PGP Universal - Usable Email Security?

An anonymous reader writes "For years, noted cypherpunks such as Brad Templeton, Ian Goldberg (PDF link), Bram Cohen, and Len Sassaman (PDF link) have been calling for easy to use email encryption solutions which involve little crypto comprehension on the part of the user. Now, it seems like someone has listened: PGP Corporation has announced its PGP Universal, which says it 'shifts the burden of securing email messages and attachments from the desktop to the network in a way that is automatic and entirely transparent to users'." The Register has more information on these newly announced proxy servers.

Thus defeating the object?

[Moth7]

shifts the burden of securing email messages and attachments from the desktop to the network in a way that is automatic and entirely transparent to users'

If you think that letting the powers that be implement our security by shifting the responsibility for encryption to them is going to make us take off our tin foil hats then you have another thing coming o.0 Methinx that if anything this will make me consider constructing a newer, stronger hat.

Re:Thus defeating the object?

He hasn't been working there long. A few decades back, everyone in the NSA had to say they worked for the defense department and that was it. The NSA was often called No Such Agency, because people who worked there were required to deny it existed.

It got to be the only people who denied it existed were the employees, so they dropped the who silly game.

Re:Thus defeating the object?

[241comp]

I'll second that to confirm that it is in fact true. Actually, it was just within the last 5-7 years that people who work for the NSA were finally allowed to say so. I lived in Arnold, MD until 1996 and knew quite a few people who "worked at Andrews Air Force Base". Basically that meant "I work for the NSA". That was all they could really say. Now they are allowed to admit they work for the NSA.

Can't...resist....blatant.....plug...

[ALecs]

This looks a lot like what the company I work for does.
(A box/infrastructure) that does the crypto/key management for you)

why bother?

[c4ffeine]

If someone really needs to use PGP security, which is almost unbreakable, they would figure out how to use existing programs. Most potential customers for this program have no need for it; the vast majority of people would be fine with little or no encryption. Really, though, who sends their credit card numbers over email? If it's that important, people go to the trouble to figure it out. So, in my view, this is a luxury. People who have a real need for PGP will take the 5 minutes to figure it out. Other people simply don't need the security.

Re:why bother?

[PainKilleR-CE]

Many of the other replies here already said pretty much the same thing, so feel free to break out the -1 Redundant if you must ;)

So, in my view, this is a luxury. People who have a real need for PGP will take the 5 minutes to figure it out. Other people simply don't need the security.

This is aimed at corporate security and/or certain areas where security must be implemented by law.

If you have a corporation with 500,000 people, each of them taking 5 minutes to figure it out is ~2,500,000 minutes, or 41,667 hours (1736 days, 4.75 years), at varying cost levels (all on your overhead). If you have say 500 IT admins in that group of 500,000, you send them to school to figure out how to set this up and make sure it's configured correctly, and then forget about it. It costs you about 8000 hours on overhead at a pretty uniform cost (you do pay all of your IT admins about the same amount, right?). In the company I work for, they're more likely to send ~10-100 people to school and have them write up the basics and maybe hold a couple of conference calls to walk the rest through setup.

The best part, though, is that you're relatively sure that your entire company's email is secured, it costs less money, and you don't have to add extra software to your baseline install, and push out the software that isn't installed on every current PC in your network. Oh, and you don't have to worry about finding different software for different operating systems and hardware platforms, as this should work regardless of what system they're using, as long as it already works with your mail server.

The guy in the warehouse over here may not know what PGP is or how to use it (and may not think he needs it), but he's going to get it anyway, and he'll enjoy the whole experience a whole lot more if he doesn't know he's using it.

Re:why bother?

[JeffWhitledge]

To me, hiding the contents of my e-mail isn't the main issue with encryption. The biggest benefit of encryption would be spoof-prevention. I wish encryption had been built into the e-mail protocols from the beginning so people who get an e-mail from me can know that it is indeed from me and not some spoofer.

Re:why bother?

[realdpk]

They do that now - at least, I've never heard of a doctor with an encrypted phone line, or fax line.

Re:why bother?

I know how to get GPG running and do this, but my recipients are your typical "it's too hard" group. :(

Same here, I have convinced a few people to install PGP but they still don't know how to use it. The problem is that most people can't wrap their head around cryptography. Everytime I suggest the use of it I get the question "Why?".. go figure.

Symmetric algorithms are easier to push because they're easier to understand (same key both directions), however, asymmetric algorithms like say RSA are by nature too complex for joe sixpack to use. I once tried to explain the public/private key concept when I was studying to become a computer technician, not even the teacher understood what I was trying to explain (or maybe I'm just terrible at explaining things).

The weird thing was that my teacher told the class that there is no way to encrypt email without paying VeriSign for a certificate (think Outlook Express). That's when I spoke up in protest and told them about PGP, but like I said they didn't understand the public/private key concept. I even mailed them a simple explanation from the PGP manual (with pictures and everything) explaining public key cryptography but no one seemed interested. *sigh* these days only geeks know how to protect their privacy.

