X.509 / PKI, PGP, and IBE Secure Email Technologies

James A. Donald jamesd at echeque.com
Wed Dec 7 11:40:33 EST 2005 

    --
From:           	Ed Gerck <edgerck at nma.com>  
Subject:        	X.509 / PKI, PGP, and IBE Secure 
Email Technologies

> http://email-security.net/papers/pki-pgp-ibe.htm
>
> X.509 / PKI (Public-Key Infrastructure), PGP (Pretty 
> Good Privacy) and IBE (Identity-Based Encryption) 
> promise privacy and security for email. But comparing 
> these systems has been like comparing apples with  
> speedboats and wingbats. A speedboat is a bad apple, 
> and so on.

We can, and should, compare any system with the attacks 
that are made upon it.   As a boat should resist every 
probable storm, and if it does not it is a bad boat, an 
encryption system should resist every real threat, and 
if it does not it is a bad encryption system.   And no 
blaming the users.  An encryption system must 
accommodate the user, not the user the system.

Problem 1:  The primary weakness of existent email is 
its vulnerability to after the fact investigations.

Problem 2: The secondary weakness is ease of forgery. So
far spammers are not making much effort to forge their
way through your white lists, but phishers are forging
the identities of organization's with which you are
likely to have relationships.

Most efforts have been directed at problem 2, but the 
true names approach as failed for web sites, and it is 
too burdensome for people even to try for email

The user interface has to be a web page button "Please 
click here to us to send, and you to whitelist, our 
emails about blah blah "   User clicks.  Browser Chrome 
pops up.   "Will you white list emails signed by public 
key     YJQwlHzIzHP7nm04t3CFcrjFlMY, apparently 
controlled by website www.bankofadelaide.com, common 
name Bank of Adelaide, current favorite name
/favorites/banks/Bank of Adelaide - Home - Personal,
proposed petname banks/Bank of Adelaide - Home -
Personal

The spam filter has to pop up THE EXACT SAME BROWER 
CHROME, when the user tells it to whitelist a signed 
email that has been wrongly spam filtered.

Crap with certificate authorities or web of trust just 
is not flying, and is not going to fly.

But, of course, the really serious attack is problem 1, 
the problem that there are too damn many copies of email 
floating around, due to sending it in the clear and the 
store and forward architecture, which has got lots of 
people into really deep trouble.

The only copies should be those that the sender, and the 
receiver, choose to keep, and they should be encrypted 
with the user's email passphrase, the user's email 
passphrase should be known only to the client, not to 
the server, and the user's passphrase should have all 
the usual strengthening to minimize the effectiveness of
offline dictionary attack.  To limit the number of
possible copies, email should be sent by a direct
connection from the client to the recipient mail server,
rather than this store and forward crap.

Of course this is not email as we know it.  It is a new 
and wholly incompatible protocol, which can be 
transparently gatewayed to email as we know it.  

    --digsig
         James A. Donald
     6YeGpsZR+nOTh/cGwvITnSR3TdzclVpR0+pr3YYQdkG
     EHhbMLsVYHKM99sSClQYV0/o/XVA5PN4UrXpsU0v
     4ca9QRhhmxSqwOK6ef12X8jbDKTR/AMD0r8RQzn9j



---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com

More information about the cryptography mailing list