Cryptography

Comparison of the three encryption methods: S/MIME, PGP and Message Portal.

Cryptography in Conbool

Conbool supports three established methods for email encryption and digital signatures: S/MIME, PGP and the Conbool Message Portal.
All three approaches offer high security but differ in functionality, trust model and user-friendliness.

Comparison of Methods

Feature	S/MIME	PGP	Message Portal
Trust Model	Hierarchical: Certificates are managed by a Certificate Authority (CA).	Decentralized: Web of Trust, where users mutually verify each other's keys.	No key management: Authentication is done via short-lived magic links.
Cost	Often paid (depending on CA certificates).	Available for free (e.g., via GnuPG).	Included in the Conbool package, no external certificates required.
User-friendliness	High integration in email clients, certificates are automatically embedded.	Requires technical knowledge, keys must be manually generated and distributed.	Very simple: Users only need the email link, no additional software.
Application Area	Integrated by default in clients like Outlook or Apple Mail.	Additional software or plugins required (e.g., Thunderbird with Enigmail).	Platform-independent, usable on any device with a browser.
Security Aspects	Dependent on the security of CAs; compromised CAs pose a risk.	High security through decentralization, but requires disciplined key maintenance.	Cryptographically strong one-time links, time-limited and session-bound.

Advantages and Disadvantages at a Glance

S/MIME\

Advantages:

Automated key exchange through certificates
Broad support in common email clients
Centralized and easy-to-manage certificates

Disadvantages:

Dependency on paid certificates
Trust is based on the security of Certificate Authorities
Less flexible for small organizations or private users

PGP\

Advantages:

Open source and free of charge
Decentralized trust model with maximum self-control
High flexibility, especially for private users and specialized scenarios

Disadvantages:

More complex setup and management
Lower integration in standard mail clients
Increased error susceptibility with improper key management

Message Portal\

Advantages:

No keys or certificates required
Easy access via browser, also for external recipients
Very low barrier to entry for secure communication

Disadvantages:

Dependent on the Conbool platform
No full integration in existing mail clients
Access only possible online

Further Information

S/MIME – Setup and certificate management
PGP – Key management and usage
Message Portal – Usage without keys or certificates

Cryptography

Comparison of the three encryption methods: S/MIME, PGP and Message Portal.

Cryptography in Conbool

Comparison of Methods

Feature	S/MIME	PGP	Message Portal
Trust Model	Hierarchical: Certificates are managed by a Certificate Authority (CA).	Decentralized: Web of Trust, where users mutually verify each other's keys.	No key management: Authentication is done via short-lived magic links.
Cost	Often paid (depending on CA certificates).	Available for free (e.g., via GnuPG).	Included in the Conbool package, no external certificates required.
User-friendliness	High integration in email clients, certificates are automatically embedded.	Requires technical knowledge, keys must be manually generated and distributed.	Very simple: Users only need the email link, no additional software.
Application Area	Integrated by default in clients like Outlook or Apple Mail.	Additional software or plugins required (e.g., Thunderbird with Enigmail).	Platform-independent, usable on any device with a browser.
Security Aspects	Dependent on the security of CAs; compromised CAs pose a risk.	High security through decentralization, but requires disciplined key maintenance.	Cryptographically strong one-time links, time-limited and session-bound.

Advantages and Disadvantages at a Glance

S/MIME\

Advantages:

Automated key exchange through certificates
Broad support in common email clients
Centralized and easy-to-manage certificates

Disadvantages:

Dependency on paid certificates
Trust is based on the security of Certificate Authorities
Less flexible for small organizations or private users

PGP\

Advantages:

Open source and free of charge
Decentralized trust model with maximum self-control
High flexibility, especially for private users and specialized scenarios

Disadvantages:

More complex setup and management
Lower integration in standard mail clients
Increased error susceptibility with improper key management

Message Portal\

Advantages:

No keys or certificates required
Easy access via browser, also for external recipients
Very low barrier to entry for secure communication

Disadvantages:

Dependent on the Conbool platform
No full integration in existing mail clients
Access only possible online

Further Information

S/MIME – Setup and certificate management
PGP – Key management and usage
Message Portal – Usage without keys or certificates