Thing is...

[Moth7]

It will near certainly not work as advertised and, regardless, it still defeats the object. The whole point of encryption is so that others can't access your sensitive data without your permission. Having a corporate entity hold the only key is going to help that ideal how?

Re:Thing is...

[B'Trey]

It certainly isn't a universal solution but it's definitely a solution for some problems.

For example, if this is utilized by a company or an ISP, your email never hits the 'net unencrypted. Certainly, there are people who still have access to the email in its unencrypted form. I wouldn't use a system like this to transmit the names of the Colonels eleven herbs and spices. But it does bring email a bit closer to snail mail.

How much security does an envelope provide? Anyone who gets their hands on it can easily open it. But it's certainly more comfortable than sending a postcard.

No passphrases?

[Kevin+DeGraaf]

Pine/GnuPG ask me for a passphrase each time I encrypt and/or sign a message. This proves that I originated the message (not just some random punk who broke into my computer) for the purposes of authentication and non-repudiation.

The article and FAQ list were light on technical details, and I don't feel like registering for the actual whitepaper, but: since the aim of this service is to make encryption easy enough for common usage, I highly doubt there will be a passphrase prompt or any other method to ensure that the actual alleged sender is in fact the originator of a message. This seems to be confirmed by the statement that desktop mail clients (e.g. Outhouse) will be somehow directly "integrated" (how's that for nebulous?) with these proxy servers.

Without this precaution, I fail to see how this is anywhere as secure as straight-up PGP/GPG.

Shouldn't keyfob USB help here instead?

[Uncle+Op]

Key management - and paranoia management - remain the problems with all PGP/GPG solutions. If it's too easy to use, it's usually not secure enough and vice versa.

It seems that a device - like the keyfob-sized USB "memory drives" should be nearly enough for any personal use. Ideally there would be some sort of fingerprint or biometric reader in it too, though the existing passphrase mechanism could suffice. Just put your secret key on it and you can take it with you. I guess the problem is keeping randome machines from snagging a copy, though, since the same machine you plug the fob in to can also snag your keystrokes and thus your passphrase.

If it's not one thing, it's another.

Re:Shouldn't keyfob USB help here instead?

[infiniti99]

And, of course, the keyfob could take a fingerprint input on the device itself as a form of passphrase. Combine this with the ability to exchange keys by touching two keyfobs together somehow, this could make PGP quite usable for the masses.

I have a keyfob, you have a keyfob. We exchange keys one day (via some physical interaction), then I go home, plug the keyfob into my computer, and send you some information securely. Then I unplug the keyfob. This is so easy to understand that even my mother could use it.

I think the best part is the ability to have the keyfob on a real keychain. This takes the "key" metaphor all the way home, and it will be easy for people to understand that they must protect their PGP key just like they protect their house key. It is no different.

So it seems PGP's adoption hurdle is that it lacks a good keyfob. :) Somebody, please make this device. Or give me some capital and I'll start a business to make it, seriously...

If the burden transfers...

[wmaker]

The article states that the network is then responsible for decrypting and encrypting... it has to be clear text someplace on the network to begin with then. Doesn't that defeat the purpose? And, why is this necessary when the future 'ipv6' to be done by 2007 will be completely encrypted anyway (internet version 2 if you will).

Too bad Yahoo, Hotmail, etc. don't do this for you

[gpinzone]

Yahoo Mail does a superb job of catching spam and scanning for viruses. They also use SSL (optionally) for logging in. If they would just add PGP/GPG to their Mail Plus service, hell, I'd buy it!

Re:Standard already exists

[Yobgod+Ababua]

The STARTTLS option to SMTP simply requests that your SMTP communication be done through an encrypted tunnel. It does nothing to help establish the authenticity or security of a message, which is what PGP's software is primarily about.

If I understand things correctly, using this server a company could set things up so that all outgoing emails are digitally PGP-signed with an appropriate corporate or user key. You could also set it up so that all emails stored on your servers are stored encrypted... the proxy transparently decrypts them for the client.

They talk a lot about "enforcing policy", which might include things like encrypting communications with certain vendors, signing all communications or communications of a certain nature, encrypting all communications against a corporate key as well as the recipient's, etc.

It looks like it provides a very useful function for an enterprise, without forcing your collaborators to purchase the same technology (as the output is normal, standard PGP encrypted and/or signed documents).

Great for Spammers

[hysma]

This would be a great way for spammers to send their junk and bypass any server-side spam filters.

The spam can't be scanned while in PGP form, and according to their diagram it won't be decrypted until AFTER hitting the mail server.

