Mailing List Archive

How to improve our GUIs (was: We have GOT TO make things simpler)
Hi,

Sorry if this was mentioned before but I've just come
across a novel approach to email encryption that
doesn't do end-to-end encryption, but rather it
encrypts email upon receipt so that an individual can
encrypt the email that is stored in their IMAP account
as it arrives without the need for every sender to
encrypt and without the need for any service provider's
involvement (you just need an IMAP account), and it
supports reading email from multiple devices, each with
their own local private key. Most importantly, it
doesn't require the user to know anything about
encryption except that they want some.

It might not address all threats but it certainly seems
to solve some very real threats, mainly the threat of
someone hacking into your IMAP account and accessing
every email you ever received.

Making It Easier to Encrypt Your Emails
Authors: John S. Koh, Steven M. Bellovin, and Jason Nieh
https://www.usenix.org/publications/login/fall2019/koh [paywall, usenix]

Why Joanie Can Encrypt: Easy Email Encryption with Easy Key Management
EuroSys '19 Proceedings of the Fourteenth EuroSys Conference 2019
Authors: John S. Koh, Steven M. Bellovin, Jason Nieh
https://doi.org/10.1145/3302424.3303980 [paywall, acm]
http://nieh.net/pubs/eurosys2019_e3.pdf [free]

Easy Email Encryption with Easy Key Management
Authors: John S. Koh, Steven M. Bellovin, Jason Nieh
https://mice.cs.columbia.edu/getTechreport.php?techreportID=1639 [free]

Automatically and invisibly encrypt email as soon as it is received on any trusted device
https://www.helpnetsecurity.com/2019/04/01/easy-email-encryption/ [free]

I know this doesn't help with the discussion of
improving GUIs to make it easier to encrypt emails that
you want to send, but it looks like a promising
improvement in privacy that could help many more people
than just those that want to encrypt emails that they
send. And it's still relevant. I expect that those that
want to encrypt any emails that they send might also
like all the emails that they receive to be encrypted
as well.

cheers,
raf


_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: How to improve our GUIs (was: We have GOT TO make things simpler) [ In reply to ]
I might be missing something really obvious here but... what is this
trying to protect against?  It's not protecting against interception in
transit, since the message already transits the internet either in
cleartext or encrypted via TLS that your email service provider can
definitely read.  So if your goal is to protect the privacy of your
email in transit, then this doesn't seem to do anything; if your goal is
to protect the privacy of your email from your service provider snooping
it, then this doesn't seem to do anything.  Your service provider can
certainly (and probably does certainly) retain archive or backup copies
of all emails that enter into and exit your account, so encrypting them
after reception only means that the copy you are accessing is encrypted
and non-accessible to the provider, but the copy that they archived or
backed up is just as plaintext as always (or is, more likely, encrypted
with a key that only they know). 

The only time encrypting your email storage with a key only you have
makes sense is if your provider pinkie promises to not store or archive
anything on their servers other than what you see live in your email
inbox.  Or, for example, if it's something like Protonmail does, which
is never store anything on their servers that isn't encrypted with the
user's private key that they don't have, so even their backups are
something they can't access the plaintext from.  And even then you are
relying on their pinke-promise that they are doing this, it is not E2E
unless you are sending messages to and from Protonmail users or you are
PGP encrypting messages before they leave or arrive at the service.  
And E2E is really the only solution that keeps your email provably
private from all parties concerned other than the recipients. 

On 10/29/2019 7:33 PM, raf via Gnupg-users wrote:
> Hi,
>
> Sorry if this was mentioned before but I've just come
> across a novel approach to email encryption that
> doesn't do end-to-end encryption, but rather it
> encrypts email upon receipt so that an individual can
> encrypt the email that is stored in their IMAP account
> as it arrives without the need for every sender to
> encrypt and without the need for any service provider's
> involvement (you just need an IMAP account), and it
> supports reading email from multiple devices, each with
> their own local private key. Most importantly, it
> doesn't require the user to know anything about
> encryption except that they want some.
>
> It might not address all threats but it certainly seems
> to solve some very real threats, mainly the threat of
> someone hacking into your IMAP account and accessing
> every email you ever received.
>
> Making It Easier to Encrypt Your Emails
> Authors: John S. Koh, Steven M. Bellovin, and Jason Nieh
> https://www.usenix.org/publications/login/fall2019/koh [paywall, usenix]
>
> Why Joanie Can Encrypt: Easy Email Encryption with Easy Key Management
> EuroSys '19 Proceedings of the Fourteenth EuroSys Conference 2019
> Authors: John S. Koh, Steven M. Bellovin, Jason Nieh
> https://doi.org/10.1145/3302424.3303980 [paywall, acm]
> http://nieh.net/pubs/eurosys2019_e3.pdf [free]
>
> Easy Email Encryption with Easy Key Management
> Authors: John S. Koh, Steven M. Bellovin, Jason Nieh
> https://mice.cs.columbia.edu/getTechreport.php?techreportID=1639 [free]
>
> Automatically and invisibly encrypt email as soon as it is received on any trusted device
> https://www.helpnetsecurity.com/2019/04/01/easy-email-encryption/ [free]
>
> I know this doesn't help with the discussion of
> improving GUIs to make it easier to encrypt emails that
> you want to send, but it looks like a promising
> improvement in privacy that could help many more people
> than just those that want to encrypt emails that they
> send. And it's still relevant. I expect that those that
> want to encrypt any emails that they send might also
> like all the emails that they receive to be encrypted
> as well.
>
> cheers,
> raf
>
>
> _______________________________________________
> Gnupg-users mailing list
> Gnupg-users@gnupg.org
> http://lists.gnupg.org/mailman/listinfo/gnupg-users

