JRDN
Jason Roysdon dot Net

Secure email and files

April 2nd 2009 in Security

There are plenty of legitimate reasons to use encryption for emails. Some reasons for using encryption is with overseas communications to relatives or business partners, or even local communication but of a highly sensitive or confidential nature, such as network configuration files, Visio network diagrams, system passwords, etc. Perhaps you want to email your paystub PDF from your work email to your personal email, that'd be the perfect candidate for encryption.

Way back when, I became a Thawte Web of Trust notary. Thawte allows you to get S/MIME certificates which allow you to send email with a certificate that allows you to sign the email to verify authenticity of the sender and that the contents have not been modified. In addition to this, it allows anyone with your public key certificate to email encrypted contents to you. The Thawte Web of Trust allows you to get this for free, but your name will not be on the cert, just "Thawte Freemail User."

I received an email a month or so back from someone who wanted to test their Thawte Freemail certificate. I did test this with him, but I recommended PGP/GPG instead. In our tests, we found that you could have a Thawte Freemail S/MIME certificate with Thunderbird or use Enigmail with PGP/OpenPGP/GPG keys (more on this later). The problem is that S/MIME certificates are added automatically without prompting, and all these certs verify is the email address and not who generated it. Further, S/MIME certificates don't allow you to mark different levels of Trust or why you trust something. You either Trust a cert or do not.

Enterprise PKI for S/MIME allows you a centralized trust management. S/MIME isn't very valid to using outside your own organization, other than to validate that it came from that organization, but not who sent it. Anyone with control of the PKI server can generate new certificates and could do this and forge who is sending it within the organization. Within your own organization you should be using VPNs for remote access anyway and should not need encryption for the email itself, just the transport. If Enterprise PKI isn't a solution for outside an organization and if it isn't useful within an organization, then I'd say S/MIME isn't very useful to the average Joe or even the business Joe who needs to encrypt email.

The alternative: Phil Zimmerman developed PGP [?]. Since then, there have been many versions and developments and companies. One of the results was OpenPGP [?] RFC 4880 [?]. GnuPG, or GPG [?] for short, is one implimentation of OpenPGP, and it works with the MIT keyservers.

GPG in a nutshell works the same as S/MIME: You have a pair of keys, one private key that you can use to sign, and a public key which others can use to verify the data is valid and hasn't been modified as verified by your signature. Further, you use someone else's public key to encrypt data to them, and when they receive it, only their secret key can decrypt the data.

The big problem any encryption system has is trust. This is the key difference I see between S/MIME and PGP/GPG: How you establish trust between individuals. With PGP/GPG, I determine who and how I trust, not my software application or Certificate Authorities [?].

Here is an example of how the PGP/GPG trust model can work. User A sends his public key to User B via thumbdrive, email, snailmail, fax, or whatever method. User B then verifies the key fingerprint with User A (via the phone, in person, or other out of bands method). If it checks out, User B signs User A's public key with User B's secret key saying User B trusts this key is valid. If either party wants, they can then uploads this version of User A's key, as signed by User B, to a public key server.

Now say down the road User C needs to send email to User A. If User C already has and trusts User B's public key, and User C trusts that User B uses good judgement and doesn't sign keys willy-nilly, then User C can trust User A's key without ever having to verify it with User A directly.

A free and open source Windows version of GPG can be downloaded from GPG4Win.org, which will work for the OS, or if you use Thunderbird, Enigmail is the perfect plugin to take care of it all seamlessly.

My GPG key is listed on my contacts page, and also available via the MIT key server. My current key is 31CFA5D2 and is valid until December 17th, 2009 (I rotate my keys yearly) with a Key fingerprint = 2654 15E2 2CCC 7C47 6E42 3F14 4CF2 845F 31CF A5D2. You can call before you add this key and verbally verify the fingerprint.


One comment to...
“Secure email and files”
ROYSDON » JRDN » Dropbox - The must-have online filesharing utility - Making it work on Fedora 12
wrote on February 9th, 2010

[...] of "cloud computing." If you must put a file online that you don't want the contents shared, use GPG to first encrypt it before moving it to your Dropbox folder. (As an aside, never, ever, consider [...]




required



required - won't be displayed


Your Comment:

I'd like to hear from everyone as to their top 3 picks and suggestions for improvements for the Roysdon Networks logo. Please note that these are just sketches. Once I've decided what to go with, I'll have a professional graphics artist create it properly. Imagine the text having "Roysdon Networks" underneath the logo or as part of the logo, depending on which design I go with.

Previous Entry

One cool feature of many TV capture cards is the ability to hook up an FM antenna and listen to the radio... We like a number of children's radio dramas, such as Adventures in Odyssey and Paws and Tales... Now they're available on our home DVR and accessible to any other networked device at our home. For on the go use, all we have to do is connect our Sansa music players (running Rockbox for Ogg and much more support) or cell phones to a PC, and drag and drop the files over.

Next Entry

Archives
Categories
Links