Security of online communications has interested me for some years now, as have the mechanisms for proving identity in the electronic world. Previously this was a largely academic interest; I liked to play with the techniques but was entirely relaxed about sending most email in an insecure manner. Recently, however, I suffered some significant inconvenience as a result of what may have been a security breach. As a consequence I'm encouraging friends and correspondents to be more aware of their online privacy and to assist that I've decided to publish some of my opinions and advice on the issues in this area, together with some links to more detailed reading on the subject and to tools which can help to improve your security when communicating over the 'Net. Please note that this is not intended to be a comprehensive description of the subject; rather, it is an attempt to describe the problems in simple terms and the resolutions in sufficient detail for an "average" person to implement, or at least consider implementing, secure personal communications.
It's worth noting that there are a number of terms used in this arena which are subtlely different but effectively interchangeable for the purpose of the following. You can read digital id, digital certificate and key as synonymous terms.
As a starting point, a common parallel to sending "normal", i.e. unencrypted, non digitally signed, email is that of sending a typed postcard; except that it's actually even less secure! In the case of the postcard, anyone who handles it in transit can read both the contents and the addressee. They can also read the signature if there is one, but cannot be certain that it was really signed by the person from whom it purports to have been sent; nor can its intended recipient. Of course, most people do not send anything personal and / or confidential written on a postcard; yet many do send such material via email with little hesitation! As I said above, the email scenario is even less secure than the postcard since the email passes through many computers in transit to its destination and "seeing" it is much easier for a third party than would be the case with a real postcard. Intercepting and reading the postcard requires human intervention; for the email, finding it can be done by machines and they are far more efficient at searching a variety of points through which the message might pass than are their human equivalents!
In order to prevent anyone other than the intended recipient, or recipients, reading an email, or a document attached to an email, strong encryption software can be used. What this software does is allow the sender of the email to encrypt (code) it such that only those people whom the sender chooses can decrypt (decode) it. Strong encryption really is very strong; strong enough that governments do not have the computing resources required to read an encrypted message. To use the paper post analogy again, use of strong encryption has been likened to sending email enclosed in a locked safe to which only the recipient has the key and with an armed escort. This is inaccurate; it's far considerably more secure than that!
This extremely high level of security can be achieved using public/private key cryptography. I do not plan to explain comprehensively how this works (see the links below for detailed descriptions) but in essence it's as follows:
Both parties involved in the exchange of email need to have a key pair: a private key protected by a passphrase (a longer than average password) known only to the key's owner; and a public key which is available for anyone to see and use. The sender uses their private key and the recipient's public key to encrypt the email; the recipient uses their own private key to decrypt and read the message. Email software can automate all this, making it far less complex to use than it might sound! With some email software, the only inconvenience involved in most mail is needing to enter the passphrase for the private key.
In paper mail, many things can be done to an item in transit. A letter can be opened and its contents added to, partially removed or changed entirely. Even a postcard can be modified by the addition of a date or some additional text in forged handwriting. Exactly the same problems apply to email, except that, once again, it's actually easier to change email in transit than it is paper mail. Opening a letter, writing on it, etc. may well leave evidence that this has been done, although only close inspection may reveal this. Modifying an unprotected email can be done entirely surreptitiously and leave no evidence whatsoever; it can be entirely undetectable. Further, an email can easily be copied without changing it at all; the recipient would never know that this had happened.
Digital signatures are the equivalent of "real" signatures, only better! They can confirm to the recipient that the mail item has not been tampered with since the originator sent it. Once a document or email is completed and ready to send, a digital signature is applied to it. Anyone examining the mail item can verify this signature using the appropriate software. If the item has been altered in any way in transit, the signature will not verify; the recipient will be alerted to a "bad signature" and can take appropriate action such as asking for the item to be re-sent. This technique applies to both encrypted and unencrypted (plaintext) mail. i.e. an email can be sent with readable text but digitally signed; if that text has been altered then the recipient will know about it.
