Ask Slashdot: How Do I Request Someone To Send Me a Public Key?

First time accepted submitter extraqwert writes "An organization wants me to send them my personal data by email. I certainly do trust them. However, I would like to politely ask them to send me their public key for encryption. The secretary probably does not know what it is. But they do have a pretty good IT department, so they can figure out. My question is, what is the proper wording for such a request? What is the right terminology to use? Should I say ``please send me your RSA key''? ``Public key''? ``PGP key''? Is there a standard and reasonable wording for such a request? (On my end, I am using GNU PGP: http://www.gnupg.org/ ) Any suggestions on how to be polite in this case?"

This is why encryption isn't popular

Simple and expected processes like this need to be made truly dead simple and nearly automatic. Instead, there are a ton of different formats for keys depending on which the usage and you need to understand a significant amount about what's going on under the covers to do even these kinds of simple actions.

Incidentally, here's the answer to the question. It's anything but clear, but likely to be clearer than any answer you get here.

Re:This is why encryption isn't popular

[Octorian]

And heaven help you if you're using a web-based Email system, which basically breaks all these options. You know, like nearly all "normal" people are now doing.

Re: This is why encryption isn't popular

[shitzu]

Just as information - in Estonia we have national id cards which have PKCS11 for digital signing and encryption. Everyone already has a key that can be used to encrypt and/or sign data. For instance, the state sends speedcam fines to you via email that are encrypted to your public key and digitally signed by a police officer. Any person can encrypt data to any other person's public key provided that the recipient has an id card with valid certificates. The only caveat is that when the id card expires, the data is unencryptable because new certificates are generated in the new card and then signed by CA.

Re: This is why encryption isn't popular

Would this mean that the gov't office that gave you the national ID card is also responsible for generating & storing your private key? If this is the case, it means the gov't has everyone's keys, and the encryption becomes meaningless. :/

Re: This is why encryption isn't popular

[Bert64]

Well not in the case given, where you are using the key in order to communicate with the government (eg speeding tickets).

Banks should really do this, supply their customers with keys (store them on the cards that banks already give to customers) and then all electronic communication to/from the bank is verified using these keys. Should cut down on most of the phishing scams targeting banks.

Re: This is why encryption isn't popular

[shitzu]

The key pair is generated INSIDE the card. This is the norm with most PKCS11 cards. The private key never leaves the card, your public key is signed by state. So the state does not have your private key per se.
But that does not necessarily mean they have no means to decrypt it some other way - i don't even pretend to know that.

Re: This is why encryption isn't popular

[shitzu]

In Estonia these id cards are used for everything. You can log into banks, you can communicate with any state official. You can sign any contract digitally with them. You can encrypt documents to another person's public key. Etc. This is much simpler than banks and everyone giving out their own cards - i only need one.

Re: This is why encryption isn't popular

[iluvcapra]

The private key never leaves the card

Right, and who had possession of the card before you? These sorts of schemes are perfectly fine for government communication, signing contracts, banking, whatever, but they don't provide "4th Amendment Compliant" privacy for things like personal correspondence or use within private and commercial organizations.

Re:This is why encryption isn't popular

[hairyfeet]

As the guy that fixes and sets up PCs 6 days a week I can confirm this, in fact I've only had 2 users still use download mail in the past 5 years and both were retired corporates who were used to Outlook, everybody else? Yahoo and Gmail.

So if anybody wants encrypted emails to go anywhere there really needs to be some sort of browser based encryption that can work with Yahoo and Gmail, perhaps by making a generic "here is the email" letter with the actual email as an encrypted attachment? Oh and it'll need to be install-able as an app on Android and iOS, because nothing turns folks off more than not being able to check their email on their smartphones and tablets.

Re: This is why encryption isn't popular

[Let's+All+Be+Chinese]

Simpler, yes. Desirable, no. It easily means that everything you do in any context is now easily linked. A state-mandated and -enforced real name policy. This is problematic for the same reasons that facebook or google forcing this on everyone is problematic. There are serious privacy problems with this.

For example, simply knowing what key a message is encrypted to --and this is generally listed on the outside of a message and thus public-- means that you can do traffic analysis. And so you know which parties are talking to which other parties. Someone getting a lot of messages from the taxman or the state-run fine collector means what, do you think? Or maybe a bank you're trying to get a loan from saw your message stream and now knows that you're also talking to a few other banks, or repo men, or what-have-you. Hmmm.... So even with confidentiality of the contents, you're still leaking information.

As such, this sort of card is only half the solution, especially since the state mandates that you have to use it, and it is so easy. What we really need is a single system that would support a single card (or multiple cards, if you'd like) with multiple identities.

I don't strictly mean birth certificate-backed identities, but at least so that you can separate out the loyalty cards and bus passes so that they can sit on the same card yet not tattle on each other. Because each such a card is an "identity" too, carrying a history, and I for one do not want them to be state-enforced on the same identity. In fact, this is the same reason why companies cannot be allowed to gather SSNs without clear law-prescribed purpose, and curiously, that is enshrined in law. Bit of an oversight that this is not.

No, simply saying "you can't mix that information!" is not enough, because it's unenforcable. You need a system where the holder of the identities can control who gets to see what. If the card doesn't support that, it is deficient, and a danger to its holder.

Re: This is why encryption isn't popular

[shitzu]

You mean a standard e-mail client like for example Thunderbird that has existed for more than a decade and could check all your 8 accounts easily and with more functionality than you could ever imagine on a mobile device and has zero advertisements?

PGP won't help you

[MichaelSmith]

The recipient will decrypt you data and lose it or possibly misuse it. That is the risk. But by all means ask for a secure way to get the data to them.

Switch to an easier technology

[mysidia]

PGP is beyond the grasp of the average secretary or other end user. Unless you know for a fact that the person disseminating the data is familiar with PGP; you should probably not be asking them for their public key.