--
-Ryan McGinnis
https://bigstormpicture.com
Sent via ProtonMail
Re: How to improve our GUIs (was: We have GOT TO make things simpler) [ In reply to ]
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

On 10/29/19 8:33 PM, raf via Gnupg-users wrote:
> Hi,
>
> Sorry if this was mentioned before but I've just come
> across a novel approach to email encryption that
> doesn't do end-to-end encryption, but rather it
> encrypts email upon receipt so that an individual can
> encrypt the email that is stored in their IMAP account
> as it arrives without the need for every sender to
> encrypt and without the need for any service provider's
> involvement

That doesn't sound very safe. My interpretation of the
goals of GPG is two server two purposes:
1) To transmit data securely over an insecure medium in
a way such that it can protect itself against some
eavesdropper or man-in-the-middle listening, or...
(2) Provide a means to create digital signatures on data
such that you can be assured that some message was sent
only by someone who possesses the private key who's
public key you've added.

Your proposal doesn't seem to address the MITM attacks.
It doesn't seem deal with signatures either.
It seems only to encrypt things only on receipt. What
does that protect against, exactly? Maybe I'm missing
something here...
-----BEGIN PGP SIGNATURE-----

iLgEARMKAB0WIQQWZv6JZKxO310TWtXo8fj9gx4T0wUCXbyKogAKCRDo8fj9gx4T
06a/AgjETQjTvlCkOeKWIqOrkcHQmNhbWtV1RYM3IbOoj6wddB3KPClw8aglVXMg
BEockH7nPuYT1rxxDhG8+llq9uXiEgIJAUsF0cCZbxparDbfzkTCb32opFdCIqb6
X95rfCCbaE/luNCTUR9B0+VVNdfUn4dcNkTSx8W6svJvjNB6RSwGm1wg
=MZCl
-----END PGP SIGNATURE-----

_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: How to improve our GUIs (was: We have GOT TO make things simpler) [ In reply to ]
On Fri, 2019-11-01 at 15:42 -0400, Tony Lane via Gnupg-users wrote:
> On 10/29/19 8:33 PM, raf via Gnupg-users wrote:
> > Hi,
> >
> > Sorry if this was mentioned before but I've just come
> > across a novel approach to email encryption that
> > doesn't do end-to-end encryption, but rather it
> > encrypts email upon receipt so that an individual can
> > encrypt the email that is stored in their IMAP account
> > as it arrives without the need for every sender to
> > encrypt and without the need for any service provider's
> > involvement
>
> That doesn't sound very safe. My interpretation of the
> goals of GPG is two server two purposes:
> 1) To transmit data securely over an insecure medium in
> a way such that it can protect itself against some
> eavesdropper or man-in-the-middle listening, or...
> (2) Provide a means to create digital signatures on data
> such that you can be assured that some message was sent
> only by someone who possesses the private key who's
> public key you've added.
>
> Your proposal doesn't seem to address the MITM attacks.
> It doesn't seem deal with signatures either.
> It seems only to encrypt things only on receipt. What
> does that protect against, exactly? Maybe I'm missing
> something here...
>

TL;DR: It's about damage control.

This idea considers the email provider as an entity that the user
trusts in the perspective of not being an intentional eavesdropper. But
it counts in the possiblity that an email provider might gets
compromised and mail content is extracted or existing mails might be
searched. And that's what it tries to protect from.

All this can be achieved by proper rolled out OpenPGP, but we see that
we are not there (yet?). Something quite positive about the idea is the
fact that re-encryption of the emails happens which is something we
might should consider to simplify with gnupg as well.

When there is one problem with OpenPGP encrypted emails, then it's the
fact that we don't re-encrypt them on a regular basis (at least I don't
hear anyone talking about this). Cryptographic functions (or at least
their parameters) are aging rather bad, which means my 10 year old
mails might be easy to crack in 5 years because of whatever found
problem in the algorithm (or parameters used for it) from 10 years ago.

It's a cold storage problem that this approach seems to try to solve,
which is a rather refreshing idea, even when I agree that it has its
own set of problems.

