Understanding Email Encryption: Nicolas T. Courtois - University College London

understanding
email encryption
Nicolas T. Courtois
- University College London
email Encryption
Conventional Encryption
2 Nicolas T. Courtois
email Encryption
Secret-Key Encryption
Bob
Alice
email Encryption
Secret-Key Encryption
Bob
Alice
email Encryption
Example
Truecrypt hard drive encryption
Danger: shared key…
If only one computer is infected…

all security gone forever (past, future, all people)
email Encryption
Asymmetric Techniques
email Encryption
Vocabulary
Public-Key Cryptography ==
Asymmetric Cryptography
there is no secret in encryption,
there is one in decryption
• A Private Key =a.k.a.= Secret Key

• A Public Key.
email Encryption
Public Key Cryptography
Public key:
can be distributed to
many parties.
Does not have to be public
email Encryption
Public Key Encryption - 3 Algorithms

r m m or invalid
Eve
encryption decryption
algorithm c c algorithm
past: setup phase
key generation
pk algorithm sk
(public key) (private key)
email Encryption
Setup / Establishing Trust

(PKI=Public Key Infrastructure)
email Encryption
SKA PKA PKA

What’s Wrong Here?
EPK(A)(m)
A B
Key management?
email Encryption
SKA PKA PKCert

Even More Wrong
PKA
EPK(A)(m)
A B
a dog?
email Encryption
SKA PKA PKCert

Right Solution with PKI
PKA
certA
h(rB), B, EPK(A)(rB, B)
A B
authentication of the key by the means of a Digital Signature

signatures suddenly needed ALSO FOR ENCRYPTION
PGP will ask us to sign keys… proof of trust
email Encryption
Digital Signatures
email Encryption
[Manual and Digital] Signatures

Two main functions:
1. Identify the signer
2. Approbation of the document.
email Encryption
Manual  Digital Signatures

Two main functions …in electronic word:
1. Identify the signer 1. Easy to copy !
2. Approbation 2. Easy to alter the
document !
Consequence => A digital signature does

depend on the document.
(need to protect document integrity,
did not exist before !)
email Encryption
Digital Signatures
m yes/no
(m,)
signing verification
algorithm  algorithm
forgery
sk pk
(private key) (public key)
email Encryption
Requirements so far:
Three main functions:
2. Approbation
3. Integrity of the message
email Encryption
Integrity: Hash-then-Sign
m
A hash function (or hash algorithm) is a

reproducible method of turning data H(m)
(usually a message or a file) into a
number suitable to be handled by a
computer. These functions provide a way
of creating a small digital "fingerprint"
Digital 
from any kind of data. The function chops Signature 098f6bcd46
H 21d373cade
and mixes (i.e., substitutes or transposes) e.g. RSA- 4e832627b4
the data to create the fingerprint, often

called a hash value. The hash value is
PSS
commonly represented as a short string
of random-looking letters and numbers
(Binary data written in hexadecimal >=160 bits >=80 bits
notation).
0- bits
email Encryption
Digital Signatures - Bonus

Another main function !
1. Identify the signer (certify origin, solved)
2. Approbation (hard
(hard to get !)
3. Integrity of the message (solved)
4. Automatic verification,
and another bonus:
Public Verifiability
email Encryption
Vocabulary
frequently confused
crypto only •crypto - a D.S.

Digital Signatures •secure device
 •qualified certif.
Advanced Electronic Signatures.


Electronic Signatures.
just some electronic tag/evidence…
email Encryption
Electronic and Advanced Signatures

(in The European Directive)
1. Electronic Signature.
Definition [EU]: data in electronic form which are attached to, or logically associated
with, other electronic data and which serve as a method of authentication.
2. Advanced Electronic Signature.

2x link.
An electronic signature that:

• is uniquely linked to a signatory and capable of identifying the signatory, and
created by means the signatory can maintain under his sole control,
• and linked to the data being signed such that any change of the data is
detectable.
email Encryption
Non Repudiation
Non-repudiation (aka Imputability).

