Cryptography
Comparison of the four encryption methods: S/MIME, PGP, Message Portal and PDF Encryption.
Cryptography in Conbool
Conbool supports four methods for secure email communication: S/MIME, PGP, the Conbool Message Portal and PDF Encryption.
All approaches offer high security but differ in functionality, trust model and user-friendliness.
Comparison of Methods
| Feature | S/MIME | PGP | Message Portal | PDF Encryption |
|---|---|---|---|---|
| Trust Model | Hierarchical: Certificates are managed by a Certificate Authority (CA). | Decentralized: Web of Trust, where users mutually verify each other's keys. | No key management: Authentication is done via short-lived magic links. | Password-based: Shared or self-chosen password. |
| Cost | Often paid (depending on CA certificates). | Available for free (e.g., via GnuPG). | Included in the Conbool package, no external certificates required. | Included in the Conbool package, no additional effort. |
| User-friendliness | High integration in email clients, certificates are automatically embedded. | Requires technical knowledge, keys must be manually generated and distributed. | Very simple: Users only need the email link, no additional software. | Very simple: Recipient only needs a PDF reader and the password. |
| Application Area | Integrated by default in clients like Outlook or Apple Mail. | Additional software or plugins required (e.g., Thunderbird with Enigmail). | Platform-independent, usable on any device with a browser. | Ideal for government agencies and recipients without certificates or portal access. |
| Security Aspects | Dependent on the security of CAs; compromised CAs pose a risk. | High security through decentralization, but requires disciplined key maintenance. | Cryptographically strong one-time links, time-limited and session-bound. | AES-256 encryption, security depends on password strength. |
Advantages and Disadvantages at a Glance
S/MIME\
Advantages:
- Automated key exchange through certificates
- Broad support in common email clients
- Centralized and easy-to-manage certificates
Disadvantages:
- Dependency on paid certificates
- Trust is based on the security of Certificate Authorities
- Less flexible for small organizations or private users
PGP\
Advantages:
- Open source and free of charge
- Decentralized trust model with maximum self-control
- High flexibility, especially for private users and specialized scenarios
Disadvantages:
- More complex setup and management
- Lower integration in standard mail clients
- Increased error susceptibility with improper key management
Message Portal\
Advantages:
- No keys or certificates required
- Easy access via browser, also for external recipients
- Very low barrier to entry for secure communication
Disadvantages:
- Dependent on the Conbool platform
- No full integration in existing mail clients
- Access only possible online
PDF Encryption\
Advantages:
- No certificate, no key, no portal access required
- Recipient only needs a PDF reader (Windows-native)
- Ideal for government agencies with link restrictions (BSI baseline protection)
- Pre-shared mode: Agree on password once, then automatic
- Attachments are embedded directly in the encrypted PDF
Disadvantages:
- Security depends on password strength
- Encrypted replies only possible via portal (Self-Service)
- Recipient must receive password separately (phone/letter)