Signed,%20Sealed%20and%20Delivered

1
Signed, Sealed and Delivered

• How the emphasis on encrypting mail has hurt
  the cause of email security, and what to do about
  it.
• Simson L. Garfinkel
• MIT Computer Science and Artificial Intelligence
  Laboratory

2
Email Security 101

• Internet email is not secure
• Email is like a postcard --- anybody can read
  it
• People can forge email with your name on it.
• Encryption is the only protection for email.

3
PGP Pretty Good Privacy (1992)

• Email encryption for everybody
• Protects private email from government snoops
• Web of Trust
• Many books written
• Fringe activity

Phil Zimmermann
web of trust
4
S/MIME Secure Mail, Circa 1998

• RSA Data Security promotes S/MIME standard.
• Certificate-based identification
• S/MIME incorporated into
• Microsoft Outlook Express
• Microsoft Outlook
• Lotus Notes

CN Simson L. GarfinkelDN simsong_at_acm.org
CN Marian GarfinkelDN mariang102_at_aol.com
5
1999 Email Security Mess 1

• PGP not compatible with S/MIME
• Ongoing legal battles between PGP RSADSI
• Plug-ins add to confusion

Product PGP S/MIME
Eudora ?
Lotus Notes
Microsoft Outlook ?
Microsoft Outlook Express ?
Netscape Messenger ?
6
1999 Email Security Mess 2

• Usability must be to blame!
• PGP is hard to use
• Why Johnny Cant Encrypt. Alma Whitten D.
  Tygar, Usenix Security, 1999
• S/MIME is easy, but you need a certificate, and
  getting a certificate is hard

Whitten
Tygar
7
Email Security Today

• 16 years since the release of PGP
• Most Internet mail is not encrypted
• but
• For many people, email is nevertheless secure.

8
What is Email Security Anyway?

• For the academic security establishment
• Secure was synonymous with encrypted (sealed)
• Reflects longstanding bias of military security
  objectives ascendancy over commercial objectives.
• A comparison of commercial and military computer
  security models, Clark Wilson, Proceedings
  1987 IEEE Symposium on Security and Privacy, pp.
  184-194
• Secure doesnt mean encrypted!

9
Email Security means

• CONFIDENTIALITY -- Others cant read it
• INTEGRITY -- Message not modified after SEND
• AUTHENTICITY -- From is really sender
• RELIABILITY -- It really gets there

How do we get these today?
10
Email Security Today

• CONFIDENTIALITY
• If I send mail to mom_at_aol.com, Im pretty sure
  that nobody else is going to read it
• because I trust AOL
• because I trust my ISP and the Internet
• because my mail just isnt that important

11
Email Security Today

• CONFIDENTIALITY
• If both me and my mother are AOL users, then I
  only need to trust AOL
• if I dont trust AOL, then the game is already
  over (Im using AOLs software!)

12
Email Security Today

• CONFIDENTIALITY -- Others cant read it
• INTEGRITY -- Message not modified after SEND
• Mail is rarely modified after it is sent.
• Crypto guarantees dont apply to
• Quoted material
• Forwarded messages (unless message forwarded as
  an attachment.)
• Few people (if any) seem to realize when their
  mail is modified, anyway.

13
No Integrity, no cry
14
Email Security means

• CONFIDENTIALITY -- Others cant read it
• INTEGRITY -- Message not modified after SEND
• AUTHENTICITY -- From is really sender
• Big part of todays SPAM problem!
• We dont really need a certificate hierarchy
• we need to know that this simsong_at_acm.org is
  different than that other simsong_at_acm.org!

15
Email Security means

• CONFIDENTIALITY -- Others cant read it
• INTEGRITY -- Message not modified after SEND
• AUTHENTICITY -- From is really sender

Authentic AOL Mail
Internet Mail Received on AOL
16
Email Security means

• CONFIDENTIALITY -- Others cant read it
• INTEGRITY -- Message not modified after SEND
• AUTHENTICITY -- From is really sender
• RELIABILITY -- It really gets there
• SPAM filtering is the threat!

