Thoughts, suggestions on encryption...

[questio verum]

Today looks like it will be a good day. I got a full 8 hours of sleep last night, the sun is shining this morning, the temps are dropping below the boiling range, and today I've been reaping the benefits of linux for over 15 months. Hard to believe it's only been that long. Like all things good and pleasurable, time does fly when you're using linux.

Thanks to the outstanding membership here at LFO, along with a good command of google search, I've learned more than I thought I would at 15 months. I also work a job that exhausts me quite badly at times, but yet I always seem to have the energy to read yet that one last article or post before hitting the logout button.

I recently got to learn about security the hard way (by picking up a rootkit) and it was a real cram-session style learning experience. I endured the two weeks limping along without full use of my system until with the help of others on this site (and the judicious scheduling of some hardware upgrades) I was able to put things right again. It's all a learning experience if you let it be.

Now I want to learn about and start benefiting from the use of encryption, especially as applied in email. I've started reading articles on encryption, and it seems two standards come up... PGP and AES. AES has been chosen by the NSA for document protection up to the 'Secret' classification. As I recall from my military days, there some 4 or 5 classifications above 'Secret'. These classifications would require hardware encryption.

My question is; what is the most secure, yet practical standard for use with email? If you have any resources to suggest, I'm all eyes & ears. I'm kind of excited about learning yet something else new. Especially something that can help me further secure my computing experience. TIA!

qv

[Roxoff]

One thing must ye know of encrypted email. If you encrypt it nobody can read it.

Normally Encryption is used for signing emails, this is done to prove that it came from who the sender appears to be. The basic process is you hash the email and then encrypt the hash with your private key. If anyone needs to prove who sent it, then they can hash the email and compare that hash with the hash from the signature which they unencrypt with your public key.

You dont encrypt the whole email because of the time it takes to unencrypt - this is why the system uses a hash algorithm.

Once you do this, you're down to a level of trust - the recipient may have have a public key, but how can they be certain it's yours? Normally you will have given it to them yourself, but if it's been sent electronically, there is nothing to stop someone else intercepting your email and replacing it with their own keys. They can then easily strip your original signature off your emails and re-sign them with the private key of the pair they have already subsituted as your public key.

The way to ensure trust is to use a certificate authority who produces a signed version of your public key, it's signed with their private key which never leaves their server, but for which they make the public key readily available. Anyone can download their public key and verify that your public key is actually yours.

So there you have it. PGP/AES (the choice is arbitrary, generally you pick the one that's hardest to crack for your purposes) is used not for security but for proof of ID.

[elija]

If you want security, encrypt with their public key and then sign with your private one. But it is slow relatively speaking

[Thrillhouse]

One thing must ye know of encrypted email. If you encrypt it nobody can read it.

I'm not sure what you mean here but this isn't necessarily true. It depends on the encryption algorithm being used. If you're using symmetric key, then yes, under the correct circumstances, no one should be able to read your encrypted e-mails. But if somehow your key is compromised (or you foolishly give it away to someone) then whomever has knowledge of your key can read the e-mail that it's encrypted with. However, if you're using public key, then anyone who can gain access to your public key will be able to read your encrypted e-mails. Again, this would still depend on your method of secure key exchange.

You dont encrypt the whole email because of the time it takes to unencrypt - this is why the system uses a hash algorithm.

Encrypting e-mails is neither uncommon nor difficult. Anyone who sees confidentiality as a high priority would be willing to sacrifice the split second it takes it decrypt an e-mail for the satisfaction of knowing that their communications are secure. Unencrypted e-mails float from server to server around the Internet until they arrive at their destination and anyone who has access to those servers essentially has access to your e-mails.

questio, if you're growing paranoid about security (which is a good thing) PGP (and its open source counterpart, GPG) is a simple and secure solution for e-mail privacy. It hasn't been cracked, or at least the fact that it has been cracked hasn't been published, it integrates nicely with most mail clients and the US government has endorsed it as one of the more secure encryption suites. You can take that last one for what it's worth.

[Roxoff]

I'm not sure what you mean here but this isn't necessarily true.

Right, that's me chastised then; no more will I use off-the-cuff, flippant remarks to try and raise a smile or two... (yeah, right).

Encrypting e-mails is neither uncommon nor difficult. Anyone who sees confidentiality as a high priority would be willing to sacrifice the split second it takes it decrypt an e-mail for the satisfaction of knowing that their communications are secure.

Not really true. The people who have the most to lose by sending unencrypted communications (i.e. governments) don't use encryption this way - theirs is down to a private key implemented on a token (usually a smart-card or similar) and these take AGES to unencrypt anything. The devices only have a small key, and the general case is that the private key never leaves the device.

questio, if you're growing paranoid about security (which is a good thing) PGP (and its open source counterpart, GPG) is a simple and secure solution for e-mail privacy. It hasn't been cracked, or at least the fact that it has been cracked hasn't been published, it integrates nicely with most mail clients and the US government has endorsed it as one of the more secure encryption suites. You can take that last one for what it's worth.

And I concur with this - Open Source is definitely the way to go with security, it's the only way to ensure the security mechanisms rely on solid mathematical principles rather than some hidden short-cut technique which can compromise security.