Email: the forgotten security problem

Did you know that the use of email predates the invention of the internet?

Electronic messages were being sent over the wire a long time before computer networks existed. In fact, email paved the way for the internet as we know it today.

Why you can’t trust email

When you read a message in your inbox, should you trust that the information hasn’t been tampered with or that it even comes from who it claims?

Sadly, email wasn’t designed with security in mind. The paradigm it is based on is that of a peer-to-peer network – messages are passed from server to server in plaintext (no encryption) until they reach their destination.

So even though you connect to your email provider securely to download your mail (normally using SSL/TLS security), there is nothing to stop your private communications being intercepted in transit.

Unlike other internet messaging (instant messengers or social media messaging), there are no central servers which control and govern the delivery of email, which can result in problems such as email spoofing (sending an email which is deliberately made to appear as if it is coming to be from someone else).

Despite this, communications made by email can still be legally binding and can be used in a court of law (for example, Naldi v Grunberg).

So how can you securely send emails, making sure that:

  • the recipient is convinced that it comes from you;
  • no one except the intended recipient can read the message; and
  • there’s no chance that someone could have tampered with the content of the message before it reaches its destination?

In 1991, Phil Zimmerman published a program called PGP (Pretty Good Privacy) which ensures all three of these things.

(In fact, it did such a good job of providing an easy way to send secure messages over email that Zimmerman became the target of a criminal investigation by the US government. It was deemed at the time that making software which provided such strong security outside of the US counted as “exporting arms” and violated US munitions export regulations.)

Encrypt email to make it trustworthy

Luckily, PGP, and similar software using the OpenPGP standard (such as GPG), is now legally available in most countries and is an excellent solution for securing email. A high level of security is provided by encrypting messages and digitally signing messages.

Encryption provides confidentiality – the contents of a message are protected so that it can only be read by the intended recipient.

A digital signature provides authentication of messages so that the recipient can be sure that it does actually come from you.

Additionally, a digital signature provides integrity – assurance that the message hasn’t been tampered with.

And finally, non-repudiation, which is the assurance that the sender cannot deny having sent that message at a later date.

Message encryption and authentication achieves all four of these essential properties by using public-key cryptography.

public_private keysPublic-key cryptography describes the mathematical encryption protocols and algorithms that allow you to shop online and access internet banking services securely. Unfortunately, public-key cryptography also allows malware to hold your important files to ransom!

First invented by mathematicians Ellis, Cocks and Williamson in 1973 at GCHQ (and independently developed by Diffie and Hellman in 1976), public-key algorithms use a mathematical ‘trapdoor’ function to allow for asymmetric encryption of messages. That is to say, how you encrypt and decrypt a message is different.

This means anyone can encrypt a message – or analogously verify a digital signature as legitimate – with the ‘public’ part of the cryptographic key, but only the sole individual can decrypt a message – or digitally sign a message – using their secret ‘private’ part of the key.

How it works

Let’s consider our favourite cryptographic personas of choice: Alice and Bob.

Alice wants to securely email Bob without the chance that Eve could read or tamper with her message, and she wants Bob to be convinced that it does indeed come from her.

A simple demonstration (how the actual protocols work is slightly more involved, but the gist is the same) of how a PGP-like program would work is as follows:

  • First, Alice’s computer looks up Bob’s public key in a key-server, which acts like a massive address book, and encrypts the message using his public key.
  • Second, her own private key is used to add a digital signature to the message which is then sent to Bob.
  • Third, Bob’s computer then decrypts the message using his private key, and verifies the digital signature using Alice’s public key, similarly obtained from a key-server.

So the question is: how does Alice know that the public key for Bob – the one she has obtained from the key-server – is legitimate, and not a phony placed there by Eve instead?

The key part of this mechanism to ensure the legitimacy of public keys is called the web of trust.

Diagram of the web of trust in email

This is an alternative to the public key infrastructure (PKI) model used by websites to issue SSL security certificates for use with HTTPS.

The idea is as follows: assume Alice and Bob have a mutual friend Charlie who they both trust. Charlie can vouch for both Alice and Bob because he knows them personally, and can verify the identity of them and their associated public keys. Charlie signs each of their public keys with his own. As Charlie trusts Bob, and Alice trusts Charlie (perhaps Alice has signed Charlie’s public key), this allows Alice to trust the authenticity of Bob’s public key.

While this sounds pretty unfeasible and is not without problems, it is actually very effective in allowing secure communications (with PGP systems or otherwise) without the need for expensive security certificates like those used by websites.

In fact, people even meet up at organised events known as ‘key signing parties’ to check each other’s identities and sign keys to allow this web of trust to propagate.

So why is email security of this sort not much more widespread? I’d guess it’s a combination of feasibility and awareness primarily. It’s not always that straight forward to start using public key encryption for email, and keeping your private key secure can be tricky when you are accessing emails from multiple devices. Moreover, knowledge of the downfalls of email perhaps aren’t as well-known as we would like them to be!

For domestic purposes, only those determined to safeguard their right to online privacy would want to be bothered with using these systems as routine. For businesses, however, designing email security policy is a much more delicate task in balancing cost and risk. Perhaps ISPs and email providers should be doing more to make widespread adoption of email security easier.

And maybe a key signing party would be a tad overkill for firing off a quick message to your boss to let them know you’ll be late to work, but it does provide the security assurances that email so badly lacks.

So next time a website informs you that they have ‘securely’ sent you a password reminder, consider how secure this actually is!

police postman, private-public keys and the email symbol are courtesy of ShutterStock.