--
Signed
Sheogorath

OpenPGP: https://shivering-isles.com/openpgp/0xFCB98C2A3EC6F601.txt
Re: How to improve our GUIs (was: We have GOT TO make things simpler) [ In reply to ]
Ryan McGinnis via Gnupg-users wrote:

> I might be missing something really obvious here but... what is this
> trying to protect against?

What they say they are trying to protect against, I suppose.
I summarised my understanding of it by saying:

> > It might not address all threats but it certainly seems
> > to solve some very real threats, mainly the threat of
> > someone hacking into your IMAP account and accessing
> > every email you ever received.

> ...Your service provider can
> certainly (and probably does certainly) retain archive or backup copies
> of all emails that enter into and exit your account...

I'm sure they have better things to waste their storage on.
Most IMAP service providers are not the NSA after all. :-)

> ... so encrypting them
> after reception only means that the copy you are accessing is encrypted
> and non-accessible to the provider, but the copy that they archived or
> backed up is just as plaintext as always (or is, more likely, encrypted
> with a key that only they know).?

The point is that it's not accessible to whoever hacks
into your IMAP account. They make it very clear that
that is the problem that they are trying to solve.

> ... E2E is really the only solution that keeps your email provably
> private from all parties concerned other than the recipients.?

Like anything else, E2E is only an actual solution if
it is actually used.

Since E2E for email is demonstrably too hard to achieve
for most people, it doesn't happen except in rare
cases. You can obviously send encrypted emails to all
your correspondents who have accessible keys. E3 allows
you to encrypt the emails that you receive that weren't
sent by senders who are able or willing to encrypt what
they send. The creators of E3 are not pretending that
E3 is an alternative to E2E for the problems that E2E
solves. It complements it (in the sense that it can
encrypt all the emails that weren't encrypted
end-to-end). It's just a tool that solves a particular
privacy problem in an accessible way. It seems like a
good thing.

Of course, making E2E just as accessible must be
possible too but it hasn't happened yet and we've been
waiting a long time. How hard would it be for all email
clients to automatically create a key pair and publish
the public key when you first run it if it can't find
an existing keypair? Pretty soon everyone would have
keypairs. Multiple devices would complicate things,
though.

I expect it would require Google and Microsoft to make
it happen automatically but Microsoft decided to charge
money to encrypt email and Google decided to make money
by analysing email content to improve advertising
effectiveness so I can't see them doing it any time
soon.

cheers,
raf

> On 10/29/2019 7:33 PM, raf via Gnupg-users wrote:
> > Hi,
> >
> > Sorry if this was mentioned before but I've just come
> > across a novel approach to email encryption that
> > doesn't do end-to-end encryption, but rather it
> > encrypts email upon receipt so that an individual can
> > encrypt the email that is stored in their IMAP account
> > as it arrives without the need for every sender to
> > encrypt and without the need for any service provider's
> > involvement (you just need an IMAP account), and it
> > supports reading email from multiple devices, each with
> > their own local private key. Most importantly, it
> > doesn't require the user to know anything about
> > encryption except that they want some.
> >
> > It might not address all threats but it certainly seems
> > to solve some very real threats, mainly the threat of
> > someone hacking into your IMAP account and accessing
> > every email you ever received.
> >
> > Making It Easier to Encrypt Your Emails
> > Authors: John S. Koh, Steven M. Bellovin, and Jason Nieh
> > https://www.usenix.org/publications/login/fall2019/koh [paywall, usenix]
> >
> > Why Joanie Can Encrypt: Easy Email Encryption with Easy Key Management
> > EuroSys '19 Proceedings of the Fourteenth EuroSys Conference 2019
> > Authors: John S. Koh, Steven M. Bellovin, Jason Nieh
> > https://doi.org/10.1145/3302424.3303980 [paywall, acm]
> > http://nieh.net/pubs/eurosys2019_e3.pdf [free]
> >
> > Easy Email Encryption with Easy Key Management
> > Authors: John S. Koh, Steven M. Bellovin, Jason Nieh
> > https://mice.cs.columbia.edu/getTechreport.php?techreportID=1639 [free]
> >
> > Automatically and invisibly encrypt email as soon as it is received on any trusted device
> > https://www.helpnetsecurity.com/2019/04/01/easy-email-encryption/ [free]
> >
> > I know this doesn't help with the discussion of
> > improving GUIs to make it easier to encrypt emails that
> > you want to send, but it looks like a promising
> > improvement in privacy that could help many more people
> > than just those that want to encrypt emails that they
> > send. And it's still relevant. I expect that those that
> > want to encrypt any emails that they send might also
> > like all the emails that they receive to be encrypted
> > as well.
> >
> > cheers,
> > raf
> --
> -Ryan McGinnis
> https://bigstormpicture.com
> Sent via ProtonMail

_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users