Presentation is loading. Please wait.

Presentation is loading. Please wait.

Usable Cryptography (End-to-End) Marcus Brinkmann LSM 2011-07-12.

Published byGarey Bryant Modified over 8 years ago

Similar presentations

Presentation on theme: "Usable Cryptography (End-to-End) Marcus Brinkmann LSM 2011-07-12."— Presentation transcript:

1 Usable Email Cryptography (End-to-End) Marcus Brinkmann mb@g10code.com LSM 2011-07-12

2 2 Introduction Mail Encryption Fail The Vision Four Examples The Zen Way of Implementation

3 3 Mail Encryption Fail Why Johnny Can't Encrypt (Whitten, Tygar 1999):

4 4 Mail Encryption Fail People do not use mail encryption. ✗ too small to measure Plaintext in the cloud. ✗ attack escalation Mail displaced by „PHP doodads“ (E. Moglen) ✗ 59% decline 12-17 yo (comcast)

5 5 Mail Encryption Fail Organisations: ✗ X.509 (PKI with CA) Server-side (not end-to-end): ✗ data retention ✗ provability of send and receive ✗ business models

6 6 The Vision Suck less.

7 7 Four Examples Opportunistic Encryption Automatic Key Generation Key Distribution through DNS Trust On First Contact/Persistence of Pseudonym

8 8 Opportunistic Encryption Sucks: ✗ Wrong person to ask. ✗ Wrong place to store preferences. ✗ Mistake leads to plaintext leak. Sucks less: ✗ Get key and preferences from recipient. ✗ Always encrypt if possible. „Do you [the sender] want to encrypt this mail for this recipient and if yes, with which key?“

9 9 Automatic Key Generation Sucks: ✗ People choose inappropriate key parameter. ✗ Software-Amnesia. Sucks less: ✗ Use best practices by default. ✗ Mail client knows name and mail address. ✗ No more stupid questions. „What key type, size, expiration time do you want, what is your name and mail address?“

10 10 Automatic Key Distribution Sucks: ✗ Keyservers disjoint and quality varies. ✗ No undo. ✗ What is exported? Sucks less: ✗ Distribute keys through DNS (PKA). ✗ No search. ✗ Trust inheritance (DNSSEC). „What keyserver do you want to use? How do you want to export your key? Which file do you want to import?“

11 11 TOFU/POP Sucks: ✗ Yes/no question with amnesia at critical time. ✗ What is the consequence of being wrong? ✗ What does it even mean? Sucks less: ✗ Trust on first contact (like SSH) ✗ DNSSEC as CA ✗ Remember earlier contacts (persistence of pseudonym) ✗ „Trustiness“ mental model: „same key as last N times“ „Does this key belong to that person?“

12 12 TOFU/POP „Perspectives“ (Wendlandt et al., 2008): ✗ Network of monitors („notaries“) recording fingerprint histories in the network over time. ✗ Clients consult notary servers on trust decisions (first contact, fingerprint mismatch). Notaries provide non-local majority vote over time, disabling many MITM attacks.

13 13 The Zen Way of Implementation Reuse existing infrastructure: ✗ Full compatibility to OpenPGP and S/MIME. ✗ Full compatibility to other PKIs. ✗ PKA/CERT DNS available for many years now. ✗ TOFU/POP well-known from SSH.

14 14 The Zen Way of Implementation Acceptance by modularity: ✗ Experts generate or publish keys manually, or use different trust policies. Deeper integration can provide better user experience: ✗ Mail app has user name and account data. ✗ Mail app has semantic information on previous contacts.

15 15 The Zen Way of Implementation The big challenge: ✗ Changed trust model requires new generation of user interfaces. ✗ Opportunistic encryption requires widespread adoption of PKA/CERT DNS.

16 16 The Zen Way of Implementation Can we reach critical mass? ✗ Develop tool support and guidelines for user interaction. ✗ Engage privacy protection organisations. ✗ Shame providers into adapting their applications.

17 17 Thank you!

Download ppt "Usable Cryptography (End-to-End) Marcus Brinkmann LSM 2011-07-12."

Similar presentations

1 SUNGARD AVAILABILITY SERVICES Messaging and Collaboration - E-mail Availability Service - Notification Service.

1 SUNGARD AVAILABILITY SERVICES Messaging and Collaboration - Availability Service - Notification Service.
Cryptography Chapter 7 Part 4 Pages 833 to 874. PKI Public Key Infrastructure Framework for Public Key Cryptography and for Secret key exchange.

