News

New Update - MailXaminer Introduces its New Subscription Plan

News

New Update - MailXaminer Introduces its New Subscription Plan

Home » Blog » Forensics » How to Decrypt Outlook Email? Remove S/MIME & OpenPGP Encryption

How to Decrypt Outlook Email? Remove S/MIME & OpenPGP Encryption

Decrypt-Outlook-Email-Data
author
Published By Mohit
Anuraag Singh
Approved By Anuraag Singh
Published On August 21st, 2024
Reading Time 7 Minutes Reading
Category Forensics

Are you looking for a way to decrypt Outlook email? Then, we can help you with an efficient solution for the same. Instantly remove S/MIME & OpenPGP encryption from Outlook email using the trustworthy MailXaminer Email Examiner Software. Bypassing email encryption is a common requirement for forensic investigators during the email investigation of an Outlook email message.

Table of Contents

With the help of this write-up, you will get detailed knowledge about how to encrypt and decrypt Outlook emails in an efficient manner.

Decrypt Outlook Email

Why We Need Email Encryption?

Encryption is the most common data security mechanism used to maintain the confidentiality of digital data. Encryption transforms a message into a secure code limiting access to a select set of recipients.

After composing a message the sender uses an encryption key to convert the plain text into ciphertext. On the receiver end too a decryption key is required for opening and viewing the contents in human-readable form.

This keeps digital data confidential while transmitting over the internet. As a result, it helps to protect the data from intruders.

The two main types of encryption used to protect the data are symmetric-key encryption & asymmetric-key encryption.

  • Symmetric Key Encryption: In symmetric key encryption, the same key is used for the encryption and decryption of the data.
  • Asymmetric Key Encryption: It is also known as public-key encryption. In this, for both encryption and decryption processes, different keys are required. The keys are known as the public key and private key.

Before discussing how to decrypt an Outlook email, it is necessary to understand the encryption process for the same. We all know that Microsoft Outlook is one of the most commonly used desktop-based email applications. At the same time, Outlook users are pretty concerned about the security of their data.

For that, encryption is the best way to secure all the PST mailbox items. Besides understanding the encryption and decryption of Outlook email messages. Additionally, we will also shed light on the analysis of emails after removing encryption from an Outlook email message.

Before starting the encryption process, users have to obtain a digital certificate / digital ID and install it in the Outlook application. There are several Microsoft-approved sources available in which COMODO provides a S/MIME email certificate and a digital ID, which automatically adds the certification.

Digital ID Installation Process to Decrypt Outlook Email Data

1: Click on the File tab of Outlook and select Trust Center from the options

2: Select the Email Security tab from the Trust Centre Settings

3: Under the Encrypted Email section, click on the Settings button and choose New for the security preference

4: Enter the Name for the security settings and select S/MIME for the cryptographic format list

5: Click the Choose button and select the valid certificate for the Digital Signature

6: At last, mark the checkbox corresponding to “Send these certificates with the signed messages”.

After the successful installation of the Digital ID, one can easily start with the email encryption process directly.

Now, in the upcoming section, we will describe how to encrypt Outlook emails. Encryption covers attachments as well so you must keep this in mind while finding attachments in Outlook email chain investigation.

Encryption of Individual Outlook Emails

1: Navigate to the Options tab from the Outlook application and select Dialog Box Launcher from the More option

2: Now, click the Security Setting button from the Properties window

3: Enable the Encrypt Message Contents and Attachment options from the Security properties

4: After this, you can write and send an email, this auto-encrypts the entire message. Only the recipient can view the encrypted form.

Encryption of All Outlook Emails

With the following steps, one can encrypt all their Outlook emails. Before implementing this procedure, a user must ensure that all their recipients have the same Digital ID to decrypt the Outlook emails.

1: Click on the File tab and go to Trust Center from Options

2: Select the Email Security tab from the Trust Center Settings

3: Go to the Encrypted Email section and mark the checkbox that corresponds to the Encrypt Contents and Attachments for Outgoing Messages option

4: Now, click OK. To change the Encryption options, click on the Settings button.

