How to Decrypt Outlook Email: Remove SMIME & OpenPGP Encryption from Email Message

MailXaminer | April 23rd, 2019 | Forensics

Are you looking for a way to decrypt outlook email? Then you can relax now you are in the right place. We will provide you an efficient method to remove S MIME & OpenPGP encryption from outlook email using Digital Forensics Tool. Analysis of the encrypted emails common issue faced by the forensic investigators during the email investigation of Outlook email message In this blog we will see how to encrypt outlook emails and how to decrypt an outlook PST email.

Why We Need Email Encryption

Encryption is the most common data security mechanism used to maintain the confidentiality of digital data. The encryption process converts the message or information into a different form, which is only accessed by the authorized persons. That is while encrypting the email messages the sender use an encryption key which will convert the plain text into cipher text. If the receiver wants to access the encrypted email message in its original format then they need the decryption key with them.

The main purpose of the encryption is to protect the confidentiality of the digital data while transmitting over the internet. This help to protect the data from the intruders. Because even though they access the data during its path between the sender and receiver without the decryption key they cant extract the original information from the encrypted email data. The two main types of encryption used to protect the data are Symmetric key encryption & Asymmetric key encryption.

  • Symmetric key encryption: In Symmetric key encryption same key is used for the encryption and decryption of the data.
  • Asymmetric key encryption: It is also known as Public key encryption. In which for both the encryption a decryption process user need to use different keys. The keys are known as the public key and private key.

Before discussing how to decrypt an Outlook email it is necessary to understand the encryption process of Outlook emails. We all know that Outlook is the most commonly using desktop based email and also people are more concerned about the security of their data. Encryption is the most common and secure way to protect email data. Even though they are worried about how to decrypt outlook message into its original format. This blog will help you to properly understand the encryption and decryption of the Outlook email messages. Also, provide the knowledge to efficiently perform the email analysis by remove encryption from Outlook message.

Before starting the encryption process user have to obtain a digital certificate/ digital ID and needs to install into the Microsoft Outlook. There are several Microsoft approved sources are available in which COMODO provides SMIME email certificate and the digital ID which automatically add the certification.

Step 1: Click on the File tab of the Outlook and select Trust Centre from the Options.
Step 2: Select the Email Security tab from the Trust Centre Settings.
Step 3: Under the Encrypted email section click on the Settings button and choose New for the security preference.
Step 4: Enter the Name for the security settings and select S/MIME for Cryptographic format list.
Step 5: Click the Choose button and select the valid certificate for the Digital Signature.
Step 6: At last check the box “Send these certificate with the signed messages.

After completing the Digital ID installation process successfully user can start the email encryption process directly. In this section, we will describe how to encrypt Outlook emails in stepwise.

Encryption of Individual Outlook Emails

Step 1: Go to the Options tab of the Outlook and select dialog box launcher from the more option.
Step 2: Now click on Security Setting button from the Properties window.
Step 3: Enable the Encrypt message contents and attachment options from Security properties.
Step 4: Now you can write an email which will be received by the recipient in the encrypted form.

Encryption of All Outlook Emails

Through these steps, the user can encrypt all their Outlook emails. But the user needs to ensure that all their recipients having same Digital ID for decrypt Outlook email.

Step 1: Click on File tab and go to Trust Centre from Options.
Step 2: Select the Email Security tab from the Trust Centre Settings.
Step 3:Go to Encrypted email section and check the Encrypt contents and attachments for outgoing messages option.
Step 4: Then click OK. For changing the Encryption options click on the Settings button.

Now you all understand the importance of data encryption during the transfer of email data over the internet channels and the process of Outlook email encryption. Now we can see hoe to remove encryption from Outlook email. For decrypt Outlook message the recipient needs the same digital certificate. Follow the bellow section to understand how to decrypt an Outlook email using email forensics tool.

Procedure to Decrypt SMIME/ OpenPGP Encrypted Emails

While performing forensic analysis of the outlook email, more importance is for decrypt email in outlook. Because for the confidentiality purpose most of the email which contains important information will be in encrypted form without the decryption key it is not possible for the investigators to remove encryption from the Outlook email. Follow the steps given bellow to remove encryption from Outlook message with the help of Computer forensics software.

Step 1: Install and launch the software and click the Add evidence option to add the email file into the software.

add evidence file

Step 2: Then select the Outlook (*pst) to add corresponding email file for the email decryption and brows the file from the system. After that, click on the Scan Setting to decrypt S MIME & OpenPGP Outlook emails.

outlook pst

Step 3: Enable Detect Digital Signature and Encryption option and Remove Encryption option from the Encryption Option tab.

  • Detect Digital Signature and Encryption: This will help to detect the digitally signed and encrypted emails from the mailbox and represent by corresponding tags.
  • Remove Encryption: This option allows to decrypt Outlook email message.

Step4: From the Add Key section user can decrypt Outlook emails either using Single key or Multiple keys.

add key

Step 5: Select the Single Key option and choose the SMIME or OpenPGP from encryption Technology. After that provide the Key File and password of the respective file to remove encryption from Outlook message.

encryption technology

Step 6: For decrypt Outlook email with multiple key select Multiple Key options from the Add key section and browse the corresponding CSV file.

multiple key

After the complete process for decrypt Outlook message finished user can view the decrypted email through view option from the Home. Which will help the user to analyze the email data in a deep manner.

Final words

In the above blog, we already discuss the process and importance of email encryption. Likewise, the process of decrypt Outlook email is an important process for the forensic investigator. Follow the given steps to remove encryption from outlook message with the most efficient forensic tool. Which will help to decrypt SMIME/ OpenPGP encrypted emails and also to analyze the encrypted emails in forensic views.