Why everyone uses envelopes but few encrypt emails?

I am always puzzled by the fact that everyone puts envelopes on their
personal letters but very few people encrypt emails, even though emails
are much less secure than postcards (they can be easily copied, stored,
searched, and analyzed).

My guess is that it is because most email encryption systems do not
really work like envelopes. Envelopes have several superb properties
that general email encryption systems do not have.

1. It is very easy to use.
2. It can send to anyone who has a mailbox, not requiring the recipient
to do anything before you can send the letter.
3. Although it does not guarantee that nobody else except the recipient
can read the letter - in fact, anyone can tear the envelope to open
it, but a torn envelope will alert the recipient that the letter has
been spied upon.
4. You always have the possession of the letter after receiving it.

Most email encryption systems are difficult to use, requiring both the
sender and recipient to go through complex procedures to generate
public/private keys and install certificates BEFORE a message can be
sent. They cannot "send-to-anyone." Some systems claim the capability
of "send-to-anyone", but the messages are usually stored in a central
server so you do not really have the possession of the letter, and
there is no guarantee that the message cannot be spied upon without
being noticed.

There is a company that claims having developed an email encryption
system that truly works like envelopes (http://www.easecure.com/). The
system has all the 4 properties listed above. Better yet, after you
open one "paper envelope," all the "envelopes" sent to the same address
will turn into "steel envelopes" that nobody can break. (If you open
the first message, you will have a public key, and all future message
will be encrypted by your public key.)

Anyone wants to comment on the merits of this system and whether it
will succeed in persuading everybody to put an envelope on every
personal email?

.

Relevant Pages

  • Re: Encrypting Data for multiple recipients
    ... the sender's certificate, unless you also apply SignedData as well. ... the EnvelopedData blob as the recipient's cert Serial Number, ... example) must look through these recipient parameters, ... >>The common method for multiple recipient encryption ...
    (microsoft.public.platformsdk.security)
  • Re: Signatures and encryption headers
    ... There is no notion of time in the encryption header. ... to decrypt the payload. ... A key index that indicate the recipient which key to uses to decrypt ...
    (sci.crypt)
  • Re: Signatures and encryption headers
    ... Let say I have a payload of data I want to encrypt and sign. ... The system support various formats for encryption, ... A key index that indicate the recipient which key to uses to decrypt ... The encryption header, payload and signatures are sent to the ...
    (sci.crypt)
  • Re: Is YellowCrypt OK?
    ... > the recipient wants to read a message, ... > he has repeatedly downloaded something from a web site that provides ... * YellowCrypt non-installed no, because if started from the YellowCrypt ... to be no trace of encryption usage? ...
    (sci.crypt)
  • Re: Encrypting E-mails
    ... I don't recall if headers are included in the hash value ... message will definitely screw up the validity of the encryption. ... recipient can probably still read the message (if the alteration was ... The encryption is a MIME part within the body of the message ...
    (microsoft.public.windows.inetexplorer.ie6_outlookexpress)
Quantcast