What Petraeus Did Wrong- No Encryption 7
This week we’ve all read how General Petraeus was forced out of his position because the FBI was able to read his emails. I’ll leave the moral question about affairs for you to determine on your own, however, from a technology perspective, he did many things wrong.
I’ve added an update below, since new technical information has become known.
Draft Messages on Email Servers
Reading an article about this over at Ars explained that the two people shared a gmail account, but never sent any emails. They would communicate through saved Draft messages. On the surface, this seems smart, but there are issues doing this from a security perspective:
- sharing a password is never a good idea.
- using 3rd party services is usually not a good idea.
- the US government has never treated any electronic data stored anywhere in the USA a “private” unless people use strong encryption. If they can read it, they believe there is a legal loophole that allows access.
Not sending the emails is smart. They’ve reduced the number of middle-man opportunities significantly. Of course, gmail is hardly the best middle-man to trust. Any of the large USA located email providers are probably not a good choice. Go overseas people, go overseas. We probably want to avoid countries that are great friends to the USA when picking an overseas email provider too. Perhaps Argentina would be a good choice since US relations with that country have been strained recently.
Still, if they’d use strong encryption, like gpg provides, the FBI wouldn’t be reading their messages.
Encryption
There are multiple types of encryption available that could have been used by the General to prevent anyone aside from him and the other person from reviewing the emails.
However, the first thing to know is that when you use any cloud provider, like an email service, any where, you have decided to trust that provider with all the data stored inside your email account. They can read every message, every TO, every FROM, every CC and subject along with the date-time the message was received. That doesn’t sound like much information, but it is even if the message is unreadable.
Don’t Use Cloud Providers without Strong Encryption
Email is very common. Most people think of it as private and secure, but this simply is not the reality. Email is mostly like a postcard. Anyone or any server that email traverses has a chance to see all the headers even if the message is encrypted. Most of the time the email servers will be from different providers, so that is at least 2 different organizations or entities that you are trusting with the data.
Here’s the shortest path for an email on the internet.
Your-PC —> Your-Email-Server —> Internet —> Their-Email-Server —> Their-PC
At any point along the way, the postcard can be reviewed. If you and “them” save a copy of the email on your local hard drives unencrypted, that makes it really easy for someone else to see. Your PC is probably much less secure than the email servers your and “them” use.
If you create an anonymous email account with gmail or any other email provider, be aware that it is really, really, really, hard to remain anonymous while using it. Your IP address for every connection is most likely logged and can be traced back to you. Even if you use a tool like TOR to hide your current location, cookies and other PC defining methods can be used to fingerprint your PC from the hundred million+ other devices. Your PC is fairly unique on the internet. If you use some other PC, like at a library or internet cafe, then you can probably be traced as well through cash transactions or security cameras.
Being 100% anonymous on the internet is hard. For a harmless prank, you can probably get away with it, but for anything serious, you will probably be discovered unless many months go by before someone looks for you.
Encrypted Storage
For your PC and the other persons PC, both of you can use strong encryption to reduce the risk of unwanted people reading your secret love messages. Many operating systems include whole disk encryption as part of the OS, but not all do. As an example, Windows7 Ultimate does, but Professional and Home-Premium do not. For those OSes, using TrueCrypt is a viable option to keep 99.999% of the world from accessing your data, not just email. To prevent the US government from accessing it, when they really want access can be nearly impossible, but the government has to really want to access it to bother using extreme measures. Most of the time, normal use of TrueCrypt with a strong pass-phrase will be sufficient to prevent all access.
Encrypting your storage is just smart these days. Don’t forget to encrypt your backups too.
Encrypted Transmission
When you send or receive email, you can change the postcard into a letter, at least for the portions going over the internet by using encrypted transmission protocols. To clarify, you may be able to control whether Your-PC and Your-Email-Server use encryption OR you may not. Email is made up of 3 different protocols: SMTP, POP3 and IMAP. Each of these supports an encrypted version, usually those have an “S” appended to the protocol – SMTPS, POP3S, IMAPS. Both you and the other person want – no – NEED – to use the “S” versions. SMTP is how you send email and the only way that every email server communicates between other email servers.
As an end-user, we don’t have any control over that server-to-server encryption, none. We have to trust that our providers insist on SMTPS. I hate to say this, but most do not.
Encrypted Email – OpenPGP
So, we can’t ensure that
- email is stored encrypted on the servers
- the other person stores our email encrypted on their PC
so what can we do to dramatically inprove the chances that our super secret email is only read by the person we want?
