Client based vs. server based E-Mail Encryption. (Security).Bernhard Hecker- Retarus Co. The need for E-Mail Encryption E-mail encryption refers to encryption, and often authentication, of e-mail messages. E-mail encryption usually relies on public-key cryptography. E-mail encryption protocols Popular protocols for e-mail encryption include:
(2) To verify (guarantee) that data has not been altered. the sender of a message. Thus a message sent over the internet, can easily be read by someone who is not necessarily the recipient The recipient can also never be absolutely sure, that the sender is the person stated on the message. This is the point where encryption The reversible transformation of data from the original (the plaintext) to a difficult-to-interpret format (the ciphertext) as a mechanism for protecting its confidentiality, integrity and sometimes its authenticity. Encryption uses an encryption algorithm and one or more encryption keys. mechanisms come into place. Encryption can conceal information in a message. Electronic signatures can authenticate the sender. Currently there are two established standards for E-mail encryption, that are in use worldwide: PGP (Pretty Good Privacy) A data encryption program from PGP Corporation, Palo Alto, CA (www.pgp.com). Published as freeware in 1991 and widely used around the world for encrypting e-mail messages and securing files, PGP is available for commercial use and as freeware for and S/MIME See MIME. . Both standards are widely implemented on several platforms and have a lot in common. PGP and S/MIME use the same encryption algorithms A formula used to turn ordinary data, or "plaintext," into a secret code known as "ciphertext." Each algorithm uses a string of bits known as a "key" to perform the calculations. The larger the key (the more bits), the greater the number of potential patterns can be created, thus making to encrypt messages, both use the same signature mechanisms and both use asymmetric encryption See public key cryptography. mechanisms. A symmetric encryption Same as secret key cryptography. means, that the user has two keys, one is public (known to everybody) one is private (only known to the user). A message encrypted with the users public key can only be decrypted with the corresponding private key and vice versa VICE VERSA. On the contrary; on opposite sides. . This means to send a message to someone, you have to use the recipients public key to encrypt it and only the owner of the corresponding private key can decrypt To convert secretly coded data (encrypted data) back into its original form. Contrast with encrypt. See plaintext and cryptography. the message. To sign a message, you would, very simplified encrypt it with your private key and everyone who can decrypt it with your public key knows, that it comes from the owner of the corresponding private key. These are the basics, that are used by S/MIME and PGP. Both standards were implemented as client based Refers to hardware or software that runs in the user's machine. See client and client download. Contrast with server based. solutions, which means, the encryption and signature takes place on the senders or recipients workstation. The reason is obvious. To secure a message, it has to be transported to the recipient in a secure environment or encrypted, since networks generally are not necessarily secure, the messages have to be encrypted all the time until they are read by the original recipient. If a single user installs PGP or S/MIME everything is fine. The user can get an X.509 Certificate for S/MIME or generate a PGP key pair and can immediately start sending and receiving encrypted and signed messages. The user can install all public keys of his or her partners and manage the entire thing easily. BUT: There are several reasons why companies want to put the encryption and decryption (cryptography) decryption - Any procedure used in cryptography to convert ciphertext (encrypted data) into plaintext. part on servers and not on users workstations: In most companies you will find a server or gateway based virus protection tool that searches messages and attachments for known viruses. These tools have absolutely no chance to read encrypted messages As a result, the server based Refers to hardware or software that runs in the server. Contrast with client based. virus protection fails whenever it hits an encrypted message. Viruses work perfectly as soon as they are decrypted. The solution would be a client based virus protection instead of the gateway, that is already in place. Key Management If a key pair (private and public) is needed for every user, and users would have to exchange keys amongst each other and their external partners, you would have a tremendous amount of E-Mail traffic just containing keys. Imagine 100 users sending their private key to each other: You have 9.900 messages (99 times 100) just containing public keys ... You would have to make sure, that all users know how to use the system and how to set up the trust relations in their systems. If users are not in the office, for example during their vacation, their colleagues have absolutely no chance to read the new messages sent in. Last but not least: Users have willingly to encrypt messages. You can initially set up systems to encrypt every message, but whenever a user sends a message to someone who has no public key, the user gets an error message. This usually bores users pretty soon an they tend to turn off the general encryption, which, as a consequence, makes them forget to encrypt important information. The solution to all these disadvantages could be the server based encryption. In this case a gateway is installed, that receives all messages sent in from the internet and that sends all outgoing messages to the internet. It is set up as the first entry point of messages. All public and all private keys of all internal users and all public keys of all external users are stored on this system. A set of rules, like on a firewall, determines what has to happen with different messages. General set up would be something like "whatever can be encrypted has to be encrypted" and every message that is sent to the internet will be encrypted if possible. This conceals a lot of pretty public information, but I'd rather encrypt one message more than needed, than send secret information unencrypted over the network. If someone monitors the E-Mail traffic of a company and finds only few encrypted messages, it is obvious, that these messages contain confidential information Noun 1. confidential information - an indication of potential opportunity; "he got a tip on the stock market"; "a good lead for a job" steer, tip, wind, hint, lead . If the attacker finds thousands of encrypted messa ges, it is very hard for him to find the really interesting ones. When an encrypted message reaches the gateway from the internet, it is automatically decrypted and then sent to the internal network, where it can be checked for viruses before it is delivered to the recipients mailbox A simulated mailbox in the computer that holds e-mail messages. Mailboxes are stored on disk as a file of messages, a database of messages or as an individual file for each message. The standard mailboxes are usually In, Out, Trash and Junk (Spam). . The keys on the gateway are managed by an administrator, who is supposed to know what he does. Whenever an external public key is stored on the Gateway, every internal user can immediately send encrypted messages to the owner of the key. Gateways can use one single key for an entire company or a group of users, which has the advantage, that if someone joins or leaves the company, not all external partners have to be informed about the change. Security ends on the gateway. It can never protect messages from an internal attacker. Practical experience shows, that most messages have to be concealed from external attackers, not internal users and only some specific users need additional security. This is mostly in the upper management, the personnel department and the development and research teams. These groups generally are the minority in an company. If more security is needed amongst these users, it is easy to client based encryption on their workstations and protect the entire company with an encryption gateway. In that case an overseeable group of users has client based encryption and all others are protected by the gateway. All messages sent to external partners are encrypted whenever possible and everybody can receive encrypted messages. Bernhard Hecker, the Security Product Manager for Retarus, will he speaking at ISSE ISSE Information Security Solutions Europe ISSE International Students for Social Equality ISSE International Salon & Spa Expo ISSE Internet Streaming SIMD Extension (Intel processor command set extension) 2001 - Information Security Solutions Europe, from 26-28 September 2001 at QEII Conference Centre, London. For more informatio n visit www.eema.orglisse or email: isse@eema.org |
|
||||||||||||||||
Printer friendly
Cite/link
Email
Feedback
Reader Opinion