Saturday, January 17, 2015

Secure e-mail and encrypted files


In the last article I explained that you should encrypt your traffic. The article was focused on web browsing.

With emails it's a another story.

Web traffic is like a phone conversation that can be tapped. Email is like regular mail. You don't even have a direct connection with the recipient.

Like regular mail, emails are "routed". You send them from your computer to your email provider, then your e-mail provider sends it to the mail server responsible for the recipient domain, and from there it may possibly be sent again to a mailbox server (e.g. IMAP server).

While it's always a good idea to send your e-mails using a secure SMTP connection, your email provider might not do so with the recipient email server.

Furthermore, while web traffic is volatile, emails are stored on hard drives and are more likely to contain sensitive information. It's very easy for say anyone with access to these servers (such as your boss, the email providers and the government) to look at your emails.

The solution to this problem can actually be used for almost anything and is not new technology at all.
This technology is Asymmetric cryptography. (It's asymmetric because the encryption and decryption keys are not the same. The decryption key can be sent to anyone and are usually published on opened websites. In fact they are not really encryption or decryption key, we'd better call them private and public keys.)

It can take two forms: PGP (with implementations such as GnuPG), the preferred solution,  or digital signatures / certificates (known as S/MIME).

I will list the advantages of using asymmetric cryptography, and a few drawbacks.

Pros


  • Only the sender and the recipient can look at the data. For people in the middle, it's just gibberish.
  • You encrypt the data for one recipient only. Even if someone else has the decryption key, it would be useless because the e-mail was encrypted with their public key so only them can decrypt it with their private key and your public key.
  • The recipient can verify the identity of the sender and know for sure only someone with the proper private key and the password to that key could have sent the email.
  • Same thing, but it's possible to verify while not encrypting if the data is not sensitive except you want to make sure you created it. It's useful for software so you don't download a counterfeit copy with security holes.
  • Can be used to encrypt anything, any sequence of bytes, including files or your whole home directory.

Cons

  • That you already knew: if you use a weak password for the private key or use it on more than one application / website, then you achieve no security.
  • The recipient needs to use PGP or S/MIME so that the message gets encrypted and they can decrypt / verify it. So your recipient needs to be as tech-savvy as much as you are.
  • Even though there are some solutions for mobile devices and webmails, the solutions are never as good as say the Enigmail extension for Thunderbird.
  • It's very easy to lost your private key but it's risky to make copies. See the problem?

No comments:

Post a Comment