What Email Needs

Abstract

This is a public discussion paper on email security. The paper is published in sections, each section presented after sufficient time for feedback. Join the discussion in the Blog and help shape this paper and its conclusions.

Introduction

We all know what email needs. Security. And we need email security for both sender and recipient, end-to-end, and after the end point as well -- after the email arrives. Email security for the message and for the email addresses.

But, we have so many email security solutions already! Email encryption and digital signing with public-key cryptography was made possible for everyone on the Internet more than 20 years ago, with PGP. Microsoft Outlook, ubiquitious in corporations and available as the free Express version, uses public-key cryptography to encrypt and digitally sign email with a single click. Just search for "email security" and you will find pages and pages of solutions, for everything that's wrong with email including fraud, spam, spoofing, phishing, and eavesdropping.

Many medicines is a sign of no cure.

Public-key cryptography gave the impression that email message security could be achieved quite simply. The public-key can be distributed at will, no need for secrecy, and anyone can receive private and secure messages. The same procedure being applied to each side, sender and receiver, both could immediately engage in private and secure communication.

However, despite the apparent simplicity and widespread availability of public-key cryptography, less than 5% of all email is encrypted. Banks won't even consider using encryption for sending out monthly statements and notices. It's not just the mounting problem with email fraud schemes such as spoofing and phishing. Banks discovered that not even their own employees were willing to use encryption.

1. Why Is Email Encryption Not Used?

One common explanation why email encryption is not used is that people just don't need secure email; if they would, they'd use encryption. Given the successful use of encryption for web sites, with SSL, and the obvious need to protect information from hackers, why would information sent by email not need protection as well?

Thus, in the same way that bank statements, contracts, medical records, job offers and personal correspondence are invariably sealed in envelopes before they are sent using postal mail, correspondence delivered by email would also need to be sealed by encryption. Furthermore, because email messages can linger on in servers and caches long after they are deleted by the recipient and sender in their own computers, unprotected information sent in an email could come back in the future to haunt senders.

Another explanation is that people do not know that regular email is not secure; if they would, they'd use encryption. However, high-profile email disclosures and attacks such as phishing emails are in the daily news. Every day, many millions of Internet users receive emails from themselves, their banks, and even their friends, that they never sent. The Missouri Bar Disciplinary Counsel, for example, requires all Missouri attorneys to notify all recipients of email that:

"(1) email communication is not a secure method of communication,

(2) any email that is sent between you and this law firm may be copied and held by various computers it passes through as it is transmitted,

(3) persons not participating in our communication may intercept our communications by improperly accessing your computer or this law firm's computers -- or even some computer unconnected to either of us that the e-mail may have passed through."

Thus, if people do need secure email and if they do know that regular email is not secure...

Why is email encryption not used?

...Continues in Part II (to be uploaded)

Contact Information