Thread: Email Encryption.. Do you use it?
View Single Post
Old 06-17-2006, 04:33 AM   #9
ath
Addict
ath doesn't litterath doesn't litter
 
Posts: 222
Karma: 110
Join Date: Jun 2006
Location: Malmo, Sweden
Device: iLiad, Sony PRS-505, Kindle Paperwhite & Oasis
Quote:
Originally Posted by Bob Russell
Let us know if you have any good tips or sources of information.
I wonder -- is anyone using encryption on email?
I do -- for those mails that just must not be read by anyone else. (I use PGP)

But encryption is hairy -- it's not just installing an application and generating a private key (assuming public-key encryption).

You need to backup your keys -- and as private keys must not be accessible to anyone else, particularly not system administrators or backup operators, it usually means you have to do it yourself. (I keep my key rings on a special USB stick, and I keep that stick in a safe. I backup the stick to CD's, which I keep in another safe. I probably should worry about CD aging causing the discs to be unreadable in a year or two... and, when the CD's get too many, how I quickly see if a CD is missing from the safe.)

You need to keep old, and outdated keys around -- or else you have to decide how are you going to read mails encrypted with those old keys?
(Saving those mails in decrypted form on the computer is a risk ... on computer, they should remain encrypted. Otherwise, store them off computer.)

If you store key rings on your computer, you need to be very careful about recording passphrases -- or you can't revoke keys that have been compromised, and so risk to get mails encrypted by broken keys. That also includes some kind of method for deciding when there is risk for a compromise ... and that may indirectly require ensuring that the computer and network is secured to a higher extent than it is now. (Keeping key rings off the computer minimizes this problem -- it's only when the USB device gets exposed that revocation is needed -- so I use a USB device with fingerprint reader -- even though I'm beginning to wonder what degree of protection this device really gives. Same thing with decrypted mail.)

Trust models also need to be considered: do I really trust a public key signed by a friend-of-a-friend-of-a-friend? When do I call the owner, and verify the key? (Me, always. I only trust keys signed by myself, and I don't sign a key unless I really need to. In a company, there should be a policy for this.)

In a company, the company typically needs to read business mail I've sent or received. And that means more thought going into key handling... and possibly even depositing private keys (i.e. private to the me as an employee of the company, not me as a private person). And ensuring there is a solution for how the company is going to get into my fingerprint-protected USB stick in case I get run over by a steam-roller.

And then, there will be bugs in the software. How do you get told about them? Do you have to look for them yourself?

And even so, if some long-haired number-theoretician manages to find a faster way to factorize big numbers (I guess someone in India will do this in about ten years), your encryption security may be gone, and you need to reestablish a new encryption scheme that does not involve factorization/multiplication. Be prepared when it happens -- and keep those backupped keyrings ...

It should be pretty clear now that mail encryption by this hands-on method is expensive. Don't do it unless you must. If you do, don't make any mistakes. If you do use it, also consider who the enemy is. Sometimes it's enough to know that encrypted mails sometimes are sent between two parts, while clear-text is used in general. If that's the situation, encrypt everything -- or the enemy will know what mails are the most sensitive ones. But that is even more expensive ...

Encryption hairiness can be managed, as long as it is known what it involves, and where the break-even points are. But too rarely the risks are well-documented enough.

For encryption in general, try Ferguson & Schneier: Practical cryptography. It doesn't go into too many technicalities. But typically you will need a good manual for the encryption system you have decided to to use. (I don't know of anything good for PGP myself -- I've mainly used it and wondered about various problem scenarios, and adapted to problems I've found.)
ath is offline   Reply With Quote