Saturday, April 15, 2006

How to encrypt your email

John Aravosis asks how to make sure that the government is not looking at his email.

The short answer here is to get a free email certificate from Thawte and install it in your existing email client. Outlook, Outlook Express, Thunderbitd, Lotus, Opera, pretty much every widely used email client supports S/MIME encryption out of the box. No need to buy any thing more.

The long answer is that even the short answer is much longer than it should be. A digital certificate is a tool for managing an encryption key, in this case the public key encryption key that other people can use to send you encrypted email. Your email client will use the private half of the encryption key to decrypt encrypted emails people send to you.

Managing a digital certificate takes quite a bit of time and effort. Much of this is unavoidable, powerful tools tend to require some care and attention. Regardless of the email encryption standard you use you will need to spend some time thinking about how you publish your certificate containing your public key and manage your private key.

It is not enough to have created a digital signature, people need to have a way of finding your certificate when they want to send you an encrypted email. This is in theory meant to happen through the magic of directories but no Internet wide directory has been established to date. This means that the best way of publishing your certificate is probably to use it to sign all your outgoing email messages which will cause a copy to be automatically added to every email message you send.

This is already sounding much too complex. And for most purposes it is possible to make encryption dramatically easier to use. It is quite possible to have an email encryption system so simple that the people using it don't need to know its there. I gave a paper on this topic at this years NIST PKI workshop paper powerpoint.

The problem here is that John is concerned specifically about interception by a government. The system I have proposed is merely designed to deal with 99% of likely threats. When you are potentially faced with a government adversary the complexity of the task becomes dramatically harder.

Fortunately for John S/MIME and PGP are both designed to meet this level of attack. Both use encryption algorithms like 3DES and AES and RSA2048 that are beleived to be well beyond the cryptanalytic capabilities of any government. Both allow Web of Trust style trust semantics. Both provide security for the justifiably paranoid.

The problem is that this is not the level of security most people need and most people are not prepared to invest the time and effort required to use these systems properly.

Next a review of applying for a Thawte cert.


Marcus Areliaus said...

If you're a terrorist, then its a good idea to mess with certs and PGP. But if you're less paranoid but cautious, i/e just a small business person or if want to send an occassional private email to a friend, I've found Messagelock to be very easy to use.

When its not encrypting email its zipping my attached files. It's different from the S-Mime solutions in that it simply packs your email into an encrypted zip file. Anyone who has a zip utility and knows your password can get to your message. No need to install special software or a reciprocal pgp installation.
You can find more info at the MessageLock home page at

Phill H-B said...

Hmm, I took a look at your four blogs, all plugging this same product. Isn't there something that you should be telling folk about your relationship to the product? It is not a secret that I work for a company that issues certs and happens to own Thawte.