Cryptography Chapter 7 Part 4 Pages 833 to 874. PKI Public Key Infrastructure Framework for Public Key Cryptography and for Secret key exchange.
DNSSEC & Email Validation Tiger Team DHS Federal Network Security (FNS) & Information Security and Identity Management Committee (ISIMC) Earl Crane Department.

DNSSEC & Validation Tiger Team DHS Federal Network Security (FNS) & Information Security and Identity Management Committee (ISIMC) Earl Crane Department.
Lecture 5: Email security: PGP Anish Arora CSE 5473 Introduction to Network Security.

Lecture 5: security: PGP Anish Arora CSE 5473 Introduction to Network Security.
User studies. Why user studies? How do we know security and privacy solutions are really usable? Have to observe users! –you may be surprised by what.

User studies. Why user studies? How do we know security and privacy solutions are really usable? Have to observe users! –you may be surprised by what.
S/MIME Email and PKI Dartmouth College PKI Lab. What Is S/MIME? RFC 2633 (S/MIME Version 3)RFC 2633 Extensions to MIME Uses PKI certificates, keys, and.

S/MIME and PKI Dartmouth College PKI Lab. What Is S/MIME? RFC 2633 (S/MIME Version 3)RFC 2633 Extensions to MIME Uses PKI certificates, keys, and.
Designing Security In Web Applications Andrew Tomkowiak 10/8/2013 UW-Platteville Software Engineering Department

Designing Security In Web Applications Andrew Tomkowiak 10/8/2013 UW-Platteville Software Engineering Department
Presented by INTRUSION DETECTION SYSYTEM. CONTENT Basically this presentation contains, What is TripWire? How does TripWire work? Where is TripWire used?

Presented by INTRUSION DETECTION SYSYTEM. CONTENT Basically this presentation contains, What is TripWire? How does TripWire work? Where is TripWire used?
1 Lecture 18: E-Mail Security issues specific to email security key management services –privacy –integrity/authentication –nonrepudiation/plausible deniability.

1 Lecture 18: Security issues specific to security key management services –privacy –integrity/authentication –nonrepudiation/plausible deniability.
Masud Hasan 03-60-475 SecueEmail VS Hushmail Project 2.

Masud Hasan Secue VS Hushmail Project 2.
IST 210 Web Application Security. IST 210 Introduction Security is a process of authenticating users and controlling what a user can see or do.

IST 210 Web Application Security. IST 210 Introduction Security is a process of authenticating users and controlling what a user can see or do.
Chapter 9: Using and Managing Keys Security+ Guide to Network Security Fundamentals Second Edition.

Chapter 9: Using and Managing Keys Security+ Guide to Network Security Fundamentals Second Edition.
SECURITY MANAGEMENT Key Management in the case of public-key cryptosystems, we assumed that a sender of a message had the public key of the receiver at.

SECURITY MANAGEMENT Key Management in the case of public-key cryptosystems, we assumed that a sender of a message had the public key of the receiver at.
Module 9: Designing Public Key Infrastructure in Windows Server 2008.

Module 9: Designing Public Key Infrastructure in Windows Server 2008.
Confused Johnny WHEN AUTOMATIC ENCRYPTION LEADS TO CONFUSION AND MISTAKES Scott Ruoti, Nathan Kim, Ben Burgon, Tim van der Horst, Kent Seamons Internet.

Confused Johnny WHEN AUTOMATIC ENCRYPTION LEADS TO CONFUSION AND MISTAKES Scott Ruoti, Nathan Kim, Ben Burgon, Tim van der Horst, Kent Seamons Internet.
1. 2 Overview In Exchange security is managed by assigning permissions in Active Directory Exchange objects are secured with DACL and ACEs Permissions.

1. 2 Overview In Exchange security is managed by assigning permissions in Active Directory Exchange objects are secured with DACL and ACEs Permissions.
Module 7 Planning and Deploying Messaging Compliance.

Module 7 Planning and Deploying Messaging Compliance.
PsycINFO Storing search results: mail, print, export Library.

PsycINFO Storing search results: mail, print, export Library.
ONE® Pages Training Presentation North York General Hospital.

ONE® Pages Training Presentation North York General Hospital.
Security fundamentals Topic 5 Using a Public Key Infrastructure.

Security fundamentals Topic 5 Using a Public Key Infrastructure.

Similar presentations

Ads by Google