A digital envelope is a secure electronic data container that is used to protect a message through encryption and data authentication. A digital envelope allows users to encrypt data with the speed of secret key encryption and the convenience and security of public key encryption
Reasons for using digital envelopes include the following:
- You are sending confidential data or documents across (possibly) insecure communication lines.
- You are storing confidential data or documents, for example, company-internal reports.
- You have access to the public key of the intended recipient.How to obtain access to the public key depends on the public-key infrastructure of your organization.
- You have a digital document to protect.
■ Addresses weaknesses of public key encryption (computationally slow, decreases transmission speed, increases processing time) and symmetric key encryption (faster, but more secure)
■ Uses symmetric key encryption to encrypt document but public key encryption to encrypt and send symmetric key
- The message is encrypted using symmetric encryption.Typically, a newly generated random message key (secret key) is used for the encryption.Symmetric encryption means that the same key (a secret key) is used for both encryption and decryption. Anyone wanting to decrypt the message needs access to this key.
- To transfer the secret key between the parties, the secret key is encrypted using the public key of the recipient.
- The encrypted document and the encrypted message key are packed together in a single data packet to save or send to the intended recipient.