This is the second part of a post about email security. If you haven’t read part one ‘Why is it so difficult to secure your email?’ you should check it out. We also published a primer on the differences between ‘Privacy and Anonymity’ that is worth reading.
Achieving perfect security of your email is difficult, but there are a few things you can do to make it at least much more difficult for third parties to get access to your communications. With a little bit of effort it is fairly easy to protect the privacy of your emails; however, protecting your and your receiver’s identity is more difficult to achieve.
Before getting into the details of how to encrypt your email communications lets have a look at how a typical email exchange works. I’ll point out vulnerabilities along the way.
The Nuts and Bolts of Email
(If you already know the ins and outs of the technical steps involved in composing, delivering and reading email feel free to just skim this part and continue reading at ‘Confidentiality.’ )
Email privacy starts with securing the device you use to compose your email. That means access control, encrypting the storage on it, installing software that will safeguard it against malware, and preferably not using shared devices.
Once you click send your email program will establish a connection with your email provider’s email server. Interesting to note is that more than 50% of all emails are not encrypted!
Sender’s email server
SMTP, the protocol used to send (and receive) email does not require a secure connection between the user and the email server; however, because of security concerns most email providers now do.
TLS/SSL and HTTPS encrypt the connection between you and your email provider, making it impossible for your Internet Service Provider (ISP) or anyone eavesdropping on your connection to decipher what is being send back and forth. However, once your email has reached the server it is available for the server’s administrator to read, log and index.
Your email then travels the Internet, or more precisely, the network and devices your email must transit to reach the receiver’s email server. Your email, the envelope, message header and content can be read, logged and indexed at any point of this journey by anyone with access. This is where the NSA gets most of its information.
This part of an email’s journey is generally not encrypted and completely out of the user’s control.
The receiver’s server discards your email’s envelope after it places the message into the recipient’s inbox; that’s why you never see it.
The server administrator has full access to all data transferred through the server, for example an admin could access your email account or forward your email without your knowledge to a separate mailbox. Any unencrypted content can be read.
The receiver either logs into a webmail account or downloads your email from the mail server using POP or IMAP. This process is identical to you establishing a connection with your email host and can either take place encrypted or without encryption. If the receiver does not use encryption to download email, your message can be intercepted and read by a third party if the body was not encrypted.
The recipient can choose to download your email and delete the copy on the server or download a copy and leave a copy on the server. Any emails left on the server can be accessed by an administrator or an intruder. In the US any email older than 180 days is considered abandoned and as such accessed without a warrant!
Let’s assume your recipient decrypts and reads your message, he is now free to do with your email whatever he chooses, for example forward the decrypted content or store it anywhere.
After reading this far, it should be obvious that sending a plain text (not encrypted) message isn’t any more secure than dropping a postcard in the mail. Anyone with access can read, log and index your message.
However, if you encrypt the content, reading your mail is no longer possible without the matching decryption key. Properly implemented encryption also ensures the message wasn’t tampered with during transit (integrity) and the person you think the email came from is the actual sender (authenticity).
The desire to protect one’s communications is as old as humanity itself. Encryption refers to the process of encoding a message using an encryption key in such a way that only the intended parties can read it. Decryption refers to the decoding of a message and requires a decryption key.
Public key encryption requires two keys, one private and one public. The idea is to distribute Alice’s (your) public key for Bob (others) to encrypt messages sent to Alice. Alice will then use her private key do decrypt them.
As a side note, digital signatures are strings of characters that uniquely identify the signer of an electronic message. The recipient of a properly signed message can verify that the message was in fact sent from the purported sender and that the message wasn’t tampered with during transit.
How do you Encrypt your email?
The most popular email encryption standards are:
Both are similar services that differ in their trust model. S/MIME requires the user to obtain a certificate from a so called Certificate Authority (CA), requiring all users to trust this authority. For example, Alice would trust Bob if Bob’s “chain of trust” can be traced back to the central authority.
OpenPGP uses the “web of trust” model and any user can be the authority to verify another, thereby eliminating the need for a third party. For example, if Alice and Bob think she is Carol then that is good enough for me.
Secure/Multipurpose Internet Mail Extensions (S/MIME) is a standard for public key encryption and signing of MIME data as specified by the Internet Engineering Task Force (IETF) in RFCs 3369, 3370, 3850 and 3851. It was originally developed by RSA Security, Inc.
