Nowadays, data can be sent digitally, for example as an email. For various reasons, conventional emailing is not suitable for confidential information. On the one hand, neither the sender nor the recipient can be unequivocally identified. This means that the recipient of an email cannot be sure that the sender is, in fact, the person or institution who or which is specified as the sender. On the other hand, the information is openly transmitted, which means that wrongly sent emails can be read by the incorrect recipient. In addition, the provider of the email function, via the server of which the email is transmitted, can take note of the information from the email.
The content of electronic messages can be protected by an end-to-end encryption, so that the message cannot be read by any third party when being conveyed from the sender to the recipient. Here, a sender must cryptographically encrypt a message or a part of a message and the recipient must decrypt the message. The encryption can be a symmetric encryption; in this case encryption and decryption are based on the same key. Alternatively, the encryption can be an asymmetric encryption; in this case the encryption can be based on a public key of a key pair of a user and the decryption can be based on a private key of the key pair. Traditionally, the recipient has to manage and protect his key or keys independently, the latter both against a loss as well as against unauthorised reading of a message by a third party. In addition, the recipient has to make the key required to encrypt the message accessible to the sender. The installation of software modules and possibly additional devices, such as card readers, are also required on the part of the recipient.
A trust centre can support the generation and management of keys. In particular, a trust centre can provide recipients with a secure storage of keys, in order to prevent the loss of a key. For this purpose, however, the recipient must not only enter into a contractual relationship with an email provider or another message deliverer but additionally must enter into another contractual relationship with the trust centre. A sender may have to retrieve keys for a plurality of recipients from a plurality of trust centres and make sure that he is in each case using the correct key of the recipient when encrypting a message. A trust centre can additionally issue certificates for electronic signatures to certify the identity of a communication partner.
In one variant, a message deliverer can act as a complete provider for secure message transmission. The applicant provides such a process with the E-Postbrief for example. Both the recipient and the sender then require only one contract with the message deliverer and they are provided with all necessary functions for secure communication. A trust centre can at the same time create a key for a user which is then managed by the message deliverer. A sender can obtain the required keys from the message deliverer and also deliver messages there. In order that no technical or organisational measures are required at all on the part of the recipient, the encrypted messages can already be decrypted on the part of the message deliverer on a server of the message deliverer when the message is retrieved by the recipient and transmitted to the recipient via a secure connection. By having high requirements regarding identification of the participants and by providing an address qualification service, the message transmitter can also determine or check, for the sender, the recipient's address and ensure correct delivery.