PGP Universal - Usable Email Security?

An anonymous reader writes "For years, noted cypherpunks such as Brad Templeton, Ian Goldberg (PDF link), Bram Cohen, and Len Sassaman (PDF link) have been calling for easy to use email encryption solutions which involve little crypto comprehension on the part of the user. Now, it seems like someone has listened: PGP Corporation has announced its PGP Universal, which says it 'shifts the burden of securing email messages and attachments from the desktop to the network in a way that is automatic and entirely transparent to users'." The Register has more information on these newly announced proxy servers.

What about the local network?

[Sir+Pallas]

But you're still not secure between the client and the proxy as far as network transport is concerned; plus, you've got all your keys in one basket. Furthermore, it seems like they are assuming that everyone will have one of these things set up. Is it so transparent to the people that can't read the email you send them?

Re:What about the local network?

[bourne]

But you're still not secure between the client and the proxy as far as network transport is concerned...

Sure you are. SSL, as described in the posted links.

A more pertinent question might be, what about all those private keys sitting on the server? How do you get the signing and non-repudiation advantages of PGP if the user doesn't hold the key, but rather depend on a shared server?

In the end, given the usability issues that even security professionals have with PGP, this can only help spread encryption down to some end-user masses. And that's a good thing, as long as the certificate store isn't trivially crackable or foolable.

Re:Thus defeating the object?

[grub]

When you have dozens or hundreds of people to support, a server side implementation (if it works as advertised) is not a bad idea at all.

Imagine trying to support people that still can't find the "any" key..

Re:Thus defeating the object?

[Frymaster]

a newer, stronger hat.

size 7 1/2 please!

however, if you have ever tried to get joe-average-desktop-user to set up gpg or pgp then you know that something has to be made easier! even the point-n-click solutions like winpt or mac-gpg (my fave!) make my dad's head ring. here's an example: i work with a guy who went to work for the nsa (that's right, super-spook central). about a year ago i asked him where his public key was so that i could send him some sensitive work-type stuff. his response? "i don't have any of that. it's too confusing". this is a guy who the nsa chose to hire!

something has to be simplified if mom-n-pop (and nsa hires) are going to use crypto.

(oh, and this is my public key)

Re:Thus defeating the object?

[jdludlow]

That's not really the point. For most users, even those who understand how and why to use PGP for their email, it's just too much of a hassle. This is aimed at companies that want their email secured, without having to trust the users to actually do it properly.

You can still add on your own encryption outside of this system if you are extra paranoid.

Not completely useless, but you still need trust..

[cmowire]

My first thought is, "Oh great, that'll just mean you need to trust the server."

But then I started to consider what would happen if a lot of the large domain servers were to start signing their mail automatically with a "Yes this really did go through our mail server" signature.

For one, if every message to come from Yahoo was signed with yahoo's key, you could automatically deny every message from yahoo that didn't have that signature. Think of how much easier spam catching would be.

Joe-jobbing could be reduced. If it comes from Intergalactic Orange Smoothie's DNS address without a signature, you know that somebody's been joe-jobbing Intergalactic Orange Smoothie.

And encryption between known partners could be enforced. So every message between Intergalactic Orange Smoothie and their partners could be encrypted.

Problems are, not everybody's got PGP. So Intergalactic Orange Smoothie can't make every message encrypted. So there still needs to be some user-interaction.

Re:Thing is...

[grub]

Assume the encrypting mail server is internal and you use a switched LAN (that helps prevent sniffing). I think the big sell here is to tell the customers that your mail will not leave your company unencrypted onto the Big Evil Internet.

Also you miss the point when you say "access your sensitive data without your permission". If this is in a company, your employer owns the computers, network and ultimately the "sensitive data", not you.

Re:why bother?

[computerlady]

Credit card numbers are not the only sensitive info. Most corporations use email to communicate with their vendors and customers and much of what they discuss is proprietary.

How would you like your doctor discussing your medical condition with a colleague over an unsecured connection?

Re:why bother?

[Maradine]

That's mostly correct. However, there are many organiztions that are now subject to various legislation (such as HIPAA or GLBA) that didn't *know* they need this until recently.

Consumer information safeguards are mandated in many industries now. This package would be a less painful, more expensive way to meet those requirements.

Of course, I haven't seen it yet. It could be crap. Who knows? I registered for the whitepaper, we'll see.

Similar solutions have been around for a while...

