How to protect your email communication (Tips and Hints for e-mail user)

Member Name: Silverblue

Product:	Tips and Hints for e-mail user
Date:	01/03/07 (177 review reads)
Rating:

Advantages: quickly done, protects your email communication, gives you a feeling of safety

Disadvantages: -

You would never send an important letter in an open envelope, would you? But day by day or at least occasionally you send important emails with private content, without any protection against strangers reading them.

How should anybody read my emails? Easy. And it is done every day – at least if you believe the media. Your boss can do it, the state can do it, basically everybody who has an idea about computers (or the right equipment) can do it. And it would be so easy to do something about it!

But that is by far not the only problem with emails. As you can get new addresses so easily, identity fraud is no problem. You can’t be sure that an email is really from the person it says it’s from. But this also can be helped quite easily.

------------------------------------------------- ---------------------
Some theory
------------------------------------------------- ---------------------

The safest method to make sure your emails can only be read by people who should read them is encryption. Don’t worry, in reality you won’t have much to do with it as it’s all done by software applications, but to enable you to understand how they work and how they protect your emails here is some theory. I will keep it as short as possible and try not to bore you, I promise :-)

~~~~~~~~~~ cryptography ~~~~~~~~~~

There are two different forms of cryptography: Asymmetric and symmetric. Both have advantages and disadvantages and in most cases none of them is used by itself, software developers rather combine the advantages of both and call it hybrid cryptography. But we’ll start at the beginning…….

~~~ Symmetric encryption ~~~

If you want to encrypt a message this way you only do have one key. In reality this key is a long, long prime number but just imagine it being what it is called – a key to open or close something.
The key should only be known by the sender and the receiver of a message which leads us to the main problem: The key needs to be kept secret, but still needs to be exchanged somehow. You can make a phone call, but can you be sure nobody is tapping it? You can meet up and exchange it in person, but then you can just as good exchange the message directly.
However, once the key is exchanged, person A (I will call her Alice) can encrypt a plain text with it. This text can now be sent via an insecure connection to Person B (called Bob). Once Bob got the text he will use the same key Alice has used to decrypt the text so that he can finally read it. This method, of course, has advantages as well; the biggest being its speed. Thus it is often used with voice over IP applications.

Send:
Plain text ------> text encrypted with key

Receive:
Decrypt with key ------> Plain text


~~~ Asymmetric encryption ~~~

Now it’s getting slightly more complicated, as compared to the symmetric encryption we have got two keys involved. They are called private and public key and you can probably already guess that one is used to encrypt the text while the other is used for decryption.
But why the names? Well, it’s logical (really!) The private key is called private key because it’s private and only the owner (and sender of a message) knows it. The public key however is really public, it can be published everywhere. Both keys are related to each other but in a way that you can’t reconstruct the private key if you just have the public one – that’s what making this method safe.

Again we assume that Alice wants to send a message to Bob. Alice knows Bob’s public key – he might have sent it to her beforehand or she looked it up in a directory on the internet. Or maybe Bob has just published it on his website? However she got it, important is that she knows it, as with this key she has to encrypt the text she wants to send. But how can Bob read it? Easily – he just has to decrypt the text with his private key. As only he knows it, nobody else but he can read the message. This method obviously solves the problem of having to exchange the key but therefore it is far slower. That’s why it’s never used on its own, but only in combination with the symmetric encryption – it’s then called “hybrid encryption”. Don’t give up – not much new there though!

Send:
Plain text ------> Text encrypted with receiver’s public key

Receive:
Decrypt text with own private key ------> Plain text


~~~ Hybrid encryption ~~~

For the hybrid encryption we just introduce a third key – the session key. It is a secret key which is calculated newly for every message that’s sent. This session key is used to encrypt the message, applying symmetric encryption.
Afterwards, asymmetric encryption is used as it has been explained above. The session key and the message are encrypted with Bob’s public key and both – session key and text – are sent to him. He, using his private key, can decrypt the session key with which the text can be decrypted.

Send:
Plain text ------> text encrypted with session key -------> Text and session key encrypted with receiver’s public key

Receive:
Decrypt with own private key -------> Decrypt with enclosed session key -------> Plain text


So far so good – but your data still isn't safe.

~~~ Man in the middle attack ~~~

We imagine the following situation. Alice is sending Bob a message (using asymmetric encryption). She uses the public key of which she thinks that it’s Bob’s, but is isn’t – it actually belongs to another person – we call her Mallory. Mallory now intercepts the email and can read it using his private key. And because Mallory isn’t stupid she then uses Bob’s real public key, encrypts the message with it and forwards it to Bob. He will never notice he never got the text directly from Alice. Even changes to the text could have been done by Mallory and he would never find out.

But even this problem can be solved; we just use asymmetric encryption but this time the other way round. Security now is not given anymore, because everybody knowing the public key can read the message. Therefore, this is a method to ensure the authentity of a message which is especially known as digital signature.


~~~~~~~~~~ Digital signature ~~~~~~~~~~

Again, Alice wants to send a message to Bob, but this time she wants to make sure that he knows that the message is really from her.

