What does it take for Johnny to start encrypting his email?
Email is here to stay
Despite the growing popularity of applications like WhatsApp, email is still considered to be the most important communication tool for online workers 1 and is likely to grow in importance over the next five years2. A problem with email however is that email was designed in a time when Internet security was non existing. Email can be easily forged and intercepted. Growing economic espionage is becoming more and more a problem for companies worldwide. The FBI estimates that economic espionage "costs the American economy hundreds of billions of dollars per year" 3. New laws, like the European "General Data Protection Regulation", requires companies to protect all personal data. Non compliance can lead to "a fine up to 100 000 000 EUR or up to 5% of the annual worldwide turnover in case of an enterprise, whichever is greater".
Rules and regulations
Today, most users are no longer surprised when they hear about the security issues involving email. Most professions have strict rules and regulations on how to deal with privacy sensitive information (for example HIPAA in the medical industry). What is surprising however is that even though most users are aware that unencrypted email is not safe, many users still send privacy sensitive information unencrypted. Unfortunately there is a big gap between knowing and doing.
The role of auditors
In order to improve the security of their digital "Fort Knox", organizations spend large sums auditing and protecting their IT infrastructure. Sometimes companies are even required to buy firewalls from two, or more, vendors. If a vulnerability is found in firewall from vendor A, you will still have a backup firewall from vendor B. Strangely enough, it looks like auditors think their responsibility of what needs to be audited stops at the borders of the company's infrastructure. In other words, when data has left the company's infrastructure, it seems the company is no longer responsible for the data. Of course auditors are not stupid. They are aware that email can be forged and intercepted. However, since most companies are still allowed to use unencrypted email, even for privacy sensitive data, it seems most auditors turn a blind eye when it comes to email encryption.
Why is email encryption not used?
Email encryption products have been available for years and most email clients already have encryption capabilities built-in. If email encryption is already supported out the box, why is email encryption not used more often? There are a couple of reasons why email encryption is not popular. The paper "Why Johnny can’t encrypt: a usability evaluation of PGP 5.0" published in 1999, discusses why email encryption products are hard to use and why email encryption is not used more often. In my opinion the two most important conclusions of the article are:
- Individual users are not motivated to encrypt their email.
- Email encryption is too complex.
Users might not be motivated to encrypt their email because users do not think encryption is important. "I have never encrypted my email so why should I change this" is an often heard excuse. The first conclusion might also be related to the second conclusion. If email encryption was easy, more people would be motivated to encrypt their email. If email encryption is too difficult to use, people will either send email unencrypted, or they will find different ways to send email. Recently, the Dutch minister of economic affairs, reported that he uses his personal email account for work related email and that his personal email account was hacked. It is against the rules for a minister to send work related emails to personal email accounts. The reason for him not using the official work accounts are unclear, but my guess is that it was probably too difficult for him to send sensitive documents via his work mail account and he therefore chose the easier route using his personal mail account.
How to make email encryption easier?
I think the best option for email encryption is to encrypt email at the network level using a centralized email encryption gateway. The main benefits of an email encryption gateway is that it allows you to define a centralized security policy. For example, you can define a policy that all email to a certain domain must be encrypted. Because the policy is centralized, users do not have to think whether to encrypt their email. The system encrypts automatically if required. The administrator is responsible for the security policy and for configuring the correct keys. Key management is too complex for end-users. An additional benefit of a centralized encryption gateway is that it is still possible to scan for spam and viruses at the gateway level. This is not possible if encryption is done at the desktop level because the centralized virus scanner cannot scan encrypted email for viruses. A gateway solution also supports a hybrid mode where digital signing is done at the desktop level and encryption at the gateway level.
Is Transport Layer Security (TLS) the solution?
Some might think "but this can all be done with TLS!". This is only partially true. Without going through all the details, I will try to explain why TLS is not sufficient. TLS only protects the communication channel but not the individual messages. Another problem with TLS is that you can only enforce a secure connection to the first hub. If an email is handled by an intermediate mail server, you cannot enforce TLS from the intermediate mail server to the next because you are no longer in control of the email. Another problem is that TLS is vulnerable to a "Man In The Middle" attack. This is especially so with SMTP. The problem with SMTP is that there is no inherent relationship between the domain of a recipient and the domain of the mail server responsible for handling email for that domain. Until DANE is widely supported, TLS will be vulnerable to a "Man In The Middle" attack.
Use open standards
To make email encryption between servers successful, open standards should be used. Using open standards also lowers the risk of a vendor lock-in. There are currently two Internet standards for email encryption: S/MIME and OpenPGP. These two standards are supported by multiple vendors and are supported by many open source solutions. With most gateway solutions, you can configure domain-to-domain encryption. This makes email encryption completely transparent for end users. Future standards like DANE for S/MIME or DANE for OpenPGP makes key exchange between gateways and desktop clients virtually automatic.