Email encryption has been available for years. With email as insecure as it is, how is it that we are not encrypting our email daily?
As anyone who’s had to remove one’s shoes at airport security knows, there is a trade-off between security and convenience. But by trying to make email security perfect, it has been made too complex. Email encryption is out of reach of regular users, leaving them with no security at all.
In this article we will discuss who should care about secure email and isolate the reasons why it’s still not commonplace. Then we’ll describe a vision for a radically simpler approach that can clear the path for mass adoption.
Anyone can create an encrypted message readable only by you using your public key to lock it. You alone can unlock it using your private key.
Should we be concerned?
Should unencrypted email be a concern? Yes, and here are some reasons:
- Email is transmitted in the clear. Email has been aptly compared with sending a postcard through the mail. It travels through multiple store-and-forward systems before reaching the recipient. Anyone with access to any of the systems along the way can read it.
- WiFi is unsafe: WiFi traffic including email can be intercepted using hacking tools available to any teenager (as this CNN article describes).
- Email accumulates. Every email you send and receive, over the course of years can be stored indefinitely and searched instantly. GMail and Yahoo! Mail already provide gigabytes of storage. [Readers: How strong are the laws forbidding this type of filtering and capture of email?]
- Email interceptions are not detectable. We have no way of knowing what happens to our bits as they filter through the Internet. We can’t tell who is collecting or filtering through it. But what we do know is not comforting.
What are the use cases?
Concern over intrusions is not just for libertarians and the paranoid. Here are some key scenarios, represented as SSNiF scenarios:
| Stakeholder | Situation | Need |
|---|---|---|
| Corporate employees | • Exchanging confidential documents with partners with that would be of huge value to a competitor.
• Emailing documents to self, to work at home. |
• Peace of mind that the message will get to its destination without being viewed or collected by anyone along the way.
• Painless security, that is trivial to set up and which happens automatically. |
| Anyone doing email over a WiFi connection | • It’s not difficult for others to intercept wireless traffic, even with security activated. | |
| Government employees | • Government officials trade email that contains classified information, often with Blackberries. Billions are spent by governments on espionage, and electronic espionage can be impossible to detect. [Readers: what are the policies and protections in place?] | |
| Corporate executives | Protecting corporate secrets is critical. Much is spent on VPN and elaborate security procedures. But employees must still trade email outside the corporate firewall and those messages are subject to interception.
Corporate espionage is real. |
• To be able to set up corporate firewalls to uphold security policies, even to the point of prohibiting incoming or outgoing email that is not encrypted. |
Why hasn’t email encryption caught on yet?
If the need for encryption is so high, how did we get from 1985 to 2005 without it being as common as the CC: line? In fact, encryption capabilities have been in the email clients for years. Why has it not caught on? There are a combination of factors:
- Consumers are not aware that they need it. The risks of having one’s email intercepted are nebulous. “Can email realistically be intercepted? I don’t have anything to hide. What could really go wrong? I don’t know of anyone being hurt by this.” Until there are a series of highly publicized cases, the issue is not likely to hit the radar of most honest consumers.
- Corporate IT officers don’t seem to know they need it. Although it’s common for corporations to establish VPNs, limit WiFi usage, provide shredder bins and require passwords to be changed every couple of months, protecting sensitive information from being exchanged over the open Internet is rare. Executives seem to not understand how much sensitive information is left exposed through this path (at least until they get a demo from a company like Vontu).
- There haven’t been high-profile cases of corporate or government email espionage to raise awareness. It’s hard to detect, and even when it is, companies are loathe to disclose such security violations, which are disconcerting to customers and shareholders. [Readers, do you know of any good cases?]
- There are multiple chicken-and-egg problems. Consumers aren’t vocal about encryption so vendors don’t provide it (especially in a consumer-friendly way). There are zillions of different email systems in use, some which have encryption, many of which don’t. All will need to become interoperable before it becomes mainstream. Fortunately, it looks like an industry standard has been established: S/MIME.
- The network effect hasn’t kicked yet in. As with the telephone, fax machines and instant messaging, encrypted email becomes more compelling as everyone around you gets it. It has yet to reach this tipping point.
- Nobody has forced it. Encryption would gain a foothold if a critical mass of companies and government agencies were to mandate its use. Bold policies, such as bouncing all non-encrypted messages off either side of the firewall, would accelerate adoption.
- The end-user experience is too complex. Anyone who attempts to set up encryption will be left with the conclusion that it is way too complex for consumer-level use. The parents of encryption are the fields of mathematics and security, both highly technical fields not renown for their sympathy for mortal users. Even Apple’s mail.app is not very easy to set up. (If you want to do so, here are the best instructions I found for Mac users. Here are instructions for Outlook 2000).
