This is how it works under the hood. Bear in mind, all the happens automatically with EncryptUs.
When a user sets up EncryptUs, two keys are generated based on the users email address. The 1st key is called a public key, and can be shared with other correspondents. The 2nd key is called a private key and the user must keep this secret.
Now, the email message is first encrypted with a session key. This key is used only once.
So we have 3 keys.
1. Public Key
2. Private Key
3. Session Key - encrypts the email message.
The email message and the session key must be sent to the recipient so they can decrypt the message. But first the session key must be encrypted with the receivers public key.
When the receiver receives the email message, they can decrypt the session key with their private key, and then use that decrypted session key to decrypt the email message. EncryptUs does this all automatically so it's just like normally sending and receiving an email.
Plus, EncryptUs is free to use.