Enhancing Email Security with S/MIME

1
Enhancing Email Security with S/MIME

• Chuck Connell, www.chc-3.com
• www.DominoAdministration.com,
• www.DominoSecurity.org

2
Introduction

• Worked at Lotus from 90 to 95
• Managed Notes C API team, architect in
  (short-lived) enterprise applications group,
  business partner technical liaison
• Began my own business in 1995
• Notes/Domino consulting, writing, teaching CS at
  Boston University
• Security expert at www.SearchDomino.com

3
Outline

• What is S/MIME?
• Why do we care about it?
• Secrecy, authentication, and integrity
• Cryptography primer, including public key
  techniques and certificates
• How S/MIME works
• Where S/MIME is used in Notes/Domino
• How to use S/MIME

4
Audience

• Experienced with Notes, Domino, general email
  topics
• Used some encryption/privacy tools
• Not a security expert or mathematician (will skip
  gory details)
• My goal is to explain a fairly complex topic to a
  generally knowledgeable computer audience

5
What is S/MIME?

• When email was first developed, people could only
  send plain text messages
• MIME was developed in early 90s to allow people
  to send pictures, sound, programs and general
  attachments -- Multipurpose Internet Mail
  Extension
• MIME has no security features, can be read along
  its route or forged (easily)
• S/MIME is a secure version of MIME

6
What does S/MIME give us?

• Secrecy Only intended recipient can read the
  message. (A thick envelope and trustworthy
  couriers.)
• Authentication Recipient knows the message came
  from the apparent sender. (An ink signature that
  you recognize.)
• Integrity Recipient knows the message was not
  changed en route. (Un-erasable ink in a letter.)

7
Cryptography primer

• Secret key (a.k.a symmetric cipher)
• Public key (a.k.a. asymmetric cipher)
• Secrecy
• Authentication
• Secrecy and authentication
• Hashing (a.k.a. message digest)
• Public key certificate (X.509)

8
Symmetric cipher

• Dates back thousands of years
• A key is scrambled into the message in a way
  that makes the message unreadable
• Scrambling method can be pencil and paper,
  mechanical, or mathematical
• Key can be numbers, letters, text from a book
• Only way to read the message (easily) is to
  unscramble it with the same key
• Sender and receiver must exchange key somehow

9
Symmetric cipher
10
Public key cryptography (PKC)

• Invented in 1970s
• There are two keys one public for all to see,
  the other kept secret to one person
• Keys are pairs of large numbers, related to prime
  number theory
• Message is scrambled with one key only
  unscrambled easily with the other key
• Can be used for secrecy, authentication, or both

11
Public key cryptography
12
PKC for secrecy only

• Chuck wants to send message that only Katie can
  read
• Ciphertext PKC(plaintext, katies public key)
• Plaintext PKC(ciphertext, katies private key)
• Only Katie can decrypt the message, and Chuck
  does not have to send her a key

13
PKC for authentication only

• Chuck wants to send message to Katie and prove it
  is from him
• Ciphertext PKC(plaintext1, chucks private key)
• Chuck sends ciphertext and plaintext1
• Plaintext2 PKC(ciphertext, chucks public key)
• Katie compares plaintext1 (sent) with plaintext2
  (decrypted)
• If they match, only Chuck could have sent the
  message.

14
PKC for secrecy and authentication

• Chuck wants to send secret message to Katie and
  prove it is from him
• Cipher1 PKC(plaintext1, chucks private key)
• Cipher2 PKC(Cipher1 and plaintext1, katies
  public key)
• Chuck sends Cipher2
• Cipher1 and Plaintext1 PKC(Cipher2, katies
  private key)
• Plaintext2 PKC(Cipher1, chucks public key)
• Katie compares plaintext1 (sent) with plaintext2
  (decrypted)

15
Hashing

• A one-way operation that is hard to undo
• Often results in a shorter message, which is
  called a message digest
• Example Lets have breakfast at Dunkin Donuts
  ? h7tfd8Fr

16
Public key certificate

• But, there is a problem with PKC How does Katie
  know it is really Chuck sending her the message.
  Someone could pretend to be Chuck.
• Public key certificates solve this problem
  (mostly)
• A public key certificate contains
• A persons name
• That persons public key
• Name of a trusted certifying authority (CA)
• Digital signature of the CA, using their private
  key
• Certificate can be verified with CAs public key
• X.509 is most common format