The signer is the ONLY and UNIQUE person
which can create the (signed) document.
email Encryption
Protocols and Software Products:

Security of Email
email Encryption
SMTP Protocol
THE original email protocol.
Emails: no encryption (in cleartext) and no authentication.
In addition everybody can send email

=> epidemics of spam!!!!
email Encryption
Standards for Secure Email

Two main open standards:
• PGP
– [Phil Zimmerman, US activist, 1991],
– much later became open standard GnuPG [RFC2440]
– some PGP products are certified by US gov NIST
• S/MIME [RSA Labs]
– free implementation in Open SSL
same general method called hybrid encryption:
email Encryption
Hybrid Encryption
random IV mi mi
key K
Data Encapsulation Module
K block block
Eve K
cipher + cipher +
mode mode
ci ci
Key Encapsulation Module
r PK encryption PK decryption
encapsulated
algorithm + key algorithm +
K “good” padding verif. padding K
past: setup phase
key generation
pk algorithm sk
(public key) (private key)
email Encryption
Background
email Encryption
Why Encrypt Email?

Phil Zimmerman writes:
Why don't you always send your paper mail on

postcards? […]
You must be a subversive or a drug dealer if you hide
your mail inside envelopes. […]
Are you trying to hide something?
email Encryption
PGP Revolution
Zimmerman in 1991 wrote the first email encryption program which
was adopted worldwide. He says:
:
Intelligence agencies have access to good

cryptographic technology.
So do the big arms and drug traffickers
[…]
But ordinary people and grassroots political
organisations didn’t have…
[…]
Until now.
email Encryption
How to use PGP
email Encryption
Software 1+2
Frequently there are two separate programs:
1. Key management and command line tool
– PGP=paid,
– GnuPG = free
2. Encryption/Decryption/Signature/Verification
programs or front-ends
email Encryption
Example
1. Install GnuPG from gnupg.org
2. Instal Enigmail -- for Mozilla Thunderbird
email Encryption
Software
1. Key management and command line:
• Example: GnuPG from gnupg.orgGnuPG (free GNU version
of PGP = RFC4880)
– Almost invisible tool, works in the background…
– Download from gnupg.org
• Requires a compiler such as Visual Studio 8, use nmake or so..
• Version 1.4.9. Easy to install:
http://www.mirrorservice.org/sites/ftp.gnupg.org/gcrypt/binary/gnup
g-w32cli-1.4.9.exe
• Version 2.0. is provided by third party:

• http://gpg4win.de/download.html
email Encryption
Example – 1.
After installation:
email Encryption
Software 2.
2. Encryption/Decryption/Signature/Verification
• Frontends: http://gnupg.org/related_software/frontends.en.html
• Enigmail -- for Mozilla Thunderbird
• Enigform ---- Mozilla Firefox
• EudoraGPG --- for Eudora
• ez-pine-gpg ---- pine
• GPGOE ---- plugin for Outlook Express
• Mac GNU Privacy Guard , GPGMail etc.. ---- for Apple
email Encryption
3. Encrypt plain text?

Text<->text programs -- cut and paste (works with gmail and
IM!)
GPG4Win – on Windows
allows to encrypt files/email/text easily
Mc OS X:
• GPGDropThing –
• FireGPG which is a Firefox plugin. How to use it?
email Encryption
PGP with Gmail and Mac 0S

• Step 1. Right click, select FireGPG->Encrypt
Then and the end there is a
COPY TO CLIPBOARD AND CLOSE option
• then paste the encrypted
message in Gmail.
creates also
a button
to encrypt
attachments
email Encryption
Example - Enigmail
2. Instal Enigmail -- for Mozilla Thunderbird
From here:
https://addons.mozilla.org/en-US/thunderbird/downloads/file/92940/enigmail-
1.1.2-tb-win.xpi
email Encryption
Enigmail -- for Mozilla Thunderbird

MUST BE ADDED MANUALLY HERE,
email Encryption

Add it manually!
Start Thunderbird. In the menu bar of the main window you will see "Tools". Select this, and
then "Add-ons". This will bring up a new window listing all of your Thunderbird plug-ins.
In the lower left-hand corner of this new window you'll see a button marked "Install".
Click this button. Tell Thunderbird where you saved the Enigmail .XPI file.
email Encryption
Example
email Encryption
My Keys
…
email Encryption
Their Properties
email Encryption
Right Click on One Key
email Encryption
Key Properties
email Encryption
Steps
1. Install GnuPG software
2. Generate a pair of keys.
3. Choose a strong password for storage of…
4. Sign your own and other people’s keys. Why?
5. Make your key known (publish or distribute).
6. Install an encryption/decryption program or a plug-in for

Eudora/Thunderbird/etc.
7. Now:
– Everybody can write a PRIVATE encrypted message to you,
only you can..
– You can sign any message,
everybody can check it comes from you,
nobody can…
email Encryption
Key Management
Sign your own and other people’s keys.
Why?
How?
email Encryption
Problems with PK crypto

and email encryption
email Encryption
Revolutionary or Dangerous?
The US Customs started a criminal investigation of Zimmermann,
for allegedly violating
the Arms Export Control Act…
Dropped after 3 years of investigation
and a lot of public/press outrage…
Named one of the:

• Top 10 Innovators in E-business (InfoWorld)
• 50 most influential people on the Internet (Newsweek)
• Etc.
email Encryption
* Problems with the PKI Systems

• Cf. Ellison and Schneier: “Ten Risks of PKI: What You're Not Being Told
About Public Key Infrastructure”
http://www.schneier.com/paper-pki.pdf
• Ben Laurie: Seven and a Half Non-risks of PKI.
http://www.apache-ssl.org/7.5things.txt
email Encryption
Main Risks / Pitfalls

1. Bugs? Backdoors? Source code? People/country trusted?
2. Is it really the key of Bob?
• Certificates: trusting third parties in foreign countries
3. Was his real key lost or stolen (e.g. virus)?
• Revocation Lists: lists of blacklisted keys stored on an Internet server
4. Was my key of good quality?
• size (1024 bit: expired 2010)
• strength (RSA-PSS 2048 bits)
• randomness (mouse keyboard…)
5. Was the message changed at signing time?
• Real-time substitution
6. Did parties perform all the checks?
7. Shall I save the message?
email Encryption **Attack Tree
for PGP © Bruce
Schneier
email Encryption
PKI Comparison
• PGP
– web of trust, totally decentralized system
• users can chose how much they trust each key
• is trust transitive? not really
• in particular, can also implement normal hierarchical PKI.
• S/MIME [RSA Labs]
– uses the same standard PKI as SSL: X.509 certificates.
In both cases organisations can implement their own closed PKI.
email Encryption
Happy with Secure Email?

Problems:
BUT:
• almost never used,
– if signatures were the default behaviour, we would maybe
have less spam?
• need to enrol in advance before email is sent…

– very few people have keys,
email Encryption
Email Storage
Questions:
• should received and decrypted email be stored encrypted?
• why when sending a message we sometimes need to add
ourselves to the recipient list?
email Encryption
Happy with Secure Email?

Problems kind of solved:
• confidentiality
• authenticity
Unsolved problems:
• privacy of the recipient
• privacy of the sender
• hiding the existence of the message (=> Steganography).

Understanding Email Encryption: Nicolas T. Courtois - University College London

Încărcat de

Informații document

Titlu original

Drepturi de autor

Formate disponibile

Partajați acest document

Partajați sau inserați document

Opțiuni de partajare

Vi se pare util acest document?

Este necorespunzător acest conținut?

Drepturi de autor:

Formate disponibile

Understanding Email Encryption: Nicolas T. Courtois - University College London

Încărcat de

Drepturi de autor:

Formate disponibile

understanding

Danger: shared key…

If only one computer is infected…

• A Private Key =a.k.a.= Secret Key

Public Key Cryptography

Public Key Encryption - 3 Algorithms

past: setup phase

Setup / Establishing Trust

SKA PKA PKA

SKA PKA PKCert

SKA PKA PKCert

authentication of the key by the means of a Digital Signature

[Manual and Digital] Signatures

Manual  Digital Signatures

Consequence => A digital signature does

A hash function (or hash algorithm) is a

the data to create the fingerprint, often

Digital Signatures - Bonus

crypto only •crypto - a D.S.

Advanced Electronic Signatures.

Electronic and Advanced Signatures

2. Advanced Electronic Signature.

An electronic signature that:

Non-repudiation (aka Imputability).

Protocols and Software Products:

Emails: no encryption (in cleartext) and no authentication.

In addition everybody can send email

Standards for Secure Email

same general method called hybrid encryption:

Why Encrypt Email?

Why don't you always send your paper mail on

Intelligence agencies have access to good

How to use PGP

2. Instal Enigmail -- for Mozilla Thunderbird

• Version 2.0. is provided by third party:

3. Encrypt plain text?

PGP with Gmail and Mac 0S

Enigmail -- for Mozilla Thunderbird

Enigmail -- for Mozilla Thunderbird

Right Click on One Key

6. Install an encryption/decryption program or a plug-in for

Problems with PK crypto

Named one of the:

* Problems with the PKI Systems

Main Risks / Pitfalls

In both cases organisations can implement their own closed PKI.

Happy with Secure Email?

• need to enrol in advance before email is sent…

Happy with Secure Email?

S-ar putea să vă placă și