Most email software already supports S/MIME encryption. The actual protocol is derived from the PKCS#7 data format used to sign and encrypt data under PKI. You first get a certificate from a Certificate Authority, then download your certificate, a file with a .p7s extension, and add it to your email program. This gives you the ability to sign and encrypt messages. The receiver of your email can verify that the email came from you and now has your public key. He can now use your public key to send an encrypted message to you that you can decrypt with your private key.
The more popular way to encrypt email is using PGP (aka Pretty Good Privacy, or more precisely, OpenPGP). PGP is a commercial program sold for email encryption. Gnu makes a free version known as GPG, or Gnu Privacy Guard.
GPG, just as S/MIME, uses public key cryptography to secure your message, but instead of having to obtain a certificate from a public Certificate Authority, you create your own certificate. You can then upload your public key to a key server or share it with the people you communicate with directly. Because there is no central authority guaranteeing the validity of your certificate there is no guarantee of authenticity. Users are welcome to have other users sign their certificates to increase their trust value. Practically speaking though, even a certificate authority doesn’t verify a user’s real identity, just that he or she owns the email address they requested a certificate for.
GPG doesn’t directly integrate with mail clients. Instead, users use a 3rd party application (available for most platforms at the link provided) to generate the key pairs they then import into their email clients and distribute as described with S/MIME.
The content of a properly encrypted email cannot be read, edited or amended by intruders making it impossible to alter the original message without being detected; hence, proper encryption guarantees message integrity.
Assuming you trust the keys you exchanged with others, a properly signed email guarantees that it originated from the email address used in the certificate.
Indexing, Logging, Storing of email
Electronic messages can be indexed, logged, and stored at many points during their transit from sender to receiver. This isn’t specific to email. All plain text can be read.
Let us assume sender and receiver know how to properly encrypt email then your message can still be logged, indexed and stored; however, the content of your message remains private between you and the receiver.
Even if you properly encrypt the content of your message as described above, the envelope information is still public. In most cases that means the sender address ‘From’ and the receiver ‘To’ address are known and can be logged while flowing through third party switches and servers.
In certain circumstances hiding the content of a message isn’t enough and a sender and/or receiver might have the need to hide their identity; imagine a whistle blower contacting a journalist, or a general and his mistress.
The simple fact that two people are communicating with each other might be reason enough to get them into trouble. In this case the concept of confidentiality needs to be extended to include keeping the identity of the sender and/or receiver private. Currently the only way to achieve this is by setting up an anonymous email account.
Please note that providing false information during the sign-up process for an email account often violates the provider’s terms and conditions and generally isn’t sufficient to hide your identity. To achieve a higher level of anonymity you must also hide your IP address during the signup process as well as every time you access your anonymous email account. You can easily do this by using a VPN (Virtual Private Network) or Tor, a free anonymizing service run by a network of volunteers around the world.
Perfect anonymity is difficult to maintain because a simple oversight or mistake along the way will blow your anonymity right out of the water. For example, if you use email software to access your anonymous email account and your device is compromised, then your anonymous email account might no longer be anonymous.
It makes sense to only use webmail to access your secret accounts. Unfortunately, this also makes it harder to encrypt your message, unless you use a third party application such as Mailvelope to encrypt messages inside your browser.
What Actions Should I Take Now?
The reason why the current email system is hopelessly insecure is not that it isn’t possible to achieve a reasonable level of security, it is that most users don’t know, don’t want to spend the time, or simply don’t care about email security.
If you are uncomfortable with the thought of all your communications being as secure as the proverbial postcard dropped in the mail, it is time to learn how to secure your email. I hope I have been able to explain the basic concepts behind email security and give you a solid foundation from which to start protecting your electronic communications.
If you are totally paranoid or your life depends on it your best option is to not use email, use a secure messaging app with perfect forward secrecy instead, but this is a topic for another post…
If you would like to have Ed Snowden explain email security to you and show you how to secure your email check out Ed Snowden’s instruction to Glenn Greenwald on how to use GPG on Vimeo.
Ladar Levison, the gentleman who got into trouble with the US government when he refused to comply with the government’s demand to hand over the encryption keys to his anonymous email service Lavabit during the ‘summer of Snowden’ is working with the founders of Silent Circle (also voluntarily shut down because of security concerns) on the Dark Mail Alliance, a non-profit aiming to change email from a non-secure system to a secure system by default. This Techcrunch article summarizes the details. Mr. Levison provides further details in this Kickstarter video. The group is working on using XMPP and Elliptical Curve Encryption to enable end-to-end email encryption.
Image Credit: RaHuL Rodriguez