both totalitarian and democratic countries to enjoy privacy, enforce free speech, fight censorship, and protect human rights. It makes use of the strongest ciphers known in the scientific literature, and if utilized properly it is virtually unbreakable.