With the aforementioned procedure, one can efficiently encrypt Outlook emails. Encryption does not prevent you from searching keywords in Outlook. Now, from the below section, we will understand the tactics used to decrypt the Outlook message, which requires the same digital certificate.

Procedure to Decrypt Outlook Email with S/MIME/OpenPGP Encryption

Most of the time, for security reasons, users tend to encrypt confidential email messages. As a result, investigators need to perform the decryption process, which requires a decryption key. Without the keys, it is not possible to remove encryption from the encrypted Outlook emails.

Following are the steps to remove encryption from the Outlook email using the remarkable computer forensic software.

1: Launch the software, and click the Add New Evidence option to upload the email data file.

add-new-evidence

2: Then, under the Email Client tab select Microsoft Outlook for email decryption and Press Next.

microsoft-outlook-evidence

3: Enable the Detect Digital Signature and Encryption option and Remove Encryption option from the Decryption Settings section as shown in the image below.

  • Detect Digital Signature and Encryption: This will help to detect the digital signs and encrypted emails from the mailbox.
  • Remove Encryption: This option allows to decrypt Outlook email message.

desryption-settings

4: Users can decrypt via the Add Keys option or the Upload CSV option.

add decryption keys

5: Select the Add Keys option and choose the appropriate encryption which corresponds to the file i.e., S/MIME or OpenPGP.

After that, provide the Key File and Password of the respective file to remove encryption from Outlook messages. Users can also add multiple keys here using the Add Additional Keys option.

encryption-technology

6: In order to upload a CSV file to decrypt Outlook email evidence  with multiple keys. You need to choose Upload CSV radio button from the Decryption Settings section and browse the corresponding CSV file.

upload-csv file to decrypt Outlook mail

Once the process is complete switch to the Search screen to view the unencrypted data. After which, the investigation officers can thoroughly examine the decrypted email message.

Final Words

It is quite challenging for forensic investigators to examine encrypted Outlook emails. Hence, there comes a need to decrypt Outlook email. One can seamlessly rely on the steps mentioned in this article to remove encryption from the Outlook message. Moreover, to decrypt SMIME/ OpenPGP encrypted emails, it is a wise option to avail the result-oriented Email Forensics Software.

Frequently Asked Questions

Why am I not seeing the encryption/decryption setting in my Outlook app?
The ability to encrypt emails unlocks only after you subscribe to a Microsoft 365 plan. Another reason could be that admins have disabled the feature from their end.
If you have a premium version of the business plan then ask the person with global administrator permissions to open an Exchange Online PowerShell and type

Set-IRMConfiguration -SimplifiedClientAccessEnabled $true

How to disable encryption in classic Outlook at the user level?
First of all, understand that disabling encryption is different from decryption. The former means to end encryption ability in all further user-generated messages while the latter means to undo any encryption on the message itself.
The following steps allow users to do away with the encryption options on Outlook.

However, do so with extreme caution as this involves changes in the Windows Registry, any unintended changes can make the apps dysfunctional.
These steps disable your ability to apply encryption. Moreover, any emails received from outside are not bound to this change.

  • Open Registry Editor, go to: 
    HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\DRM
  • Click Edit > New > select DWORD (32-bit) Value.
  • Type DisableEO, and hit the Enter key.
  • Right-click DisableEO, and select Modify.
  • Inside the Value data box, put 1, and click OK.
  • Click Edit > New > select String Value.
  • Type DefaultPermissionTemplateGuid, and hit the Enter key.
  • Right-click DefaultPermissionTemplateGuid, and hit Modify.
  • Inside the Value data box, put irmdnf, and click OK.
  • Close Registry Editor.

 

author

By Mohit

Mohit, a renowned digital and cyber forensics expert, specializes in extracting, analyzing, and preserving digital evidence. He helps organizations protect their sensitive data from cyber threats by uncovering hidden clues and providing actionable insights. Mohit's commitment to staying updated with the latest industry trends ensures he delivers valuable articles on safeguarding organizations from emerging cyber risks.