[Not_Wiggins]

The ability to plug-in PGP has been a part of several mail clients for a while... mutt, pine, etc. But, this has been the domain of the "more than casual" user... I would dread explaining to Mom how to setup her private/public keys, let alone why she should use encryption and the dreaded "how does this work" discussion.

There's quite a bit of difficulty, methinks, in adopting this technology at any level the average user is aware of. I mean, the only way I can see wide-spread adoption happening successfully is you don't even let the users know how their mail is being encrypted/decrypted. Otherwise, you leave it open to too much user error: the dreaded "I lost my keys," or "Bob-IT-Guy, can you decrypt this important mail sitting in Sally's inbox... she's on vacation and we need it now!"

You take the (oh... forgive me) Lotus Notes approach (I'm *not* a fan, but I understand this aspect of the software): it can be setup so the encrypt and decrypt happens transparently to the user between Lotus Notes servers. If you had something along this level between mail servers, then you might start getting into secure transmission of e-mail.

Man... there are so many areas to lock-down... while I'm a big fan of PGP, it seems like the whole nature of the e-mail communication system needs to be looked at and (potentially) overhauled. So what if the message is transmitted securely between me sending it and you receiving it? If you do it at a user level, then you need universal support built into all the different mail reader applications. If you do it at the server level, then you need to lock-down the security more tightly at the server level (can your admins read your mail? Sure can! Not that it isn't already that open today). And how are keys managed? And who do you trust? And who manages how public keys get distributed?

Right now, it is all fairly manual (unless the tools have been updated since I last looked at them).

I can hear it now... can... opening... worms... everywhere! ;)

Doesn't solve any problems

[jhoffoss]

The only place this might help is for internal company mail. Even then, it may or may not help things. Rather, PGP/GPG needs to have a simplified interface that doesn't require people to fully understand everything. Make it automatically generate your keys, submit and update them to key servers, and verify other's signed messages. Encrypted mail may be slightly more difficult, but I think could still be made easy.

I didn't see prices on PGP's site, but I'll wager two cattle it's more than my parent's [an ideal audience for `easy crypto'] could afford.

Re:why bother?

[bourne]

If someone really needs to use PGP security, which is almost unbreakable, they would figure out how to use existing programs.

Ah, but what if they don't need to, but are required by regulation to?

You can bet that John/Jane Doe, who work at your health insurance company / bank / credit card company / e-commerce site don't feel the "need" to use PGP security, because hey, what does your personal information mean to them? Also, not being geeks or security wonks, many of these people are not going to "figure out how to use existing programs." However, they're handling your data. In some cases, the Government has regulated that they must protect the data. Encryption is an efficient and sometimes necessary form of protection... but isn't easy enough to ensure people use today.

If not even the geeks running....

[Homology]

their own home mail server bother to use TLS for transparently encrypting mail, why ever should Joe Sixpack do it?

Sendmail and Postfix supports it, and generating self-signed certificates is not even difficult.

Re:why bother?

[mikeboone]

A lot of times, I'd like to send something to someone with encryption. I know how to get GPG running and do this, but my recipients are your typical "it's too hard" group. :(

Re:Shouldn't keyfob USB help here instead?

[daves]

I guess the problem is keeping randome machines from snagging a copy, though, since the same machine you plug the fob in to can also snag your keystrokes and thus your passphrase.

That's why you put the crypto engine on the keyfob. The keys would never be exposed to the sending PC.

Yes they shouRe:Too bad Yahoo, Hotmail, etc. don't

[leoaugust]

I agree with you, and because of their installed base it would be possible for them to make encryption a default for the majority of the population. This is critical for generating a critical mass that is needed to be able to sustain encryption as a routine practice.

Trying to send encrypted files all of a sudden to a few people somehow seems to give the wrong impression, because it seems that you have something to hide. It is as if your communication stands out as a needle in the haystack, and someone using a "magnet" can just suck you off the system ....

But, if Yahoo, hotmail, etc started encrypting by default, then a huge number of emails, I believe enough for the critical mass, shall use encrytion. And so now your desire to send encrypted encrytion is no longer looked at with suspicion. You are now like hay in a hay stack and no magnet can suck you off the system ...

So, I believe, in the spirit of Standing Up against such obscenities as the Patriot Act, companies like Yahoo.com, M$ Hotmail.com, Mail.com, Verizonmail.com, Myrealbox.com, etc. should start provinding encryption by default.

It is the "right" thing to do.