PGP vs S/MIME — which email encryption protocol should you use?

Both PGP and S/MIME predate the modern web. Both can encrypt and sign email. Both are still in active use. The difference is who you trust to vouch for keys — and that single distinction reshapes the rest of the choice.

Trust model

PGP uses a "web of trust" — any user can sign any other user's public key, vouching that the key really belongs to them. There is no central authority. Trust is established through direct exchange (in person, fingerprint verification) or transitively through people you already trust.

S/MIME uses a centralised PKI — a Certificate Authority issues your email certificate after verifying your identity (often just by sending an email to that address and asking you to click a link). Other people trust your S/MIME signature because their email client trusts the CA, not because they trust you directly.

Practical differences

• PGP keys are free and self-issued. S/MIME certificates cost $0–$80/year and require a CA application.
• PGP works with any email client (or web app like this one). S/MIME requires native support, which Apple Mail and Outlook have, but most webmail does not.
• PGP keys typically last years and are rotated by the user. S/MIME certs expire annually.
• PGP encrypts only the message body. S/MIME wraps the entire email including some headers, but the subject line is in plaintext for both.

Security

Both use modern algorithms (RSA / ECC + AES) and both are cryptographically sound. The interesting differences are operational.

S/MIME's reliance on CAs is a single point of failure. A compromised or coerced CA can issue valid-looking certs for any email address. PGP's web of trust has no such central target — the cost of a successful attack is forging trust signatures from many independent users, which is much harder.

PGP is more vulnerable to user error in key management. Without a CA stamping things, recipients have to verify fingerprints themselves. Skipped fingerprint checks are how most real-world PGP attacks succeed.

Recommendation

• Use PGP if you correspond with technical users, journalists, security researchers, or open-source maintainers — the people who already publish keys.
• Use S/MIME inside a corporate environment where IT issues certs to all employees, or for regulated industries (healthcare, legal, finance) where compliance auditors expect CA-issued certificates.
• You can use both. Most email clients will pick whichever the recipient supports.