Time by time I am getting the same questions from customers, which I try to explai them. Lately one of the most asked question is about S/MIME.
What is S/MIME? How it works? What about the encryption issues which was found out in May 2018?
In this article, I will explain all about S/MIME what I think is important to know to understand.
I can already tell you now that there is much more about S/MIME than you can read in this article, but for understanding it and get an answer for the main questions, this article should be a good start.
What is S/MIME?
S/MIME (Secure / Multipurpose Internet Mail Extensions) is a standard solution for encrypting and signing E-Mails with a hybrid cryptosystem.
S/MIME makes possible to exchange information between sender and receiver about the type of data transmitted (Content-Type field, Internet Media Type) and at the same time set for the transmission path secure character encoding (Content-Transfer-Encoding).
Several encoding methods are specified that allows the transfer of non-ASCII characters in text as well as non-text documents such as images, voice and video in text-based transmission systems such as e-mail or Usenet. The non-text elements are encoded at the sender and decoded again at the receiver.
Certificates are used in S / MIME. These are provided by the responsible certification authority (CA). The personal details are checked to ensure the authenticity of the e-mail address and the person. In order to provide the communication partners with the public part of the certificate, it is sufficient to send a signed e-mail. The recipient stores this part in the personal store and can now exchange encrypted messages with the other party. S / MIME enables fully encrypted communication.
“Our e-mail server is already encrypted. Is not that enough?”
Encrypting e-mail servers with digital certificates is a first step. This prevents outsiders from switching between e-mail and the mail server and intercepting sensitive data. This is also the limit at the same time. The digital certificates that encrypt the server do not necessarily protect the emails themselves. In principle, emails are protected on their way to and from an encrypted server. This does not prevent hackers from entering an e-mail system and opening the news. Or to access messages as they go through other servers. While the emails are being transmitted to the server in question they are well protected. But dormant emails or other points of transmission remain open.
Those who still doubt that e-mail encryption is a sensible thing, which can be perhaps convince of a prominent proponent. The whistleblower Edward Snowden is one of her supporters. Over the years, several large companies have recognized the importance of e-mail encryption. Google is already encrypting messages sent to Gmail, and Facebook and AOL are equating Google with encrypting their emails. Even Microsoft, the company that hosts a wide range of mail services, has already secured accounts with e-mail encryption. In addition to encryption, S / MIME also offers the option of signing emails.
Considering how benefits of S / MIME can help a business in long term, it’s only recommended. If a company wants to ensure integrity, protect privacy, protect sensitive data and reduce phishing and other email attacks, it should definitely consider using S / MIME. For a long time, S / MIME was considered (too) complex, which deterred many potential users in advance. Over the years, however, it has become much easier to implement the technology. Windows phones already equipped with S / MIME at the factory are a good example of this.
How it works?
S / MIME is based on asymmetric encryption and uses a pair of mathematically linked keys – a public key and a private key. It is mathematically not feasible to find the private key, assuming a public key. Emails are encrypted with the recipient’s public key. The e-mail can only be decrypted with the corresponding private key, which should be the sole possession of the recipient. If the private key is not compromised, you can be sure that only the legitimate recipient can access sensitive data.
S / MIME has two main components:
Digital signature. This verifies that the e-mail was actually sent by the person who submitted as the sender. To sign your messages, you must install a unique signing certificate. Your company’s IT administrator can remotely install the certificate on your phone and let you know how to obtain a personal certificate for your phone.
Encryption. It provides a way to protect (encrypt) information. Thus, the data is only readable or understandable after they have been transmitted (decrypted) in a “decipherable” format. Encryption keeps your e-mail confidential during transmission and storage, as its content can only be viewed by the intended e-mail recipient. Your company’s IT administrator can install your personal encryption key remotely on your phone. When the e-mail recipient of your organization is a member, we identify his public encryption key while you write an encrypted e-mail to the recipient. If the recipient is outside your organization, you will need to install his public key on your phone when the recipient sends you the key by e-mail. For more information about how to obtain an encryption key for your phone, contact your organization’s IT administrator.
Encryption issues (Efail)
The found problem by itself is not S/MIME. Here the problems are located by 3rd party tools and plugins, which are using S/MIME.
In general, it should be noted that the encryption method S / MIME was not cracked, but vulnerabilities were found in e-mail clients, which leverage the encryption techniques.
The attackers must first have access to the sent e-mail, where the encrypted text is called cyphertext. The cyphertext would have to be intercepted on the way, because who has access to the mailbox of a person, usually has other possibilities for attacks. Then the content of an e-mail with HTML code and the ciphertext can be manipulated. If such an e-mail is then read in an e-mail client that executes HTML code automatically, it is possible to read all or part of the decrypted text via this HTML code.
Conversely, this also means that plain text e-mails or e-mails that are displayed without HTML support should still be safe. The real problem with “Efail” is therefore that many mail programs run in the default setting HTML – especially on smartphones – and thus provide a security vulnerability.
This problem is not only known to S / MIME, but also to PGP. For this PROTONMAIL has published two statements:
- No, PGP is not broken, not even with the Efail vulnerabilities
- Statement from PGP developers about eFail