We can use OpenPGP to encrypt it. OpenPGP is a standard for encrypting emails using PKI. PKI is Private Key Encryption. Explaining more about this is far beyond what I can do here, but the short version is:
You create a pair of cryptographic keys – a public key and a private key. Both can be used to encrypt anything, but today we just care that email is encrypted. If the public key is used to encrypt something, only the private key can be used to decrypt it. Similarly, if the private key is used to encrypt something, only the public key can decrypt it.
Pub-Key —> ENCRYPT —> Private-Key —> DECRYPT
Private-Key —> ENCRYPT —> Pub-Key —> DECRYPT
I hope that is clear.
The other person also creates a public key and a private key pair. In this way, both of you can encrypt messages that can only be opened using your personal private key. This ensures that only you and you alone can review the contents.
As you can see, it is absolutely critical that private keys are kept private. Nobody else – not your Mom or wife or husband should have access to these. Just you. If you misplace or lose your private key(s), you will not be able to read or decrypt anything encrypted with your public key(s). That data will be lost forever.
However, your public key is just that – public. Anyone can have it and use it. There are servers on the internet called key servers that we all use to post our public keys. These can be searched so that you can find other people’s public keys. There is no charge for using them. If you and the other person know each other well, you can share your public keys without using any 3rd party at all.
Ok, theory lesson is over. What tools can you use to have openpgp email encryption? There are many tools and you can choose any that you like provided they support the openpgp standard. I use these:
- Thunderbird – email client
- gnupg – gpg – encryption and key creation tool
- enigmail – Thunderbird plugin to handle OpenPGP tasks inside Thunderbird
- KeePassX – password manager to ensure that my private keys remain private through the use of a very strong pass-phrase.
For Ubuntu here is a How-To. Just be aware that 1024-bit keys are considered too weak to be used anymore. You should use either a 2048 or 4096-bit length.
I know that MacOS, OS-X and Windows all support OpenPGP as well.
It appears that the General used Yahoo! Mail. If he and his mistress had used PGP encryption, then the FBI would never have read those damning emails.
OpenPGP is not perfect. Using it means that you cannot search your emails easily. It also means that the server cannot search those emails easily either. It does mean that anyone gaining access to my emails doesn’t really get to view the most sensitive items unless they also have access to the gpg keys. I am not likely to provide those to anyone for any reason.
I should also point out that sometimes gpg breaks. It is a complicated tool when used for email and a few days every 6 months, I have issues reading or sending encrypted emails.
Mixing Personal and Business Hardware, Software and Networks
This shouldn’t need to be stated, but do not mix your work computing environments with your personal computing environments. Don’t do it. We don’t own our work equipment or networks. Even the General shouldn’t have used any US government networks for personal use. In government and many corporate network environments, certificates will be installed on your PC so that the network administrators can read every encrypted packet you transmit. While they cannot read GPG encrypted emails, they can decide to drop those emails since it cannot be read. It is best to never mix work and personal computing.
Summary
What have we learned?
- Don’t mix work and home computing
- Always encrypt storage – especially portable storage like a smart phone or laptop
- Always use encrypted protocols – HTTPS, IMAPS, SMTPS whenever possible. For anything sensitive, if those are not available, then do not transmit.
- For extremely sensitive email, use OpenPGP tools to encrypt the message such that only the intended recipient can read it.
- Even if you encrypt the emails, the headers, including the subject, can still be read.
- Being anonymous on the internet is hard – really hard. Do not expect to get away with anything unless you are an expert in computers, networking and privacy. Just 1 small mistake out of thousands of things done correctly will give you away.
While I didn’t say this directly, if you do not use encrypted storage and store your gpg keys on the device, you’ve just left that open for someone else to access. The use of GPG for email does not mean someone can’t find another way to read the emails. At least with the main messages encrypted, your email service provider can’t sell you out. It also means that gmail can’t create targeted ads for you. ;)
Encryption alone isn’t enough to keep your private emails private. Other steps, mostly common sense, are necessary too.
General Petraeus should have known better.
The reason he probably never considered encryption is probably related to what enabled him to have the affair to begin with. He figured he was too powerful to get caught. For some reason people in power don’t see themselves as the target they really are.
I agree that as military and CIA he should have known better though. Hubris of man. (posted by someone typing on an insecure iDevice)
I’ve seen different reports that say gmail and YahooMail were used. From a security perspective, I don’t think it matters.
If you want something be remain secret,
The world should know this already.
@IJG: Just saw the comment. Had to clear a large number of blog-spam messages to see it.
