Secure Messaging, Part 1: The Challenges of Email Cryptography
Novell Cool Solutions: Trench
Digg This -
Posted: 21 Nov 2001
Version: GroupWise 6
E-mail security is a very hot topic for our readers these days. In the wake of the terrorist attacks of September 11, there has been heightened interest how government agencies, corporations, and individuals can protect the confidential and classified information that they share via e-mail. We turned to our new partners at Tovaris to help us explain these complex issues.
Tovaris is our newest secure messaging partner. They are an e-mail privacy and security company located in Charlottesville, VA, and outside Washington, D.C. Their product suite, the Tovaris Secure E-mail Solution (TSES), provides e-mail security capabilities to financial services firms, healthcare providers, and government agencies.
In this first article of a series about e-mail security, we explore the challenges of encrypting and decrypting e-mail messages.
Also in this series:
Cryptography is the art and science of protecting data and keeping information secret. Cryptographic methods involve two basic activities: hiding information from unauthorized parties and making information unintelligible to individuals other than the intended recipient(s). There are two types of key-based encryption: symmetric (shared key) and asymmetric (public key) encryption. Symmetric algorithms use the same key for encryption and decryption (analogous to a key that locks and unlocks a door), while asymmetric algorithms use a different key for encryption and decryption (analogous to a key that locks a door, but requires a different key to unlock the same door).
While symmetric cryptography can be very secure, it suffers from one very serious problem. Before a user can initiate a secret conversation between two parties, he must have the ability to deliver the key, often called a shared secret, to the recipient for decryption. This process works fine on a limited scale, but becomes unwieldy and much less secure in large-scale implementations. In response to that limitation, public key cryptography, also called asymmetric cryptography, was created.
Every user in a public key cryptography system owns a key pair consisting of a public key and private key. The private key is never shared by the user, and it is typically encrypted using information known only by that user. In most PKI implementations, the public key is shared with everyone. Public key cryptography deals very effectively with the key distribution problem suffered by shared key cryptography. Instead of having to share a key with a message recipient, the sender encrypts the message with the recipient's public key. Once this message has been encrypted, no key except the recipient's private key can decrypt the message. Even the sender who encrypted the message cannot decrypt it. Users no longer have to concern themselves with delivering keys to those with which they wish to correspond?they simply publish their public key for all to use.
In addition to adding convenience to the encryption process, public key cryptography is also more secure. With symmetric cryptography, every additional recipient with whom the sender must share the encryption key represents another potential security vulnerability. With public key cryptography, each recipient maintains a unique private key and shares it with no one.
Conversely, if the user encrypts a message with his private key, anyone who knows his public key can read it. This may seem useless?it certainly is not secure?but it does provide an important function. Simply, if a message can be decrypted with the sender's public key, it must have been encrypted with that sender's private key, because the only person with access to the private key is its owner. Only that owner could have encrypted the message. Therefore, a message or portion of a message encrypted with his private key serves as a ?digital signature? for the message. Digital signatures are used to verify the integrity of a message during transit through the Internet. If the sender has been authenticated (verifiably connected) to the private key, digital signatures can be used to sign electronic documents in a legally binding manner.
Asymmetric, or public key cryptography, is enabled by Public Key Infrastructure (PKI). A PKI is a secure system of servers and physical world protocols that provide access to authenticated public keys. Trusted third parties, called Certificate Authorities (CAs) and Registration Authorities (RAs) issue keys and ?connect? them to their respective owners. Theoretically, PKI is the perfect means with which to build a globally scalable, secure e-mail solution.
Problems with Traditional PKI Implementations for Secure E-mail
Because initial PKI development was, to a large degree, driven by the defense industry, traditional PKI solutions have met the requirements of that industry. While these solutions have proven to be extremely secure and reliable for this industry, traditional PKI solutions have neglected ease of use and implementation, scalability, extensibility and expense considerations. Furthermore, traditional PKIs do not provide an easy mechanism to discover keys for users outside of a closed network, nor do they provide a scalable infrastructure to quickly and effectively revoke compromised keys. These problems have severely limited the ability of e-mail users to enjoy the benefits of public key encryption.
Difficulty of Use
Most traditional PKI implementations conduct encryption and decryption operations on the local client software. If the client software is securely maintained these implementations work effectively, but they usually require the end user to manage the public keys of the recipient. This process is analogous to an individual being required to carry thousands of keys on a key chain in the event he may need to open one of a thousand different doors. Furthermore, client-side encryption software requires the end user to make encryption decisions that he may not be qualified to make (i.e. whether or not encryption is necessary).
Difficulty of Implementation
Administrators of traditional PKI solutions are frequently required to adopt systems and methodologies that are inappropriate for the level of security required by the organization. These PKI implementations require the administrator to install entirely new systems and adopt new technologies and protocols. Additionally, the administrator training costs and additional personnel required by traditional PKI implementations present intimidating recurring costs to technology managers. These implementations are analogous to installing an expensive impregnable fortress to protect the assets of a bank's branch offices. Although they are effective from a security perspective, the anticipated costs prove greater than the perceived benefits.
Traditional PKI implementations typically use centralized servers to store public keys. This architecture is appropriate for implementing centralized applications, such as network authentication or other applications in closed systems. However, a centralized architecture has difficulty scaling for distributed, Internet-wide applications, such as e-mail. These architectures are analogous to domain name resolution in the early stages of the Internet. Originally, a central database was used to resolve domain names to IP addresses. This architecture sufficed when only technologists used the Internet. However, as adoption of Internet technologies grew, the central database model became a serious bottleneck. Consequently, the Domain Name System (DNS) evolved, utilizing a hierarchical and significantly more scalable alternative to the centralized domain name resolution system.
Traditional PKI solutions were created to serve price-insensitive customers. When they were designed, implementation and overhead costs were a minor consideration. Not surprisingly, the costs of implementing the resulting offerings frequently escalate to the hundreds of thousands, even millions of dollars. While these solutions provide very effective security, the costs make them impractical for widespread implementation of secure e-mail.
In our next article we will explore how the Tovaris Secure E-mail Solution addresses these problems and provides PKI-enabled security that meets these five criteria:
- Server-based cryptography, not desktop-based cryptography
- Supported by a distributed, Internet-wide architecture to ensure discovery of valid public keys
- Based on widely-accepted standards
- Transparent to end users
- Allows end users to send securely to anyone on the Internet
For more information regarding the Tovaris Secure E-mail Solution, contact Tovaris at 1-866-TOVARIS (1-866-868-2747) or visit their website at www.tovaris.com.
Novell Cool Solutions (corporate web communities) are produced by WebWise Solutions. www.webwiseone.com