Enhancing Email Security with S/MIME
Chuck Connell, www.chc-3.comwww.DominoAdministration.com, www.DominoSecurity.org
Introduction Worked at Lotus from 90 to 95 Managed Notes C API team, architect in
(short-lived) “enterprise applications” group, business partner technical liaison
Began my own business in 1995 Notes/Domino consulting, writing, teaching
CS at Boston University Security expert at www.SearchDomino.com
Outline What is S/MIME? Why do we care about it? Secrecy, authentication, and integrity Cryptography primer, including public key
techniques and certificates How S/MIME works Where S/MIME is used in Notes/Domino How to use S/MIME
Audience Experienced with Notes, Domino, general
email topics Used some encryption/privacy tools Not a security expert or mathematician (will
skip gory details) My goal is to explain a fairly complex topic
to a generally knowledgeable computer audience
What is S/MIME? When email was first developed, people
could only send plain text messages MIME was developed in early 90s to allow
people to send pictures, sound, programs and general attachments -- “Multipurpose Internet Mail Extension”
MIME has no security features, can be read along its route or forged (easily)
S/MIME is a secure version of MIME
What does S/MIME give us? Secrecy – Only intended recipient can read
the message. (A thick envelope and trustworthy couriers.)
Authentication – Recipient knows the message came from the apparent sender. (An ink signature that you recognize.)
Integrity – Recipient knows the message was not changed en route. (Un-erasable ink in a letter.)
Cryptography primer Secret key (a.k.a symmetric cipher) Public key (a.k.a. asymmetric cipher)
– Secrecy– Authentication– Secrecy and authentication
Hashing (a.k.a. message digest) Public key certificate (X.509)
Symmetric cipher Dates back thousands of years A “key” is scrambled into the message in a way
that makes the message unreadable Scrambling method can be pencil and paper,
mechanical, or mathematical Key can be numbers, letters, text from a book Only way to read the message (easily) is to
unscramble it with the same key Sender and receiver must exchange key somehow
Symmetric cipher
Public key cryptography (PKC) Invented in 1970s There are two keys; one public for all to
see, the other kept secret to one person Keys are pairs of large numbers, related to
prime number theory Message is scrambled with one key; only
unscrambled easily with the other key Can be used for secrecy, authentication, or
both
Public key cryptography
PKC for secrecy only Chuck wants to send message that only
Katie can read Ciphertext = PKC(plaintext, katie’s public
key) Plaintext = PKC(ciphertext, katie’s private
key) Only Katie can decrypt the message, and
Chuck does not have to send her a key
PKC for authentication only Chuck wants to send message to Katie and prove
it is from him Ciphertext = PKC(plaintext1, chuck’s private key) Chuck sends ciphertext and plaintext1 Plaintext2 = PKC(ciphertext, chuck’s public key) Katie compares plaintext1 (sent) with plaintext2
(decrypted) If they match, only Chuck could have sent the
message.
PKC for secrecy and authentication Chuck wants to send secret message to Katie and prove
it is from him Cipher1 = PKC(plaintext1, chuck’s private key) Cipher2 = PKC(Cipher1 and plaintext1, katie’s public
key) Chuck sends Cipher2 Cipher1 and Plaintext1 = PKC(Cipher2, katie’s private
key) Plaintext2 = PKC(Cipher1, chuck’s public key) Katie compares plaintext1 (sent) with plaintext2
(decrypted)
Hashing A one-way operation that is hard to undo Often results in a shorter message, which is
called a message digest Example: “Let’s have breakfast at Dunkin
Donuts” “h7tfd8Fr”
Public key certificate But, there is a problem with PKC… How does Katie
know it is really Chuck sending her the message. Someone could pretend to be Chuck.
Public key certificates solve this problem (mostly) A public key certificate contains
– A person’s name– That person’s public key– Name of a trusted certifying authority (CA)– Digital signature of the CA, using their private key
Certificate can be verified with CA’s public key X.509 is most common format
Questions ?