Because email encryption has not yet been done simply, there is an assumption that it is intrinsically complicated. But it doesn’t have to be that way.
The digital certificate message presented to Microsoft Outlook users is daunting.
Apple incorporates certificates into its Address Book which is good, but it exposes arcane notions of certificate expiry.
Mac OS X 10.4 includes a well-hidden Certificate Assistant for generating keys on the local system. It is still too complex for regular users.
Why is encryption so difficult today?
The pioneers of encryption have poorly prioritized the use cases. They allowed concerns for certification to complicate the more fundamental need for encryption. Certification (aka signing) is a solution to the use case of impersonation: someone maliciously posing as another person or company, fooling you into believing or doing something in their interest. Aside from scammers posing as PayPal, how often has someone tried to impersonate your coworker or family member? Perhaps official communications from financial institutions should be certified as a defence against phishing. But there is no need for casual email to be.
Secondly, obtaining encryption keys is a real burden. You must first validate with a trustworthy organization (like Thawte or Verisign) that you are who you say you are. As Microsoft puts it, “digital ID requires signing up with an independent certificate authority. To get a digital ID from a certificate authority, see Digital ID on Office Marketplace to find services that issue digital IDs.”
There is a far more immediate use case to solve: getting a message from person A to person B without anyone being able to gather and read it.
Vision to Steal : Build simple but powerful encryption into email clients
Rock-solid security comes at such a high cost of convenience that users settle for no security at all. For everyone to get on board with email encryption radical simplification is called for.
There are three parts to be simplified: 1. acquiring your own key pair, 2. trading public keys with those with whom you communicate, and 3. actually sending and receiving encrypted mail.
The third part is somewhat smooth once the first two are established, especially with Mac’s mail.app. If you create a message to someone for whom you have a public key, the message is automatically and transparently encrypted.
Visions to steal for vendors of email clients:
- Decouple the certification from encryption. Certifying email is more complicated than just encrypting it for the recipient’s eyes only. Regular users will always have trouble understanding what certificates are and why they are needed, while still needing to send protected email. This simplifying assumption makes the encryption problem tractable: it makes it possible to consumerize encryption technology so that casual users can trade sensitive information without having to learn or do a lot.
- Cut the abstract concepts and terminology that goes along with certificates, certificate authorities, signature validation, Digital IDs, Root Certificate Stores, etc.
- Let users generate encryption key pairs directly from the local email client for free, in two steps, so they don’t have to go out of their way to get it. Propose this as a default for everyone.
- Have email clients automatically request public keys from each other. (This is described in a separate article, Automatically exchanging public encryption keys.)
Visions to steal for webmail services: Yahoo! Mail, MSN Hotmail, Google GMail:
- One of you, be the first to support encryption and make it easy to make key pair generation, encrypted email exchange and public key exchange as simple as it can be. (See: Hushmail) Store the messages securely at the server side and decrypt them on the client side (which probably requires a Java component).
- Process signatures on incoming messages now, so they can be used by financial institutions to cut down on phishing.
For PIM makers and standards-bearers like vCard:
- expand standards to serve as the repository of public key fields, supplying them to email programs.
For IT infrastructure vendors:
- build gateways that block unencrypted email from passing through the firewall. Make it hard or impossible for employees to send unencrypted email outside the corporate walls. Force external partners to encrypt email to get it through.
Notes
- The Blackberry encrypts data from the handheld device to the BlackBerry Enterprise Server installed within the corporation. Messages that are destined outside the corporation get decrypted before leaving. The Blackberry supports S/MIME as of 2004. [True?]
More questions for Readers:
Communications security is a large, complex and dynamic field. Help me out here.
- Are there any corporations that insist that only encrypted emails pass through their firewalls?
- Does anyone know of reports of electronic dumpster diving, for corporate espionage? (I expect this to be extremely hard to detect without a whistle-blower.)
- Are there laws prohibiting interception of email? Do the email service providers promise they won’t dumpster dive in their legal agreements?
- How do we know there isn’t widespread email espionage going on? Are there cases that resulted in demonstrable material damages?
- Would authenticated/certified email really reduce the phishing epidemic? How?
- Are there countries or cultures where email encryption is commonplace?
- How come PayPal and other major institutions don’t already sign their emails?
See also
- Design to Steal: Automatically exchanging public encryption keys.
- S/Mime tutorial
[Update 8/21/08: Changed the old name "USN use cases" to "SSNiF scenarios"]
One major need for secure email, at least in the U.S., is medical. HIPAA requirements seem to dictate antiquated technology in one of the industries that most needs updating.