I strongly recommend an encrypted PDF, Word Document (.DOCX), or Excel file (.XLSX); make sure to choose a strong password.

I like the Office 2010 strong encryption and use of key stretching to make brute force password attacks hard --- but there is a free of charge reader available for PDF documents, and you should pick a strong password for encrypted documents anyways.

Technically, you could implement DRM rights management services on your end, so the user has to contact your organization's RMS server over HTTPS for a license every time the document is opened, but it requires a trust relationship between orgs, or you having an account for the user.

But the simple password protection is a very nice way to protect it. You can include a note in the e-mail message that you will be calling them to give them the password, so they can see the document.

Then there is no confusion about what a 'PGP key is'. If you _regularly_ exchange a lot of documents with them, then you might ask to discuss using PGP

you are pushing shit up hill with that request

[bloodhawk]

You are better off just asking for "A secure means to submit your information" and list a few you are happy to use, Maybe they will send you a public key for secure email, maybe a secure web site or maybe they will just say if you are concerned you can get it couriered to them. If they are confused then chances are they have no system in place for dealing with the request and hence not even secure email is any good as that only protects the data in transit which they will certainly load into some HR system somewhere after it gets there anyway.

Asking Slashdot for advice on being polite??

[bscott]

If you don't have the social skills to phrase a polite question, Slashdot is perhaps not the ideal place to go looking for advice...

Technical issues with giving anyone your private key aside (I can't think of any reason to give it out to someone no matter how much you trust them) just explaining things clearly should work for any reasonable person:

"I have no problem with you having my personal key, but I am concerned about the integrity of the data while in transit. I would appreciate it if you can supply me with a public key for your organization, then I will be able to encode my key so that only you can decode it. This will ensure that our mutual privacy won't be at risk due to using an insecure communication system such as Email. Thanks very much!" etc

Re:just be straight up

[jamesh]

If the data is important enough to encrypt then the public key is important enough to get properly. Asking the person who answers the phones to send you the key is not properly. Even asking the IT department to send it probably isn't good enough as they are in the perfect position to give you their fake key, intercept the email, decrypt it, then re-send it with the real key to the real recipient.

If you are just worried about casual snooping of your "personal data", then just use something like 7zip and provide them with the password out-of-band.

Re:If they need the information...

[rahvin112]

It's nice you know so much about their system from a single sentence. I especially like the fact that in particular you know so much about their system that it was accessible by anyone other than the loan officer and that you are so certain a virus not only was on their system but that it could scan for SSNs, including of course from scanned documents in PDF format (in other wise a bitmap image).

Do you often speculate so egregiously about something you do not even know the anything about?

You act as if you know intimate details of their IT configuration, security procedures and even employee reliability and you don't even know who the bank was (let alone anything else).

Honestly if I have to worry about the broker (who also happened to be a bank) having employees that are going to run off with my SSN then whether or not the transmission was secure is of little importance. I might add that just because you did it hard copy the same rambling risks you listed still applied to you or do you honestly believe the paper copies you received were the only copies ever made or that those same documents in electronic format weren't stored on their servers?

Extensions needed!

[DrYak]

We need some developers to setup-in and develop in-browser Firefox/Chrome extensions (or userscript, or whatever) that seamlessly integrate encryption into popular webmails.

You see plain text on the screen, but what actually goes into the "textarea" of the form is encrypted.
There are already javascript "Rich Text Editors" which do similar jobs (you see a nicely formated text on the screen, but its HTML/BBCode/WikiCode going into the textarea). We simply need something similar, but for encryption and packed into the browser itself through extension mechanisms.

(Note: Proper security comes from *end to end* encryption. It's therefor mandatory that the encryption/decryption layer is something that the end users install on their browser, and not something provided by the webmail site, even if it's client-side script code. Though it would help if webmail sites provided a few hooks or micro format to simplify the plugin of the encryption layer).

Bonus point if someone else manage to do the same with OTR and webchats.

Re:Extensions needed!

[anagama]

Is there a reason you would use your private key to send encrypted emails to someone? I don't understand.

My understanding is this:

A uses B's public key to send message to B, B decrypts with B's private key.

A slot safe is a better analogy than keys -- anyone can put stuff in the safe's slot, but only the owner who knows the combination can open it and read the messages people put in there.

But -- maybe you're describing a use scenario I'm not familiar with. And if that is the case, I'd like to understand it.

Re:Extensions needed!

[Immerman]

The common term is signing, I should have mentioned that. If you encrypt with your private key it does nothing to hide the message since anyone can decrypt with your public key, but it does let everyone verify that the message did in fact come from you and hasn't been tampered with - the signature is exactly as secure as the encrypted communication channel because it is the exact same mechanism.

As an example, let's say the president wanted to send nuclear missile firing orders by email. Now maybe he'd want to keep the orders secret, and he'd encrypt with the missile silo's public key for that. But far more important would be a mechanism in place to verify that the orders actually came from him and not some script kiddie spoofing his email account. That's where the signing comes in - he *also* encrypts his email with his own private key, and the silo can now confirm that the message came from the right person.

It's sort of the next step beyond the "secret codeword" confirmation - with a codeword everybody who needs to be able to confirm their orders has to know what the codeword is, and that's a large attack surface for those looking to compromise the system. With digital signing only the president needs to know the codeword, and never tells it to anyone else. Everybody else just needs his public key to confirm that he does in fact know the codeword - thus the system is much more difficult to compromise. That such functionality comes essentially for free with any public/private key encryption channel is an added bonus.

Use the post office

Type the reply on a Royal typewriter and take it to your local post office. Use Certified or Registered mail if you feel squeamish about sending personal information. The NSA can't open a properly mailed letter.