I suppose one point up for security, one point down for preventing spam :(

Text scrambler

Personally, I'm just going to use jwz's new script for all my communications:

Aoccdrnig to rscheearch at Cmabrigde Uinervtisy, it deosn't mttaer in waht oredr the ltteers in a wrod are, the olny iprmoetnt tihng is taht the frist and lsat ltteer be at the rghit pclae. The rset can be a total mses and you can sitll raed it wouthit a porbelm. Tihs is bcuseae the huamn mnid deos not raed ervey lteter by istlef, but the wrod as a wlohe."

http://jwz.livejournal.com/256229.html

Ever since US NSA money polluted PGP its bad

Ever since US NSA money polluted PGP its bad to trust anything labelled 'PGP' for any reason.

NAI admitted they took significant funding for engineering work while they owned PGP trademark.

NAI does not deny this.

They do deny the NSA moeny resulted in holes, yet we all know PGP was tamperred with at least once to allow a third party to be silently attached to a pgp email.

NAI claimed that the funding mostly ent to a linux group formerly called TIS Labs but that is no wholly true.

here is just one press release exposiong the payoffs for tampering with PGP earlier for "national security" of USA :

http://www.prnewswire.com/cgi-bin/stories.pl?ACC T= 104&STORY=/www/story/04-09-2001/0001464825&EDA TE=

(excuse spaces slashcode may have added. the link without tamperred 'spaces" works, i just checked it. silly slashcode).

regrettably source code to PGP 5 and up to 6.5.8 contain faulrty message recovery features ADK (Additional Decryption Key), or ARR (Additional Recipient Request)

it is a serious problem, one of many and the CERT advisory for this pgp exploit is avaialble here :

http://www.cert.org/advisories/CA-2000-18.html

(excuse spaces slashcode may have added to the url,usually only after 80 character though)

pgp os discredited on many levels but the main reason pgp is not widely used is because NAI never ever ver gave out free source code to the integration parts to int3egrate with popular email programs (outlook on pc and mac, claris email on mac, netscape email, etc etc).

without the integration, yoiu have to copy to ram clipboard, swap tasks, use the tool, open a text document, after decrypting you then paste into ram based document, (if vm is off), and then read the mail. messy.

people want macintosh-windows ease of use pioneered by the lisa since sept 1982, twenty years ago : GUI !

people want a gui way of doing it and the free pgpclones adn the con-scam pgp of 2003 just do not get it.

the reason people do not use pgp is because :

1> its not full source code avaialble in the most pleasing versions ever released

2> its not free for companies to use

3> its tamperred by nsa money and now needs a full code audit or else reversion back to pre 5.0 version.

4> RSA key patent expired long ago and rsa is etter but pig-headed codem mokeys refuse to use rsa as preferred technology for no reason otehr than arrogance and it leaves a sour taste in most gurus mouths to forsake rsa for no valid reason in 2003.

pgp is dead and greed killed if off. greed greed greed (and a little nsa nro involvement)

Does anyone trust PGP anymore?

[LordBodak]

I can't imagine people really trust PGP anymore. No longer open source, no longer affiliated with Phil Zimmerman... and his statement when he left was scary.

For those who don't know, Phil stated when he left that every PGP product released while he was there contained no hidden back doors. Knowing that companies like PGP were being pressured, it makes me think the creative differences were them wanting to build something in that he thought shouldn't be in.

Stuff is still in clear text on the user harddisk.

[javatips]

They seems to support POP3. That means that all the e-mail that someone receive are in plaintext on his harddisk. Not very secure!

For this approach to work, someone would have to BCC himself instead of putting a copy in the sent folder to keep the e-mail he sent. Also, it can be secure only if using IMAP (mail stays on server) and the folder used to as the IMAP cache on the computer should be encrypted.

I don't know what their target market is. Most large corporation use Notes or Exchange, which already support encryption.

Thunderbird

[Halo-]

Actually, I've been playing with Thunderbird, and setting up encryption is pretty damn easy.

I work for a fairly "hip" company (IBM) and we have this nifty website you can go to, fill out a form, and they send you a nice little PKCS#12 file, signed by a real root cert and everything. To use this with Thunderbird, all you have to do is: "Manage Certificates" -> "Import" -> (password) -> done.

Of course, if you want to generate your own keys, that's a little harder, but nothing a simple script couldn't be created to do.

If you want truly usable encrypted email....

[aminorex]

You should try KDE's KMail with gpg integration.
It is milk-simple and as easy to use as a nipple.

imp has pgp

[oldbox]

Regardless of the technical merits of this server-based approach, no one solution (particularly not a costly one) will lead to the widespread adoption of email encryption. Which is why I'm happy that IMP (part of HORDE) is integrating PGP into their latest release of their open source web-based email program. I've used IMP for years on a small server, but I have also seen it deployed by a large University, and can say that the only thing it lacked until now is integrated encryption. Hopefully, we will see this type of integration in many web-based email programs (encrypting a message to a Hotmail user, anyone?).

cryptbox