It's normal in paper correspondence to sign whatever the document is, even if it is a postcard. A signature that you recognise at the bottom of a piece of paper assures you that the sender is who they claim to be, usually by means of your recognising the signature from previously seeing it. You may also recognise the handwriting. In electronic correspondence the norm is that all you have is an email address from which the message originated and maybe a name at the bottom. This is no proof at all of who sent the email since either of these things can easily be forged. Of course, paper signatures and handwriting can also be forged, but it's more difficult than doing so on a normal email. Essentially, email usually has no proof of identity associated with it.
This problem cannot be solved by software alone, but it can be solved. The resolution is for correspondents to have authenticated digital signatures. i.e. it needs to be known that the only way a digital signature could have been created is by a specific person with a specific private key. To be certain of this, that person and key combination needs to have been assured by humans, rather than machines, and the person or persons providing this assurance needs to be trusted by the recipient.
Organisations now exist which provide this assurance service. Individuals may decide to trust them to verify someone's identity in the same way that they trust the same organisations in issuing certificates to web sites to authenticate online purchases.
To re-iterate: this is not a comprehensive discussion of privacy and security in electronic communications. The following describes, and provides links to, the means by which I achieve these things. Having said that, they are probably the most popular mechanisms available so should not be considered esoteric. They are certainly available to be used by anyone who chooses to do so.
To resolve the first two problems I use OpenPGP (Pretty Good Privacy) to provide both strong encryption and digital signing of mail items. There are various implementations of this: GnuPG and PGP effectively provide the same functions and are mostly compatible with each other. The main non-technical difference is that whereas GnuPG is entirely free and open, PGP is a commercial application with a fully-functional, freely downloadable version. The benefit of the latter is that it is considerably less complicated to use than GnuPG, in my opinion, but neither is overly difficult to set up.
Identity assurance is arguably the least important of the problems to solve since the other two are by far the most prevalent. This is lucky since it's also the most arduous, although not overly so. It is also complex to explain and more comprehensive descriptions are provided at the web sites of assuring authorities, known as CAs, or Certificate Authorities. In essence, all it requires is that you prove who you are to the trusted organisation and then prove to others that your identity has been rigorously verified by the use of a software key which the CA issues you with. Simple!
By the nature of the problem, that of assuring both identity and the linkage of the person identified with a particular private key and email address, this cannot be achieved simply by installing software on a computer. The method requires meeting real people and proving who you are. This is normally achieved by the use of government-issued photo-identification; things like driving licenses, passports and national identity cards; essentially various specified documents bearing a photograph and issued by a "trusted authority". Following a meeting and proof of identity to the notary of the CA, points are awarded to the person whose identity is being assured; the more points you have, the more confident anyone else can be of your identity. The mechanism used for proving that you've been assured is the issuance of a digital certificate (or key) linking an assured person to an email address. This can be used for signing email and then checked by the recipient at the CA's web site. Many of the major email programs recognise these digital certificates and hence allow identity assurance in email correspondence. Further, some CAs will "sign" the PGP keys of people they've assured, meaning that the use of such a key to encrypt or sign email not only prevents tampering but also assures the recipient that the sender is who they say they are.
This trust is not limited purely to people who have direct contact with the assurance authority itself. Trust on PGP keys can be "inherited". This means that if a digital key has been signed by person X, or authority Y, and then this signed key has been used to sign another key owned by person Z, then you, as the recipient, can choose to trust the judgement of X or Y and accept the signature of Z as proof of identity.
I hope the above has been useful in describing the problem and introducing you to the possible resolution of it. I recommend the further reading linked below and would certainly recommend that you at least start signing mail, which is very simple to implement, even if the full encrypt/sign/assure solution seems a little excessive. I've also included some links to other privacy-related tools in the following list, covering generating and protecting high-strength passwords and creating encrypted disks on your pc.
