In the first part of this post (http://bit.ly/1femHfJ) we have outlined how the email system works. In this post, we will highlight why the basic protocol fails to protect user’s privacy.
When a user sends email messages, they go through the SMTP servers of the sender and the receiver (and possibly, many relay servers in the middle). Since the messages are in clear text, they can be read at the servers (and on transit in the channel between servers if they are not properly secured). Actually, Google as come forth saying that, it actively scans their user emails for spam, malware and tailored advertisement (http://bit.ly/1qYlec9). So what can a user do to prevent their email from being read in transit?
The most common answers to this problem are S/MIME (Secure MIME) and PGP (Pretty Good Privacy). Both operate in a similar manner, ensuring confidentiality, integrity and authenticity (CIA for short) of email messages.
PGP
PGP (or OpenPGP) employs asymmetric crypto to ensure that a message is only read by the intended receiver. When using this standard, users must generate a private-key and a public-key encoded into a certificate. The certificate is then distributed to communication peers (there are several ways to do this like the web of trust or alternate distribution channels). The extent to which users trust a certificate is left for them to judge since there is no trusted third party to ensure its authenticity.
Once certificates have been disseminated, users may start using them to add the CIA properties to their email messages. The following diagram exemplifies this process. 
PGP message encryption
To employ PGP, a message digest is generated from the plain text and then signed using the users private key. After, a random session key is generated. The generated key is used to encrypt the message plus the signed digest. Once done, the key is encrypted using the receiver public-key certificate, thus, ensuring that only the intended receiver has access to decryption key. Finally, the encrypted key is added to the CIA email message and sent.
When the process ends, the message is then sent like a normal email message. If there is more than one receiver for a particular message, an encrypted session key is generated for each receiver (using their certificates).
PGP message decryption
When a PGP protected message is received, both the encrypted message and key are obtained. Then, the receiver uses his/her private key to decrypt the key and uses it to retrieve the message and the signed digest. The receiver will then verify the signature of the message using the sender public-key certificate and obtains the message digest. He/she, then produces a digest of the message and compares both, and, if they match, the receiver knows that the message is authentic.
By employing all these mechanism in conjunction, reading the email message becomes very hard. Also, the user can guarantee integrity (through the message digest) and non-repudiation (the sender cannot say that it did not send the message since it is signed by him).
Another advantage of using such standard is that, because a new session key is generated for each message, if an attacker can later on recover one, he/she will only be able to read the message for which that key was used.
S/MIME
Secure MIME aims to encrypt the various parts of a MIME message. It works basically like PGP, the difference being that it relies on X509 certificates. Meaning that, S/MIME certificate is signed by a certification authority (trusted third party) and can be distributed via a Public Key Infrastructure (http://bit.ly/1Lb6zbH), also know as PKI.
Also, S/MIME seems to be more accepted since, it comes incorporated into many e-mail packages and web browsers.
Both PGP and S/MIME are capable of protecting the content of email messages from prying eyes; they still leave one thing unaddressed. By analysing metadata from email messages, it is possible to say that user A sent an email to user B and vice versa. On part 3 we will see that by separating sender from receivers and employing mixed networks, it may be possible to erase this connection.
0 comentários :
Post a Comment