Is S/MIME encryption anonymous?

No, it isn’t.

Any mail headers and the S/MIME encryption table are more or less readable:

All mail recipient’s addresses and the mail subject are not encrypted.
Also, all names of certificate issuers are in clear and can be decoded by ASN.1 tools, like OpenSSL.
This is also the case if you send your mail to one or more BCC recipients – they can be disclosed by the S/MIME encryption table, because there is only one mail transmitted to the SMTP server (at least, iOS Mail is doing so). So avoid BCC if you encrypt mails.

In summary, S/MIME encryption protects the content of mails, but not the identities.

Advertisements