I just attended the 2017 TechShow hosted by the American Bar Association in Chicago and I came across the statement that some ‘secure e-mail vendors’ actually were selling ‘fake encryption’. What does that mean? It means these vendors sell double encryption and provide exactly as much security and protection as Yahoo Mail does, without any encryption of content whatsoever. Let me explain…
Encryption still is a hot topic in the legal community, while the fake news still rule the media coverage in the US, the ‘fake’ moniker has even reached IT in the legal community.
I attended this great session by Sherri Davidoff and John Simek on secure communication/encryption and was surprised by an interesting choice of words: “fake” encryption for a certain type of secure e-mail solutions in the market. This stuck with me, and I decided to investigate a little further what the vendors of these “fake” encryption solutions were actually selling/telling the legal community.
I realized how difficult this topic may be to understand for non-specialists, while attending such a vendor sponsored session. This vendor (with 3 specialists and a lawyer on stage) pushed very hard on the lawyers in the room, that they offered not just one, but 2 types of encryption with their solution. First all messages are protected by TLS (Transport Layer Security) encryption while they transit from the user server to the third-party system, and then they are stored there with a very secure at-rest-encryption (called AES). The recipient receives a link with which he can read his ‘secure’ message on the provider website by logging in with a username/password combination.
You leave such a session thinking that this must be a great solution, a good deal (2 encryptions for the price of 1) and really make a legal practice secure. It seems a convincing argument, and one could not be more wrong. It is 100% equivalent to the standard Gmail or Yahoo Mail offering.
How can we explain these topics in an easily understandable way, and avoid overwhelming the user/buyer with IT complexity?
Let us illustrate again how e-mail security looks like in such cases based in the post card example. Anywhere a postal employee can read your post card, the same can happen with your e-mail. This examples assumes TLS between all server connections, which is an overly optimistic assumption.
TLS transport encryption is still touted as special protection by vendors. It is still not the default for each e-mail as many of the connections between servers are still not TLS encrypted today. TLS often only works between the end device and the mail server, the majority of connections between 2 mail servers are often unprotected. See the e-mail below from Yahoo to Gmail, routed via 6 servers. In a practical sense, if you do not have encryption everywhere along the whole chain, you have no encryption/content protection at all.
Let us analyze how an attacker would approach such a set-up, without diving into the real technical details:
a) With TLS in use, attacking the message while in transit is not trivial. It carries the vulnerabilities linked to X.509 and the use of commercial CAs.
b) The next attack point is on the servers that the message transits through. TLS only protects between servers (and only sometimes); hence the message can be intercepted in plain text on each server (6 such servers in the example above).
c) Next is the log-in information. If the attacker can intercept, guess or brute force the username/password (for example by intercepting the first e-mail exchange between the 2 parties), then he has all the information. At-rest encryption is no protection either, as it is disabled by username/password entry.
d) All the information is at any moment available to the owner/host of the solution. There is no protection against access from owner/operator/administrators at all, you simply have to trust them, even if the information is encrypted at rest.
The key message here is that solutions providing e-mail encryption solutions sending out a links to read confidential e-mail on third-party web servers, protect your confidential e-mail the same as Gmail or Yahoo Mail (or worse). If a hacker can capture the username/password, then there is NO protection at all.
Now ask yourself the question how many time have Yahoo Mail, Gmail, etc been hacked in the past year and user credentials been stolen? It even happens regularly to people that should be able to know how to deal with secret information like David Petraeus on Gmail, Mike Pence on AOL, the DNC, Hillary Clinton,…
Hence the classification ‘fake’ encryption for such solutions (available from many different suppliers. The mentioned session at ABA Tech was conducted by a different vendor than shown below) by the real security experts. Once you have username and password, everything is accessible in these solutions.
With end-to-end encryption, this is not the case: username/password only provide access to unreadable files (see picture below) – a secret private key is necessary to decrypt.
I think it is necessary to remind everyone of the different types of protective solutions for e-mail:
1. End-to-end encryption solutions, like S/MIME, PGP or pEp are the only ones considered secure by experts. These solutions operate with asymmetric encryption, they use a public and a private key, where the private key is only in the possession of the owner. The message gets encrypted with the receiver’s public key on the sender’s PC or mobile device and can only be decrypted on the receiver’s device in the presence of his secret private key (the private key is a small file on his PC/mobile).
2. Gateway solutions, hardware connected at the border that are mostly used in corporate environment for compliance purposes and encrypt messages when they leave the corporate network and tested positive to a rule check.
3. Solutions that turn confidential e-mails into website links for the recipient to click on, receive a username and password, log in to a third-party webmail system and read the ‘secure’ e-mails on those systems. These solutions exist also as gateways or as software on the PC/Mobile and were labelled as ‘fake’ encryption in the presentation.
Other solutions that protect documents/attachments only, via password protection or digital rights management, are also available, but we disregard them here as they provide a different value proposition (they do not protect the e-mail communication, just an attached document). In my experience, they do not lead to happy recipients and widespread adoption.
So, in summary:
Secure e-mail solutions providing web-links are as secure as Yahoo Mail. No need to take further steps or spend money on it. The “fake” encryption classification seems well deserved, as it adds nothing to protect the user and his message content from hackers, host or admins.
If you want to be protected by encryption, you must have your own secret private key. Any solution that does not provide you with a secret key of your own, should make you suspicious. And you should be the only person having access to the private key. I recommend to have them validated by security specialists, like Sherri Davidoff or John Simek, before buying/deploying them as protective measures.
Good solutions today operate with secret keys. If you do not have a secret key, be aware as you may have ‘fake’ encryption.
The best solutions for e-mail are using asymmetric cryptography and operate with 2 different keys (one public & one private). PGP and pEp (pretty Easy privacy) are such solutions. The efforts of pEp are in addition focused on making this key management invisible and seamless.
Just for illustration a few slides out of the ABA TechShow presentation by Sherri and John:
This picture below is an unprotected e-mail or an e-mail protected by ‘fake’ encryption; after retrieving username/password, the hacker can read everything.
Below is what a protected e-mail by end-to-end cryptography (PGP in this case) looks like. Even after a hacker stole username/password to the e-mail account, he still cannot read anything as you can see.
A picture says more than a thousand words, no?