0

Hope this question is within the scope of stackoverflow, it contains some questions that are closer to a discussion but others that can be answered.

For my final year project I would like to try and set an end-to-end secure email web application (regardless of language DB or server).

I was going through encryptions and such and got stuck at public-key encryption. Quoting from HowStuffWorks

The sending computer encrypts the document with a symmetric key, then encrypts the symmetric key with the public key of the receiving computer. The receiving computer uses its private key to decode the symmetric key. It then uses the symmetric key to decode the document.

So the text gets encrypted using a symmetric key and the symmetric key is encrypted using the public key of the receiving comp? but then the receiving comp uses its private key to decode the symmetric key? Q1: why not use its own public key?

Furthermore although i didnt fully understand public-key encryption and services that use it like PGP i read on about digital certificates but again i dont understand how reliable that is, Q2: wouldnt it be better to continue using the authentication that the user used/passed in order to log in to his account? [Discard this Question it was a fault of my understanding]

Q3: In addition to all the above I was wondering if there are any good steps that can be used in order to prove the security of the system.

This is my first contact with encryption methods and such so please be a little patient with my ignorance.

Thank you.

P.S * Is there any better way known rather than public-key encryption? been wondering how good that is with the recent events and publications about NSA computer processing power.

czioutas
  • 1,032
  • 2
  • 11
  • 37
  • There are groups of people who each have studied cryptography and computer security for decades, but still struggle to get security software right. It's unreasonable to expect a newcomer to be able to write something secure. Security is a minefield; cryptography in particular. Even the slightest mistake will completely undermine the security of the whole system, so you need to know exactly what you are doing. – ntoskrnl Sep 14 '13 at 17:42

2 Answers2

2

Q1: why not use its own public key?

The semantics of public key cryptography is that you can only decrypt something that has been encrypted with a public key by using the matching private key.

In pseudo code, the below proposition holds:

Dec(PrivateKey, Enc(PublicKey, Message)) == Message

However, you can NOT decrypt Enc(PublicKey, Message) using PublicKey. You need the private key.

Q2: wouldn't it be better to continue using the authentication that the user used/passed in order to log in to his account?

I don't understand this question (I can guess about your meaning, but won't as that can derail conversation). If you can clarify I will edit the answer.

Q3: In addition to all the above I was wondering if there are any good steps that can be used in order to prove the security of the system.

Yes, there are many tools with which to prove the security of a system. From a high level proving the protocols (ex: Proverif, strand space, easycrypt) all the way down to proving the actual code you run is correct (ex: theorem provers such as Coq, Isabelle, and HOL4 or discharging proof obligations automatically via SMT as in fs2pv or F7 (ex: mitls).

There is even a programming language, Cryptol, designed and implemented with integrated SMT support, allowing proof of correctness properties of algorithms to be embedded and some functionality to be implemented in a more natural style (disclosure: I work for Galois).

Thomas M. DuBuisson
  • 64,245
  • 7
  • 109
  • 166
  • for Q2 i ment, instead of using digital certificates or digital signing in order to determine that the user is who it should be,use the connection that is already alive like the one already open from the log in. thnx a million about Q3! so do you think this is a feasible final year project? – czioutas Sep 14 '13 at 09:47
  • Yes, you can do this for a final year project. A nice aspect is you can divide this into three parts and have incremental success. 1) Design the protocol (basically just a pubic key encryption of a symmetric key which is used to encrypt an e-mail, I assume - throw in a signature somewhere if you'd like) 2) Implement the protocol as a mail client plugin 3) prove the protocol correct using `Proverif` or some other tool. It might be a little bit easy for a final year project, but I might be saying that because I've basically done this before so it would be fast specifically for *me* to do. – Thomas M. DuBuisson Sep 14 '13 at 18:34
  • sorry if that sounded arrogant. what I mean to say is that you should talk to your advisor to confirm the scope is acceptable. – Thomas M. DuBuisson Sep 14 '13 at 19:20
  • I understand what you are trying to say no worries no offence taken. What i had in mind was to make a web application end to end email provider with cryptography. So in the project I would include the web front end back end DB and server to make it more complete. What i fail t understand is **how the private key is generated**. Say we have a text it gets encrypted and send to someone. That email is stored in the DB encrypted. Everytime the receiver wants to see it does he use a different private key? – czioutas Sep 15 '13 at 09:34
0

This is a pretty tricky subject. I'll answer as best I can. Lets start with an example. You want to send an email to a friend in a secure format. You write the email and sign it with their public key. Then hit send. An encrypted ssl tunnel is opened to your email provider and the message is transmitted. Your mail provider forwards the message to their mail provider. He receives it and decrypts it with his private key and can read the message. Pretty easy right.

Q1: If you could decrypt with the public key than anyone could decrypt it. Q2: What if the mail provider gets hacked and your password gets stolen? Q3: Security is only as strong as the weakest link. There are many steps in the middle you have no control over. The only real control you have is the encryption on your side and their side. The best thing you can do is use known good encryption standards and rotate your keys early and often.

On a side note if your browser says https your using an encrypted SSL tunnel. It makes communication very secure between 2 parties. You encrypt with their public key and they decrypt with their private key. Whats not widely known is that the private keys for https are issued from what are called root certificate authorities. Its how browsers know the key being used is not forged or tampered with. Its widely believed that the NSA has obtained all private keys issued by the root CA's making all webpage traffic decryptable by them.

The best option for your email solution is to use privately generated keys. Using something like PGP or a competing standard. Do not use any that have been issued.

Lockless
  • 497
  • 1
  • 5
  • 12