A brief comparison between S/MIME and PGP

S/MIME and PGP are ways to offer secure email. S/MIME is an extension of MIME (Multipurpose Internet Mail Extensions, a way of offering more than just ASCII to an email, such as rich media via attachments) and PGP stands for Pretty Good Privacy.

S/MIME, originally developed by RSA, is now maintained by the IETF (Internet Engineering Task Force) and is currently on version 3. S/MIME offers secrecy using encryption and/or authentication via digital signatures.

S/MIME with authentication without encryption provides integrity and data origin authentication to the email. The sender sends an email and signs the email using their digital signature, the email is sent to the receiver in the clear (no confidentiality required) with the signature as an appendix. The receiver can use the sender's public key (commonly attached to the email) to verify the authenticity of the email. This process is not normally a manual process, Microsoft Outlook for example alerts the receiver if the signature is not valid, or the email has lost integrity during transit. Just as with SSL/TLS there is a need to verify the x509 certificates and their certificate chain.

The S/MIME entity that is created as an appendix to the clear text email is created by taking the MIME entity, processing it to create a PKCS (Public Key Cryptography Standard) object, and then base64 encoding that. (It needs to be encoded like that as emails need their content in ASCII). The result is appended to the email as a new content-type multipart.

S/MIME with authentication and confidentiality can be offered as well. This allows the message to be encrypted as well as signed (authenticated). S/MIME enveloped data subtype deals with encryption. The basic premise works as so: The client generates a symmetric key, which is encrypted using the recipient's public key (notice here that you need to have the public key of the receiver beforehand to be able to send an encrypted message). The mail client then creates a PKCS object that contains the RecipientInfo block (algorithms used), the symmetric key, EncryptedContentInfo (algorithms used) and the encrypted content. This is all base64 encoded and added to the email. This time though there is no clear text version of the email contents.

One of the key things about S/MIME is it uses a public key infrastructure to allow the signing and verification of messages. This model is the same model SSL/TLS uses and could explain why S/MIME has become the most common way of securely sending emails unlike PGP which is still used but has never taken off as well as S/MIME.

PGP does not traditionally use the same centrally managed certificate PKI model (there are newer implementations that now do), it uses a method knows as a 'PGP Key Ring'. This is a database of public keys to which a user may wish to contact. Usually the user adds public keys to his/her key ring overtime. The private keys are obviously only held be their owners and not held on the key ring. The idea behind the PGP Key Ring is users are supposed to sign other people's public keys, this signing is an act of assurance that you are satisfied that the public key genuinely belongs to the person it claims to be. This group signing of keys, is known as a web of trust, and although has merit in the design and idea, it just has not caught on as much as the PKI chained certificate model.

S/MIME appears therefore to be better suited for all uses, especially large implementations. Whereas PGP seems to be better suited for smaller environments, maybe a small society. The lack of compatibility for PGP and S/MIME to work together has also meant people are more likely to follow the masses and use S/MIME as their choice for securing email.