Alice & Bob
    Identity CA
    MTA Identity
    MTA Transport

Receiving an E-Mail

Receiving a message is a task of similar complexity to the one sending a message. Unlike sending a message, receiving a message happens in chunks, i.e. the header, the body and each attachment get fetched individually. This makes mail handling faster and more responsive and it prevents so called pattern attacks (1). The following steps are required to fetch an e-mail:

  1. The user establishes an authenticated connection to their MTA and triggers a message download.
  2. The system uses the recipients private key to decrypt the sender identity.
  3. It visits the senders MTA to fetch the identity that was used to sign the message, i.e. the senders public key.
  4. The system validates the identity certificate and
  5. validates subsequently the digital signature on the message part
  6. The system does a check of the time-stamp (2)
  7. and decrypts the message afterwards.

All those steps are done for each part of a message, i.e. for the message header, the message body and of course each individual attachment.
Steps required to fetch a message
Steps required to fetch a message
1) A pattern attack can be used to match sender and receiver of a particular mail based on the size of the encrypted message.
2) Time-stamping prevents successfully so called replay-attacks. A replay-attack is one where a malicious attacker sends an old, intercepted message again causing confusion at the recipients side.