17
Questions ?
18
So what is S/MIME?

• S/MIME puts all these techniques together to
  create a practical, efficient, reasonably secure
  email protocol
• Standard (symmetric) cipher RC2 or TripleDES
• Public key (asymmetric) cipher RSA
• Hashing SHA-1 or MD5
• (Mathematical details found in references)

19
S/MIME for secrecy only

1. Chucks email program creates a random key
   (session key) to be used in a symmetric cipher.
2. Chucks email program encrypts the message with
   the symmetric cipher and session key.
3. Chucks email program encrypts the session key
   with PKC and Katie's public key.
4. Chucks email program creates a package of
   encrypted message, encrypted session key, his
   X.509 certificate, names of encryption algorithms.

20
S/MIME for secrecy, continued

• Chucks email program sends package to Katie.
  This is an S/MIME email message.
• Katies email program receives package.
• Katie's email program uses her private key (and
  named PKC method) to decrypt the session key.
• Katies email program uses session key (and named
  symmetric cipher) to decrypt the message.

21
S/MIME for authentication only

1. Chucks email program uses hash function to
   create message digest
2. Chucks email program encrypts message digest
   with PKC and his private key
3. Chucks email program creates a package of
   original message, encrypted message digest, his
   X.509 certificate, names of encryption algorithms
4. Chucks email program sends package to Katie.
5. Katie's email program receives package

22
S/MIME for authentication, continued

• Katies email program verifies Chucks X.509
  certificate by testing signature of CA
• Katies email program gets Chucks public key
  from his certificate
• Katie's email program uses Chucks public key to
  decrypt the message digest
• Katie's email program independently computes the
  message digest, using the same hash function
• Katie's email program compares the two message
  digests to verify sender and message integrity

23
S/MIME for secrecy and authentication

1. Message is authenticated just as shown above
2. Authenticated package is made secret, just as
   shown above
3. Secret package is sent to recipient
4. Receiver uses his/her private key to decrypt
   session key
5. Receiver uses session key to decrypt rest of
   secret package, yielding authenticated message
6. Receiver authenticates message, just as shown
   above

24
Questions ?
25
So S/MIME is used for Notes mail?

• No! For pure Notes email (Notes and Domino)
  S/MIME is not needed. Notes has its own, similar,
  methods.
• S/MIME is used whenever pure Notes email is not
  available
• From Notes, through Domino, to other email
• From Notes, through standard server, to any email
• From other email, through Domino, to any email

26
Using S/MIME

• Get a digital identification
• Set up Domino server for S/MIME
• Use S/MIME with general email clients
• Use S/MIME with Notes

27
Getting a digital identification

• A digital ID is
• Your name
• Public/private key pair
• Public key certificate for this ID
• Most popular vendors are www.Thawte.com and
  www.VeriSign.com
• Thawte is free, but VeriSign is only 15/year and
  simpler to use

28
Setting up Domino for S/MIME

• Do nothing! (other than standard Internet mail
  set up)
• (If anyone is aware of special settings that are
  required, please let me know.)

29
S/MIME with standard email clients (e.g. Outlook
Express)

• If you got your digital ID on this computer, it
  is already installed (Can see the ID with Start
  / Settings / Control Panel / Internet Options /
  Content / Certificates)
• For secrecy, just press Encrypt
• For authentication, just press Sign
• When receiving a message, you will see security
  symbols near the attachment paperclip

30
Using S/MIME with Notes

• (Assuming digital ID already on Windows
  computer)
• Export digital ID from Windows
• Import digital ID to Notes ID file
• Make sure this certificate will be used for
  Internet mail from Notes
• Use digital ID as you send and receive email
• Demonstration

31
For further reading

• Excellent online overview of cryptography
  www.rsalabs.com/faq/
• Cryptography and Network Security by William
  Stallings Good general security textbook.
  www.amazon.com/exec/obidos/ASIN/0138690170 
• S/MIME Internet task force www.imc.org/ietf-smim
  e/index.html
• Relationship between S/MIME and PGP/MIME
  www.imc.org/smime-pgpmime.html