17
Threat Models

• Security is about protecting from specific
  threats.
• PGPs threat model
• oppressive governments vs. human rights workers.
• Web-of-trust protects against infiltration
• S/MIMEs threat model
• Unlicensed implementations Patent violations
• Certificate hierarchy promotes centralized
  control.

18
Todays Email Security Threats

• SPAM
• Forged From addresses
• SPAM filters block legitimate mail
• Phishing
• Email claiming to be from Citibank directs
  recipient to website in Russia
• Hypothesis Todays email threats can be solved
  through digitally-signed mail alone.

19
Whats Digitally Signed Mail?

• Mail signed with a secret key.

20
Whats Digitally Signed Mail?

• Mail signed with a secret key.
• Signature verified with a public key.

21
Whats Digitally Signed Mail?

• Mail signed with a secret key.
• Signature verified with a public key.
• Provides
• Proof that the secret key was used.
• Proof of identity if secret key is signed...
• Assurance that message wasnt modified after it
  was sent.

Not needed for todays threats!
22
Digital Signatures Today

• S/MIME support is nearly universal
• Works great if Certificate Authority is known
• Horrible if CA is unknown
• Problem Users cant make their own certificates
  they have to get them.

23
Plan for Secure Email

• Organizations that send email should get
  certificates and send S/MIME-signed mail.
• Next-generation of S/MIME clients should
• Accept all certificates.
• Report when a certificate changes.
• (SSH security model.)

24
Amazon S/MIME Survey

• I gave a talk about self-signed certificate in
  January 2004 at Amazon.
• Unknown to me, Amazon had been sending
  S/MIME-signed email to its European Amazon
  Marketplace Sellers since June 2003.

25
Amazon Marketplace VAT Invoice
26
Research Questions

• Could people verify the signature?
• Did people know that the messages were signed?
• Did people know what a signed message meant?
• What did people think that the signed message
  meant?
• How did receiving a signed message affect their
  attitudes?

27
Methodology

• Web survey posted in Amazon Sellers Forums.
• 5 web pages 40 questions total
• 2 minutes to complete each page
• Different URLs for Europe vs. America
• Europe Sellers had received signed messages
  from Amazon
• US Sellers had not receive signed messages from
  Amazon

28
Respondents

• 1083 sellers clicked on the link
• 470 submitted the first web page
• 417 completed all five pages
• Very educated
• 26.1 advanced degree
• 34.9 college degree
• Very computer literate
• 18 very sophisticated computer user
• 63.7 comfortable using computers

29
Knowledge and Attitudes

• What do the respondents know?

30
What Kinds of Email Have You Received?

• Many knew what they had received.
• Passive learning about encryption by recipients.

All Europe US
Email that was digitally-signed 22 33 20
Email sealed with encryption 9 16 7
Signed and Sealed 7 10 6
I do not think that I have received messages signed or sealed 37 30 39
I have not received messages signed or sealed 21 23 20
Im sorry, I dont understand what you mean by signed, sealed or encrypted 26 17 28
p lt 0.05 p lt 0.01 p lt 0.05 p lt 0.01 p lt 0.05 p lt 0.01 p lt 0.05 p lt 0.01
31
More Proof of Passive Learning

• Practically speaking, is there a difference
  between digitally-signed mail and sealed mail?
• Europe 67 yes 7 no 25 dont know
• US 51 yes 7 no 43 dont know
• Practically speaking, is there a difference
  between mail that is sealed and mail that is both
  signed and sealed?
• Europe 62 yes 9 no 28 dont know
• US 48 yes 8 no 44 dont know

32
Savvy vs. Green

• Savvy are respondents who
• Say they have a 1 (very good) or 2
  understanding of crypto on a 5-point scale (23
  53 respondents)
• Say they have received a digitally-signed message
  (104 respondents)
• Say they have received a sealed message (39
  respondents)
• Say that they always or sometimes send
  digitally-signed message (29 respondents)
• Savvy 138 Green 279
• Savvy vs. Green 78 vs. 42 on test question
  (plt.001)

