1 / 44

Signed, Sealed and Delivered

Signed, Sealed and Delivered. How the emphasis on “encrypting” mail has hurt the cause of email security, and what to do about it. Simson L. Garfinkel MIT Computer Science and Artificial Intelligence Laboratory. Email Security 101. Internet email is not “secure”

kiora
Télécharger la présentation

Signed, Sealed and Delivered

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Signed, Sealed and Delivered How the emphasis on “encrypting” mail has hurt the cause of email security, and what to do about it. Simson L. Garfinkel MIT Computer Science and Artificial Intelligence Laboratory

  2. Email Security 101 • Internet email is not “secure” • “Email is like a postcard” --- anybody can read it • People can forge email with your name on it. • Encryption is the only protection for email.

  3. “Email encryption for everybody” Protects private email from government snoops “Web of Trust” Many books written Fringe activity PGP: Pretty Good Privacy (1992) Phil Zimmermann web of trust

  4. S/MIME: Secure Mail, Circa 1998 • RSA Data Security promotes “S/MIME” standard. • Certificate-based identification • S/MIME incorporated into: • Microsoft Outlook Express • Microsoft Outlook • Lotus Notes CN: Marian GarfinkelDN: mariang102@aol.com CN: Simson L. GarfinkelDN: simsong@acm.org

  5. 1999: Email Security Mess #1 • PGP not compatible with S/MIME • Ongoing legal battles between PGP & RSADSI • Plug-ins add to confusion

  6. 1999: Email Security Mess #2 • Usability must be to blame! • PGP is hard to use… • “Why Johnny Can’t Encrypt.” Alma Whitten & D. Tygar, Usenix Security, 1999 • S/MIME is easy, but you need a certificate, and getting a certificate is hard… Whitten Tygar

  7. Email Security Today • 16 years since the release of PGP • Most Internet mail is not encrypted • but… • For many people, email is nevertheless “secure.”

  8. What is Email Security Anyway? • For the academic security establishment: • “Secure” was synonymous with “encrypted” (sealed) • Reflects longstanding bias of military security objectives ascendancy over commercial objectives. • “A comparison of commercial and military computer security models,” Clark & Wilson, Proceedings 1987 IEEE Symposium on Security and Privacy, pp. 184-194 • “Secure” doesn’t mean “encrypted!”

  9. Email Security means… • CONFIDENTIALITY -- Others can’t read it • INTEGRITY -- Message not modified after SEND • AUTHENTICITY -- From: is really sender • RELIABILITY -- It really gets there How do we get these today?

  10. Email Security Today • CONFIDENTIALITY • If I send mail to mom@aol.com, I’m pretty sure that nobody else is going to read it… • … because I trust AOL • … because I trust my ISP and the Internet • … because my mail just isn’t that important

  11. Email Security Today • CONFIDENTIALITY • If both me and my mother are AOL users, then I only need to trust AOL… • … if I don’t trust AOL, then the game is already over (I’m using AOL’s software!)

  12. Email Security Today • CONFIDENTIALITY -- Others can’t read it • INTEGRITY -- Message not modified after SEND • Mail is rarely modified after it is sent. • Crypto guarantees don’t apply to: • Quoted material • Forwarded messages (unless message forwarded as an attachment.) • Few people (if any) seem to realize when their mail is modified, anyway.

  13. No Integrity, no cry

  14. Email Security means… • CONFIDENTIALITY -- Others can’t read it • INTEGRITY -- Message not modified after SEND • AUTHENTICITY -- From: is really sender • Big part of today’s SPAM problem! • We don’t really need a certificate hierarchy… • … we need to know that this simsong@acm.org is different than that other simsong@acm.org!

  15. Email Security means… • CONFIDENTIALITY -- Others can’t read it • INTEGRITY -- Message not modified after SEND • AUTHENTICITY -- From: is really sender Authentic AOL Mail Internet Mail Received on AOL

  16. Email Security means… • CONFIDENTIALITY -- Others can’t read it • INTEGRITY -- Message not modified after SEND • AUTHENTICITY -- From: is really sender • RELIABILITY -- It really gets there • SPAM filtering is the threat!

  17. Threat Models • “Security” is about protecting from specific threats. • PGP’s threat model: • oppressive governments vs. human rights workers. • Web-of-trust protects against infiltration • S/MIME’s threat model: • Unlicensed implementations & Patent violations • Certificate hierarchy promotes centralized control.

  18. Today’s Email Security Threats • SPAM • Forged From: addresses • SPAM filters block legitimate mail • Phishing • Email claiming to be from Citibank directs recipient to website in Russia… • Hypothesis: Today’s email threats can be solved through digitally-signed mail alone.

  19. What’s Digitally Signed Mail? • Mail signed with a secret key.

  20. What’s Digitally Signed Mail? • Mail signed with a secret key. • Signature verified with a public key.

  21. What’s Digitally Signed Mail? • Mail signed with a secret key. • Signature verified with a public key. • Provides: • Proof that the secret key was used. • Proof of identity if secret key is signed... • Assurance that message wasn’t modified after it was sent. Not needed for today’s threats!

  22. Digital Signatures Today • S/MIME support is nearly universal • Works great if Certificate Authority is known: • Horrible if CA is unknown: • Problem: Users can’t make their own certificates; they have to get them.

