What is email encryption?

Email encryption disguises the content of an email message so that it cannot be viewed or tampered with by unauthorized parties.

Learning Objectives

After reading this article you will be able to:

  • Define ‘email encryption’
  • Explain how email encryption works
  • Learn the primary types of email encryption

Related Content


Want to keep learning?

Subscribe to theNET, Cloudflare's monthly recap of the Internet's most popular insights!

Refer to Cloudflare's Privacy Policy to learn how we collect and process your personal data.

Copy article link

What is email encryption?

Email encryption is a method of disguising content in an email message to prevent unauthorized parties from viewing or altering it. Encryption disguises this content by encoding it — in other words, using a cryptographic key* to change readable text into indecipherable combinations of randomized characters. Using a key, the recipient’s email provider is able to decode the text and reveal the content of the email message once it has been safely delivered to the intended inbox.

Many email providers use encryption to securely transmit messages between the sender and recipient’s email servers. This can help ensure that attackers do not intercept emails while they are in transit, allowing them to view, alter, or steal the sensitive information those messages contain. However, some email services do not offer encryption, which leaves users more vulnerable to data theft and other attacks.

*A cryptographic key is a string of characters that a cryptographic algorithm uses to scramble data.

How does email encryption work?

Email encryption is handled by email service providers, which are responsible for storing, transmitting, and receiving email messages between users. There are two primary methods of encrypting emails: transport-level encryption and end-to-end encryption.

Transport-level encryption

Transport-level encryption uses the Transport Layer Security (TLS) protocol to encrypt and decrypt email messages. It is also responsible for authenticating the identity of the servers involved in transmitting email messages, so that attackers cannot intercept the messages.

The process of encrypting messages and authenticating the identity of the client (i.e. user device) and web server is called a TLS handshake, which is carried out in four steps:

  1. The client and server agree on the version of TLS that will be used to establish a connection.
  2. The client and server agree on the cipher suite (or algorithms) that will be used to determine the encryption keys for that session.
  3. A TLS certificate is used to verify the identity of the server.
  4. Encryption keys* (also known as session keys) are generated and used to encrypt the message after the handshake is completed.

Transport-level encryption protects emails during the SMTP process. SMTP, or Simple Mail Transfer Protocol, is an email delivery protocol responsible for exchanging data between an email client and server. During this process, an email message is typically transferred to multiple email servers before it reaches its intended destination; TLS encryption ensures that the message is protected between relays from server to server. Each server-client or server-server connection uses a new TLS handshake process. This means that the message is briefly decrypted and then re-encrypted for each hop. (Learn more about how SMTP works.)

To visualize this process, imagine that Alice is sending a gift from San Francisco to Tokyo. They place the gift inside a box, which keeps the contents private and secure (just as encryption keeps the content of an email message private). They give the package to a postal carrier, who delivers it to a local post office. The package is inspected to make sure that the content and the delivery information are both correct. Then, it is shipped to Tokyo, where it goes through customs and is inspected again. Finally, the package is transferred to a local post office for delivery, where it undergoes one last inspection before arriving at its intended destination.

This is similar to TLS encryption, in which an email is decrypted and re-encrypted by every server it travels to before it is delivered to its final destination.

*A session key is a temporary cryptographic string that is used by both parties during the TLS handshake.

End-to-end encryption

Unlike transport-layer encryption, end-to-end encryption (also called E2EE) does not decrypt and re-encrypt an email message while it is in transit. Instead, the message can only be decrypted by two parties: the sender and the final recipient of the email. This prevents third parties from intercepting an email message and snooping, altering, or copying its contents.

Like TLS encryption, E2EE uses public key encryption (or asymmetric encryption) to encrypt and secure messages between the sender and recipient. However, while TLS encrypts messages between a client and server, E2EE encrypts communication between the sender and recipient of the email — ensuring that no one, even service providers, can decrypt the message. (Learn more about how E2EE differs from TLS encryption.)

