Is email encryption method had disadvantages?
emails are encrypt by secret key, cryptograph the messages and secret key is encrypt by the receiver's public key.
receiver's private key decrypt the secret key.
so, secret key decrypt the messages body.
* but i can't find weak points.
if you know plz reply me.
One disadvantage is that if you plan on sending encrypted email to someone, you have to first have their public key.
If someone wants to send you an encrypted message, they have to have your public key.
How do you plan on exchanging all of these public keys? This works well within an intranet where distribution is very easy using various methods. Not so easy over the internet with people you dont know.
You can also use symmetric encryption, where the same key is used to decrypt the message as is used to encrypt it. Depending upon the encryption algorithm used, this can be more secure than public key encryption when JorgeM talks about. The major issue with this is how to securely exchange keys with the other party. Obviously, if you can make the exchange personally without sending over the network or other public communication medium, then it is a true private key exchange.
In fact, a lot of secure communication is handled this way, after a fashion. The cost to encrypt/decrypt using public key pairs is high in computer cycles and time, so often a symmetric key is transmitted using a public key system (such as PGP). That key is much shorter than a communication that may be hundreds or thousands of pages of data, so you pay a lot for a little message (the symmetric key) and less for the bigger part of the communication.
A great book that covers these subjects in a very readable manner is Bruce Schneier's "Applied Cryptography". First published in 1994, it is the "bible" of many professional security engineers today.
This is an addendum about "Applied Cryptography" by Bruce Schneier - this was posted in his "Schneier on Security" blog yesterday - a link to an online copy of the 2nd edition of the book. Since he posted the link, I have to think it is ok with Bruce to repost in forums like this... :-)