33
What should be digitally signed?
All Savvy Green
Advertisements 17
Questions to online merchants 33 26 36
Receipts from online merchants 59
Personal email sent or received at work 40
Personal email sent or received at home 21
Bank or credit-card statement 65
Tax returns or complaints to regulators 74
newsletters from politicians 22
Mail to political leaders voicing opinion 38
34
What should be sealed?
Europe 30US 51
All Savvy Green
Advertisements 3
Questions to online merchants 18
Receipts from online merchants 47 39 51
Personal email sent or received at work 38 26 44
Personal email sent or received at home 31 25 34
Bank or credit-card statement 79
Tax returns or complaints to regulators 74
newsletters from politicians 3
Mail to political leaders voicing opinion 15
35
Survey Conclusions 1

• People feel that different kinds of email deserve
  different kinds of protection.
• Should be signed
• Receipts from online merchants (59)
• Tax returns or complaints to regulators (74)
• Should be sealed
• Bank or credit-card statements (79)
• Tax returns or complaints to regulators (74)
• Although many security gurus say that personal
  mail should be sealed and/or signed, Savvy users
  dont feel that way.

36
People Can Receive Signed Mail!

• 65 had S/MIME-capable mail clients
• 42 Outlook Express
• 31 Outlook
• 10 Netscape Mail
• 3 Apple Mail
• The rest use systems that could be trivially
  modified to display S/MIME signatures
• 18 AOL
• 29 Hotmail
• 43 Yahoo Mail
• 25 Your organizations web mail
• 12 Your ISPs web mail

37
But people dont know it!
Does your email client handle encryption? S/MIME - S/MIME
Yes 34 14
No 5 5
I dont know 54 66
Whats encryption? 7 14
p lt .05 p lt .01 p lt .001 p lt .05 p lt .01 p lt .001 p lt .05 p lt .01 p lt .001
38
People have the software why dont they use it?

• I dont because I dont care
• I doubt any of my usual recipients would
  understand the significance of the signature.
• Never had the need to send these kinds of
  emails.
• I dont think its necessary to encrypt my email
  frankly its just another step something else
  I dont have the time for!

39
Receiving vs. Sending

• Receiving signed mail is easy!
• You can just receive it!
• Receiving sealed mail is hard
• You need a cert!
• If you lose your cert, you cant read your old
  mail!
• Sending is hard
• To send signed mail, you need a cert!
• To send sealed mail, you need the recipient's
  cert!

40
The Danger of Receiving Sealed Mail

• Delete your cert, you wont be able to read
  stored mail.
• Before you read the paragraph above, did you
  know that you might lose the ability to read mail
  sealed with encryption after you had received it?

Users Non-Users
Yes 56 25
No 40 63
Dont know 4 11
p lt .05 p lt 0.001 p lt .05 p lt 0.001 p lt .05 p lt 0.001
41
Why dont people sign mail?

• Do you send digitally-signed mail?
• 45 - Never I dont know how
• 19 - Rarely it is not necessary for my kind of
  mail
• 10 - I usually dont I dont care enough to do
  it
• 4 - Sometimes
• 2 - Always
• 24 - Sorry, I dont understand what you mean by
  digitally-signed

42
Why dont people seal mail?

• Do you send email that is sealed?
• 17 - Rarely not necessary for my kind of mail
• 41 - I dont dont know how
• 14 - I dont afraid recipient wont be able to
  read it
• 8 - Rarely I just dont care
• 6 - No its just too hard
• 4 - Sometimes
• 22 - Sorry, dont know what you mean by sealed
  or encrypted

43
Outlook Bugs

• A variety of bugs in Microsoft Outlook cause
  problems with S/MIME-signed mail.
• Outlook tries to sign replies to signed mail ---
  even if the user doesnt have a key! Mail that is
  signed with an attachment but no text cant be
  read.
• Microsoft must address these problems before we
  can recommend signing for the masses.

44
Metaphors for digital signatures

• 37 - Its like signing your name at the bottom
  of a message
• 31 - Its like putting your fingerprint on the
  bottom of a message
• 28 - Its like having the message notarized
• 19 - Its like printing the message on official
  stationery
• 8 - Its like taking a photograph of the message
• 6 - Other

45
Conclusions

• Signing
• Companies like Amazon and eBay should start
  sending out signed mail today.
• Although individuals can send signed mail today,
  theres little compelling reason to do so.
• Sealing
• The technology still isnt ready
• Fortunately, we dont really need it right now.