Obviously posting to any blog, even without a login, gives away some information about you. I happened to be looking at the database schema a few days ago concerning feedback after a larger-than-normal amount of blog spam arrived. From a poster perspective, the information stored of concern are a timestamp of the post and an IP from which the post originated. The reverse proxy logs have more information concerning the browser user, any plugings it has, and the reported OS. Of course, the IP address is in those logs too. Due to the nature of TCP protocol, the IP address must be real.
Of course, you could use TOR to hide your current real IP address, but all the other information would probably still give you away. Some browsers have extremely specific fingerprints when you add in java, javascript, extensions and plugins. Not to mention use of flash locally stored objects and cookies. In general, it is really, really hard to be anonymous on the internet.
I’ve thought about how to be anonymous on the internet, truly anonymous. It is hard. Seems that I didn’t create a stand-alone article about it here. Hum….
Great article!
I was wondering the same thing about Petraeus—whether using encryption would have made any difference. Perhaps ultimately not—but the timing may have been different.
By the by – “PKI” refers to “Public Key Infrastructure” with the emphasis being on “Public”. This is what makes the Open-PGP standard so cool. Public Keys can be freely shared.
Also, I don’t quite get your description of how public and private keys interact, specifically, where you wrote:
“If the public key is used to encrypt something, only the private key can be used to decrypt it. Similarly, if the private key is used to encrypt something, only the public key can decrypt it.”
It’s the second sentence that seems wrong to me—I know of no option in GnuPG where anyone uses a private key to encrypt something. There is an option to force symmetric encryption, which requires passphrase that must be shared in order for someone to decrypt the message, unlike public key asymmetric encryption where each public key used has a corresponding private key (residing securely with recipients) with a unique pass-phrase associated with each private key. My understanding is that my private key resides only with me, and is simply used to decrypt things encrypted with my public key. I’m the only one who should have this key, which is why it is private.
Of course, I may have misunderstood you—or I may not understand the intricacies of PKI (Public Key Infrastructure) as well as you.
Still—very nice article, which I will likely point to if I make a similar post to yours.
Cheers!
When you mention for GPG keys that
“1024-bit keys are considered too weak to be used anymore”,
how does one determine this is now feasible for it to be ‘cracked’???
The reason I ask is to be able to estimate how far in the future the 2048 or 4096-bit length keys will become obsolete?
I imagine there was a time where 1024-bit encryption people thought could never be cracked either. I ask because I remember thinking who in their right mind would need an entire 1GB of RAM for a personal desktop.
a) Most people still do not need 1GB of RAM for a personal desktop. RAM is cheap, so we load up. I know people happily running Linux desktops with 512MB of RAM and servers with 384MB of RAM. For most people, it is just easier to have 4x too much RAM than to troubleshoot any real performance issue. When they ask the computer guy how much RAM they need, the current answer is at least 4GB. Not because that is true, but just because it is cheap ($30) and easier than discovering that a $100 SSD or $100 GPU would make more difference in total performance. Plus they can install used RAM easily and charge new prices for it. Obviously not all computer repair shops will do this and the client will probably be happy regardless. Most people don’t have the skill to monitor their systems for performance over time to gather true facts and data so an informed decision is possible.
b) Key length for security is one of those things that cannot be estimated well. The way I see it, if any part of any government or respected organization says they can find collisions or brute force it in less than a year using government-level resources for a specific key length, that’s time to move on to a key at least 2x longer. I always want to have 2x longer keys than can be cracked using currently known methods. Don’t forget that key length from a brute force attack perspective is exponential for every bit added in length.
c) About 2 yrs ago, I switched to 4096 length keys. Everyone else said it was overkill. Whatever.
The real issue for key-based security is that other, more efficient, attacks become known, not usually that brute-force methods can crack XYZ-sized keys faster. About 2 years ago, 1024 length SSL keys were not being provided by SSL providers due to security issues. About a year ago, Microsoft stopped accepting 1024-bit keys for use in IIS. That should really tell people something.
Reading and understanding a little about PKI encryption before getting into
Since I am not an expert on, you probably want to start by reading wikipedia articles.
If you want to know all the gritty details, Practical Cyptography by Schneier is the standard. He also has a personal blog that gets updated more than mine with current security topics. On Fridays, Mr. Schneier usually posts something about squid. Seems he has an unusual fascination for squid. ;) I’ve been reading his blog a few years.
Ars is begging Gmail to encrypt all email. I don’t see that happening.
Property encrypted email can’t be reviewed, can’t be searched, can’t be categorized, can’t be used to build purchasing preferences.
The most powerful part of gmail seems to be the ability to quickly search all the contents. Encrypted emails cannot be searched.
Convenience or security. It is a tough choice.
Anyway, Ars usually does a good job explaining things.
There are many concerns if gmail does the encryption. The comments for that article cover most of them.