  23. Plan for Secure Email • Organizations that send email should get certificates and send S/MIME-signed mail. • Next-generation of S/MIME clients should: • Acceptall certificates. • Report when a certificate changes. • (SSH security model.)

  24. Amazon S/MIME Survey • I gave a talk about self-signed certificate in January 2004 at Amazon. • Unknown to me, Amazon had been sending S/MIME-signed email to its European Amazon Marketplace Sellers since June 2003.

  25. Amazon Marketplace VAT Invoice

  26. Research Questions • Could people verify the signature? • Did people know that the messages were signed? • Did people know what a signed message meant? • What did people think that the signed message meant? • How did receiving a signed message affect their attitudes?

  27. Methodology • Web survey posted in Amazon Sellers Forums. • 5 web pages; 40 questions total • 2 minutes to complete each page • Different URLs for Europe vs. America • Europe Sellers – had received signed messages from Amazon • US Sellers – had not receive signed messages from Amazon

  28. Respondents • 1083 sellers clicked on the link • 470 submitted the first web page • 417 completed all five pages • Very educated: • 26.1% advanced degree • 34.9% college degree • Very computer literate: • 18% “very sophisticated” computer user • 63.7% “comfortable” using computers

  29. Knowledge and Attitudes • What do the respondents know?

  30. “What Kinds of Email Have You Received?” • Many knew what they had received. • Passive learning about encryption by recipients.

  31. More Proof of Passive Learning • Practically speaking, is there a difference between digitally-signed mail and sealed mail? • Europe: 67%** yes ; 7% no; 25%** don’t know • US: 51% yes** ; 7% no; 43%** don’t know • Practically speaking, is there a difference between mail that is sealed and mail that is both signed and sealed? • Europe: 62%* yes ; 9% no ; 28%** don’t know • US: 48%* yes; 8% no; 44%** don’t know

  32. “Savvy” vs. “Green” • Savvy are respondents who: • Say they have a 1 (“very good”) or 2 understanding of crypto on a 5-point scale (23 & 53 respondents) • Say they have received a digitally-signed message (104 respondents) • Say they have received a sealed message (39 respondents) • Say that they “always” or “sometimes” send digitally-signed message (29 respondents) • |Savvy| = 138 |Green| = 279 • Savvy vs. Green: 78% vs. 42% on test question (p<.001)

  33. What should be digitally signed?

  34. What should be sealed? Europe: 30%US: 51%

  35. Survey Conclusions 1 • People feel that different kinds of email deserve different kinds of protection. • Should be signed: • Receipts from online merchants (59%) • Tax returns or complaints to regulators (74%) • Should be sealed: • Bank or credit-card statements (79%) • Tax returns or complaints to regulators (74%) • Although many security gurus say that personal mail should be sealed and/or signed, Savvy users don’t feel that way.

  36. People Can Receive Signed Mail! • 65% had S/MIME-capable mail clients • 42% Outlook Express • 31% Outlook • 10% Netscape Mail • 3% Apple Mail • The rest use systems that could be trivially modified to display S/MIME signatures • 18% AOL • 29% Hotmail • 43% Yahoo Mail • 25% Your organization’s web mail • 12% Your ISP’s web mail

  37. … But people don’t know it!

  38. People have the software; why don’t they use it? • “I don’t because I don’t care” • “I doubt any of my usual recipients would understand the significance of the signature.” • “Never had the need to send these kinds of emails.” • “I don’t think it’s necessary to encrypt my email & frankly it’s just another step & something else I don’t have the time for!”

  39. Receiving vs. Sending • Receiving signed mail is easy! • You can just receive it! • Receiving sealed mail is hard • You need a cert! • If you lose your cert, you can’t read your old mail! • Sending is hard • To send signed mail, you need a cert! • To send sealed mail, you need the recipient's cert!

  40. The Danger of Receiving Sealed Mail • [Delete your cert, you won’t be able to read stored mail.] • “Before you read the paragraph above, did you know that you might lose the ability to read mail sealed with encryption after you had received it?”

  41. Why don’t people sign mail? • Do you send digitally-signed mail? • 45% - Never; I don’t know how • 19% - Rarely; it is not necessary for my kind of mail • 10% - I usually don’t; I don’t care enough to do it • 4% - Sometimes • 2% - Always • 24% - Sorry, I don’t understand what you mean by “digitally-signed”

  42. Why don’t people seal mail? • Do you send email that is sealed? • 17% - Rarely; not necessary for my kind of mail • 41% - I don’t; don’t know how • 14% - I don’t; afraid recipient won’t be able to read it • 8% - Rarely; I just don’t care • 6% - No; it’s just too hard • 4% - Sometimes • 22% - Sorry, don’t know what you mean by “sealed” or “encrypted”

  43. Outlook Bugs • A variety of bugs in Microsoft Outlook cause problems with S/MIME-signed mail. • Outlook tries to sign replies to signed mail --- even if the user doesn’t have a key! Mail that is signed with an attachment but no text can’t be read. • Microsoft must address these problems before we can recommend signing for the masses.

  44. Conclusions… • Signing: • Companies like Amazon and eBay should start sending out signed mail today. • Although individuals can send signed mail today, there’s little compelling reason to do so. • Sealing: • The technology still isn’t ready • Fortunately, we don’t really need it right now.

More Related