After having written the email text Alice produces a so-called “Message Digest”. Just imagine it as a long combination of numbers and letters which have been produced by a special algorithm which input was the email text. This message digest would be completely different even if Alice only did a very minor change to the email text.
This message digest she now encrypts with her own private key and attaches it to the email before she sends it off to Bob. After having found the email in his inbox he uses Alice’s public key to decrypt the message digest. Also he uses the same algorithm on the text he just got. If both message digests – the one Alice sent and the one he produced – are the same then he can be sure that a) Alice was the person who sent the message and b) the text has not been changed by anybody.

And now we’re finally there. We just have to combine the digital signature with the hybrid encryption and we’ve got what we want: We can be sure the message is sent by the person we think it is from, we can be sure the text hasn’t been altered and we also can be sure that no one else has read the email.

Signature
Alice types the email and produces the message digest.
1. The message digest is now encrypted using her own private key and attached to the actual text.
Encryption
2. The encrypted digest and the text now are encrypted again - with a symmetric session key.
3. Everything is encrypted again – with the receiver’s public key.

Now the mail can be sent. Bob is doing the same steps backwards and here it becomes clearer what they were for.

Decryption
3. He is using his private key to be able to access the session key. Only he can do this as only he knows his private key!
2. With the session key he now can decrypt the message digest
Checking signature
1. Knowing Alice’s public key he can decrypt the message digest (so he is sure the message has been encrypted using her private key), produce his own message digest and compare the both. Are they the same? Great, the text has not been changed since Alice has sent it.

That’s it – that’s how programs work. But now enough theory – how can you personally make use of this great system?

------------------------------------------------- ---------------------
And how to deal with it in reality
------------------------------------------------- ---------------------

You’re probably glad to hear that you don’t have to bother about encrypting, decrypting, public or private keys: It’s all done by the software you are using.

The most popular one certainly is PGP. PGP is an acronym for “pretty good privacy” and is available for free, at least in its very basic version – which allows you to encrypt and decrypt emails – and that’s what you want, isn’t it? When you visit the website http://www.pgp.com you will find that there is only a 30 day trial available. This one can be used longer though if you only want the basic functions. Up to version 8.0 (the latest one is 9) PGP was freeware but the functionality still was the same as it now is for the trial version after 30 days.

After the download and installation of the program you first will have to think of a pass phrase. This code secures your private key – every time you want to use it you have to put it in. Within a few minutes you now can create your own keys. Start the program “PGPkeys”, (right click onto the lock in the task bar) and choose the submenu “new keys”. The further steps should explain themselves. When you’re asked what type of key you want you should pick “RSA” as it contains fewer security risks and is understood also by older PGP versions. Concerning the size you should pick the biggest going. That’s it, your keys will be created now.

Knowing how PGP is working you now will want to send your public key to the persons you know. As the key is looking like a long text you can just copy it and email it to other people. Or you export it and send it as file to all your friends.

Of course you also will want to add the keys from your friends into the software. You can do so by copying the key (the text) and clicking “clipboard - decrypt and verify” in the submenu. PGP recognises that you’ve got a new key in your clipboard and an import window opens. You only need to click onto import now, the rest is done automatically.

Earlier I have been writing about man in the middle attacks. Of course they also can happen here – you need to check whether a key is from the person you think it is from.
There are basically two ways.

--- Fingerprint ---
Every key has a fingerprint which is unique. It is kind of a checksum which is created from the key and worldwide there will only be one key for a certain fingerprint. The finger print originally was a sequence of hexadecimal numbers, but you can get PGP to show you English words instead. You could now call the person of whom you got a key and compare the fingerprint.

--- sign the key ---

If you are 10000 per cent sure that the key is correct you can sign it electronically – with your private key. PGP now classifies the key as trustful, but others can profit of it as well. The whole system is called “Web of Trust” and its principle is easy.

1. You know person A and you trust him.
2. Person A knows person B and has signed his key
3. Person B sends you his key. You don’t know person B, but as person A has signed his key and you trust him you automatically assume that B’s key is valid.

So basically with your signature you guarantee the validity of another key.

The actual encryption of the emails is now done through your email client. You will find three buttons there that enable you to encrypt and/or sign your email with just one button click. As this might slightly differ depending on the email client you use I advise you just to try it out and if anything use google, you will find plenty of tutorials on how to use PGP.

------------------------------------------------- ---------------------
Conclusion
------------------------------------------------- ---------------------

With a bit of your time you could make your email communication much safer, even though I must admit that you first have to convince your friends of using PGP too… Still, there are so many benefits of email encryption that everybody should consider doing it. Unfortunately many people don’t seem to be aware of the risks.

Also I don't want to forget to mention that there is more software around than just PGP - I just picked that program because I think it is easy to use but powerful the same time. Plus it is widely spread.

Anyway, I hope I haven’t bored you stupid with this “review” and if there are any questions left, just send me a message or post a comment.

Summary: an introduction into email encryption and PGP