Returning to the previous example, now imagine that Alice is sending a package from one neighborhood in San Francisco to another. The package is picked up by a mail carrier and delivered directly to its final destination, without any intermediary inspections. This is similar to end-to-end encryption, in which the sender’s email message is not decrypted before it reaches its intended recipient.

Why is encryption important for email security?

When email was first developed in the 1970s, messages between users were not encrypted. All of the content an email message contained — including any sensitive data in the body of the message — was in plaintext, meaning that anyone could easily read them. This left users vulnerable to attacks, since attackers could intercept messages and steal data without having to first decrypt them.

With the development of encryption protocols, users and email providers were able to convert plaintext messages into ciphertext, preventing unauthorized parties from snooping or stealing data via a packet sniffer (a program designed to collect and analyze data transmitted over a network).

However, while these encryption protocols play an important role in securing email from attacks, they are still vulnerable to risk.

By necessity, email messages encrypted using TLS are decrypted between server relays, making it difficult to completely shield data from on-path attacks (sometimes called attacker-in-the-middle attacks) while an email is in transit. During an on-path attack, attackers intercept sensitive data before it reaches its intended recipient.

Service providers that offer E2EE, meanwhile, may incorporate encryption backdoors into their services. A backdoor is a secret way to circumvent encryption methods and access sensitive user data. Providers may use these backdoors to spy on user activity or illegally use their data.

What are some common email encryption tools?

Email encryption is typically handled by the service provider (e.g. Gmail) or configured by a user. Organizations that need strong encryption to protect their messages may use gateway software or web-based services, both of which allow them to set policies to determine which emails need to be encrypted and specify the protocol that should be used to encrypt the messages.

Some of the most common encryption tools include the following:

Encryption tool Type of encryption Advantages Disadvantages
STARTTLS is a command that tells an email server to initiate a TLS connection Transport layer
  • Used to secure SMTP and IMAP connections
  • Can be used by any email server that supports encryption, even if servers use different protocols
  • Widely supported by email providers
  • Must be configured by the recipient’s email provider
  • Messages may be intercepted between SMTP relays
  • Adds latency to SMTP connections
STLS, like STARTTLS, is a command that initiates a TLS connection for POP3 Transport layer
  • Used to secure POP3 connections
  • Can be used by any email server that supports encryption, even if servers use different protocols
  • Widely supported by email providers
  • Must be configured by the recipient’s email provider
  • Messages may be intercepted between SMTP relays
  • Adds latency to SMTP connections
Pretty Good Privacy (PGP) and OpenPGP are programs that use public and private key encryption End-to-end
  • Offers digital signatures to prove the authenticity of messages
  • Compatible with most email services
  • More difficult to configure; requires users to set up a public/private key pair
  • Does not encrypt metadata (e.g. email headers)
  • Makes it possible for third parties to identify the sender and recipient of an email
  • Not compatible with other protocols
  • Does not easily integrate with email clients
Secure/Multipurpose Internet Mail Extensions (S/MIME) is a public key encryption standard that tells servers how to encrypt MIME data End-to-end
  • Uses Certificate Authorities (CAs) to authenticate messages
  • Offers digital signatures to prove the authenticity of messages
  • Widely supported by email providers
  • Certificates need to be renewed on an annual basis
  • Does not encrypt metadata (e.g. email headers)
  • Makes it possible for third parties to identify the sender and recipient of an email
  • Not compatible with other protocols

Other email encryption protocols include GNU Privacy Guard (GPG), a free alternative to PGP, and Bitmessage, an encryption protocol patterned after the cryptocurrency Bitcoin.

Does email encryption keep email secure?

Email encryption protects the content of emails. But the content of the email messages themselves could still be insecure, or dangerous. For example, an attacker could send a fully encrypted phishing email to an intended victim, and the encryption methods they use would do nothing to stop the victim from falling for the attack.

Email security is a broad field with multiple attack vectors to address. To learn more about keeping email inboxes secure, see What is email security?