Trei, Peter (ptrei@securitydynamics.com)
Wed, 19 Aug 1998 15:18:09 +0200
I'd like to second Perry's suggestion of
building a crypto-enabled version of sendmail.
Such a sendmail would use a DH exchange to set
up a link with perfect forward secrecy. The
end users need not do *anything*: he or she
does not even need to know that encryption
is being used - the sendmail would detect
whether it's partner was also crypto enabled,
and act appropriately.
In many cases, the sender would not even need
to install a crypto enabled client, since much
mail passes through gateways and firewall
proxies 'near' to the sender before entering the
public Internet. If the gateway or proxy encrypts,
the entire process is perfectly transparent to
the end user.
While strong authentication of the end parties
would be nice, even an unauthenticated DH exchange
is much, much better than nothing. A man-in-the-middle
attack on the DH exhange is an active attack, and
the capacity even a well-heeled criminal organization
to mount real-time MITM attacks vs millions of
mail connections per day is limited. Access to the
unencrypted sections of the link would be much
more difficult than compromising a few
key backbone routers.
Instead of having to persuade millions of ignorant
end users to use crypto email clients and obtain
keys and certificates, all it takes is a single
sysadmin installing the proper sendmail or mail
gateway to provide greatly improved security for
hundreds of users.
We could protect millions people from espionage,
without even telling them.
I realize that this is not the perfect end-to-end
crypto most of us would prefer, but it's far
better than what most people do today.
Remember: "The best is the enemy of the good"
Peter Trei
The following archive was created by hippie-mail 7.98617-22 on Sat Apr 10 1999 - 01:10:59