A digital envelope allows you to encrypt data with the speed of secret-key encryption and the convenience and security of public-key encryption. With a digital envelope, there is no need to communicate via plain text the Secret Key required to decrypt the data.
You can create a digital envelope by:
Encrypting the plain text or compressed plain text with a Secret Key using a secret-key encryption algorithm such as Rijndael or Twofish.
Encrypting the Secret Key itself with the recipient's Public Key using a public-key encryption algorithm such as RSA.
You can decrypt a digital envelope by:
Decrypting the Secret Key using the recipients Private Key.
Decrypting the encrypted data using the Secret Key.
Decompressing the resulting plain text if it was compressed.
The popular PGP encryption algorithm is a form of digital envelope. It traditionally uses the Deflate compression algorithm to compress the plain text, then it uses Triple-DES, IDEA or CAST5 to encrypt the plain text and it uses ElGamal or RSA to encrypt the Secret Key.
The Xceed Encryption Library provides everything you need to create and decrypt digital envelopes.