Bits & Bytes: E-mail encryption
April 29, 2011
Previous articles have mentioned the lack of privacy associated with sending e-mails and the ability to establish privacy by sending encrypted e-mails. What most people find surprising is how easy it is to send and receive encrypted messages.
First, do you think that the person to whom you send an e-mail is the only one reading it? If you do, let's address that misconception. Every e-mail is stored on many servers and any employee of any company running those servers has complete access to your e-mails.
In addition, as your e-mail travels between servers, it is available to almost anyone with an Internet connection. Now, you might ask, “Who would know to target me?” No one has to target you because it's all automatic. Scanning systems can scan 10's of thousands of e-mails every second. These automatic systems look for known patterns, such as credit card information, the word “password”, etc. and they don't only scan the body of the e-mail, they also scan all attachments, including PDF attachments. If you already know this, then you are ahead of the norm.
In a recent test we conducted, we found a major US distributor that, as a normal procedure, asked their retailers to submit payment information via a PDF form they e-mailed. This distributor has over 200,000 customers and still requests their customers to open up their credit card and banking information via insecure e-mail even though it puts these customers at significant risk. The important thing to take from this example is that the people to whom you send information are not looking out for your privacy; you have to protect your own information.
How does this e-mail encryption work? Well, it's pretty simple. First thing to understand is there are two “keys” involved. These work much like a key to open the door except that this door has one key to lock the door and another to unlock it. This will be clearer in a second.
The next thing to understand is what encryption actually does. As you now know, when you send a message by e-mail it can be easily, to say the least, read by many people. Since we can't change how the e-mail will be sent (unless you plan to create an entirely new electronic messaging infrastructure), we do something just as effective: we scramble everything so that when a third party does read your message, they can't understand it. For example, the message, “Hello, isn't it a great day. Attached are the financial documents you requested.” looks like this when it is encrypted:
Notice that everything about the message is concealed including the length of the message, the number of words, and, of course, the content.
Now that you you understand what encryption does, how do you do it? This goes back to the two keys mentioned earlier. When this whole system was being created, the creators wanted to make it as easy as possible to use so that people would not be discouraged from encrypting messages. To this end, you want to be able to have anyone send you an encrypted message without their being able to read messages that others send you.
To accomplish this, the two-key system was developed. One key is a “public” key that you can safely distribute to all of your friends, colleagues, business associates, etc. This key is safe to give out because it can only encrypt messages, but it can't decrypt messages. To decrypt messages, a “private” key is used. The private key is the one you want to keep ultra secret because it will decrypt (unscramble) the messages you receive. This leaves the question of how to use these keys and even what these keys are. Well, the keys are actually just long strings of characters that look like this:
-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: GnuPG v1.4.10 (GNU/Linux)
-----END PGP PUBLIC KEY BLOCK-----
The only time you usually interact with these keys is when you are exchanging public keys. Private keys are generally just stored on your computer since you wouldn't ever want to give those to someone else. If you wanted to use that key it is simply copied and pasted into your e-mail software.
Most e-mail programs today have the capability to send encrypted e-mail either directly or by simple add-ons. Once your e-mail program is setup to receive / send encrypted e-mail (which is generally fairly quick to accomplish), the process is mostly automatic. If you wish to send someone an encrypted e-mail, simply ask them for their public key. They will reply with a long block of characters such as the example above. Once you have that block of characters, highlight it, copy it, create an e-mail as usual and click encrypt. You will then be prompted to paste the recipient's public key. Pasting that block they sent you will encrypt the message so only the recipient can read it. If someone would like to send you an encrypted message, simply send them your public key by e-mail so they can copy/paste it; every encrypted e-mail is encrypted using the recipient's public key.
When you receive an encrypted e-mail your e-mail program will automatically decrypt it using the private key stored on your computer. The final question you may be thinking is, “how do I get these keys?” Once your e-mail program is setup to work with encrypted e-mails, they are generated automatically based an various characteristics of your system.
There are other ways to distribute your public key such as posting your public key to a “key server”. Various organizations such as MIT, Symantec, and others, provide such a service. This can be very convenient, because your e-mail program can look on these key servers automatically for messages to retrieve public keys. However, these days, it is not recommended to use these services as they make your e-mail address visible to spammers. Therefore it is generally considered best practice to provide your public key by request.
This may all sound confusing, but it is very simple to update your e-mail program to enable encryption. And this one change will go a long way to protect the information you pass to others via e-mail.
(Bits & Bytes is a computer troubleshooting advice column provided by Zebis, a single point of contact managed service provider located on Sanibel serving clients worldwide.)