Why Are Email Encryption Methods So Complicated

The goal of email encryption is to prevent unauthorized individuals for viewing and modifying data before the message reaches its intended recipients. Several method are available to accomplish this goal. Unfortunately, some are too complicated to implement while others are too cumbersome to use. This page lists different methods to accomplish this task and also their pros and cons.

This method has been used for years and it works. The problem: it's not very easy for a non-technical person to implement it.

Conceptually, the sender signs an email with the recipient's public key. The only way to decrypt this encrypted email is now with the recipient's private key. Since no one but the recipient should have access to his/her private key, the message stays encrypted throughout its journey.


  • It works

Problems - To complicated to implement

  • Most non-technical users do not know what public/private keys are
  • How will the sender get recipient's public key
  • Must use email clients that are capable of using OpenPGP. For example, may not work with certain mobile devices
Because of the complexities in creating and obtaining public/private keys, this method is not used widely in the industry.

Transport-Level Encryption
Most email servers use TLS/SSL to secure the communication. The best part is that this method almost always works and end-users do not have to do anything.


  • No burden on end-users

Problems - It's not End-to-End

  • This is not End-to-End encryption. It only secures the communication between two computers during communication
  • Once the message reaches the other end, anyone can view and/or modify the message

PDF based Encryption
This method is the easiest way to accomplish end-to-end encryption.

The sender of the message adds some special characters in the email, which is picked up by the email server. The email server converts the original email into a password-protected PDF file. The actual password is decided either by the sender or a pre-defined rule specified on the server.

For example, when sending a blood report a doctors office could use the last 4 digits of the patient's Social Security number to encrypt the PDF file.


  • Easy to implement
  • No plugins required. Can work with any client including mobile devices.
  • No expiration date on the message
  • Internet connectivity is not required to view a previously downloaded message


  • None

Web-based Encryption
This method is also very easy to implement and does not require any special plugin/software on the sender's end. Conceptually, when pre-defined keyword(s) are found in the email, the email server creates a web-based link for the recipient to access it.


  • Easy to implement
  • No plugins required. Can work with any client including mobile devices.


  • Burdens the recipient to create an account on the sender's email system
  • The communication is not longer based on email. Instead, it becomes a web-based chatting application
  • Messages typically have an expiration and cannot be accessed after some time
  • Messages cannot be viewed without Internet connectivity


Social Media

Powered by 10MinutesWeb.com