So what is S/MIME? S/MIME puts all these techniques together
to create a practical, efficient, reasonably secure email protocol
Standard (symmetric) cipher – RC2 or TripleDES
Public key (asymmetric) cipher – RSA Hashing – SHA-1 or MD5 (Mathematical details found in references)
S/MIME for secrecy only1. Chuck’s email program creates a random key
(session key) to be used in a symmetric cipher.2. Chuck’s email program encrypts the message
with the symmetric cipher and session key. 3. Chuck’s email program encrypts the session key
with PKC and Katie's public key.4. Chuck’s email program creates a package of:
encrypted message, encrypted session key, his X.509 certificate, names of encryption algorithms.
S/MIME for secrecy, continued
5. Chuck’s email program sends package to Katie. This is an S/MIME email message.
6. Katie’s email program receives package.7. Katie's email program uses her private key
(and named PKC method) to decrypt the session key.
8. Katie’s email program uses session key (and named symmetric cipher) to decrypt the message.
S/MIME for authentication only1. Chuck’s email program uses hash function to
create message digest2. Chuck’s email program encrypts message digest
with PKC and his private key3. Chuck’s email program creates a package of:
original message, encrypted message digest, his X.509 certificate, names of encryption algorithms
4. Chuck’s email program sends package to Katie. 5. Katie's email program receives package
S/MIME for authentication, continued6. Katie’s email program verifies Chuck’s X.509
certificate by testing signature of CA7. Katie’s email program gets Chuck’s public key
from his certificate8. Katie's email program uses Chuck’s public key to
decrypt the message digest9. Katie's email program independently computes the
message digest, using the same hash function10. Katie's email program compares the two message
digests to verify sender and message integrity
S/MIME for secrecy and authentication1. Message is authenticated just as shown above2. Authenticated package is made secret, just as
shown above3. Secret package is sent to recipient4. Receiver uses his/her private key to decrypt
session key5. Receiver uses session key to decrypt rest of
secret package, yielding authenticated message6. Receiver authenticates message, just as shown
above
Questions ?
So S/MIME is used for Notes mail? No! For pure Notes email (Notes and Domino)
S/MIME is not needed. Notes has its own, similar, methods.
S/MIME is used whenever pure Notes email is not available– From Notes, through Domino, to other email– From Notes, through standard server, to any email– From other email, through Domino, to any email
Using S/MIME Get a digital identification Set up Domino server for S/MIME Use S/MIME with general email clients Use S/MIME with Notes
Getting a digital identification A digital ID is
– Your name– Public/private key pair– Public key certificate for this ID
Most popular vendors are www.Thawte.com and www.VeriSign.com
Thawte is free, but VeriSign is only $15/year and simpler to use
Setting up Domino for S/MIME Do nothing! (other than standard Internet
mail set up) (If anyone is aware of special settings that
are required, please let me know.)
S/MIME with standard email clients (e.g. Outlook Express) If you got your digital ID on this computer,
it is already installed (Can see the ID with Start / Settings / Control Panel / Internet Options / Content / Certificates)
For secrecy, just press Encrypt For authentication, just press Sign When receiving a message, you will see
security symbols near the attachment paperclip
Using S/MIME with Notes(Assuming digital ID already on Windows
computer)
1. Export digital ID from Windows2. Import digital ID to Notes ID file3. Make sure this certificate will be used for
Internet mail from Notes4. Use digital ID as you send and receive email
Demonstration…
For further reading Excellent online overview of cryptography:
www.rsalabs.com/faq/ Cryptography and Network Security by William
Stallings – Good general security textbook. www.amazon.com/exec/obidos/ASIN/0138690170
S/MIME Internet task force: www.imc.org/ietf-smime/index.html
Relationship between S/MIME and PGP/MIME: www.imc.org/smime-pgpmime.html
Top Related