Educause Security Discussion mailing list archives
Re: Encrypted email
From: Jesse Thompson <jesse.thompson () DOIT WISC EDU>
Date: Fri, 21 Mar 2008 10:17:00 -0500
Mike Wiseman wrote:
Perhaps a better place to start would be to define what the goals are. Clientless encryption is impossible if the goal is end-user to end-user encryption. Even Hushmail fell into this trap when they offered a clientless way for users to access their mail. They didn't make it clear to users that any time the server is involved with the decryption process, it means that your mail can be decrypted if there is a subpoena or a server is compromised.These issues apply to *any* enterprise encryption technology since keys would need to be backed up or escrowed.
Well, yeah. That's why it's important to preface these discussions with a definition of *who* you are protecting the content from. End-to-end encryption without key escrow is the most secure, but has usability drawbacks. Key escrow done by a trusted 3rd party allows authorized parties to access the content. Key escrow/backup done on the same server that does the decryption makes you vulnerable to abuse or compromise. Client-less encryption (where the server is able to see the keys) makes you vulnerable to abuse or compromise. 3rd party escrow in this case doesn't add much additional security.
However, I wouldn't necessarily call it encryption.Not sure what you're referring to - the Voltage product is based on identity-based encryption which is based on elliptic curve cryptography. No technology concerns there. Password strength is a concern but this can be dealt with via policy or the use of multi-factor authentication.
I was merely referring to the idea of "weakest link in the chain" or "Achilles heal". Just because part of your "encryption process" uses strong encryption doesn't make the data completely secure. Again, it's important to preface these discussions with a definition of *who* you are protecting the content from. I have nothing against Voltage or systems like it. I think that our campus would benefit from this type of service. Jesse
Mike Mike Wiseman Computing and Networking Services University of Toronto
-- Jesse Thompson Email/IM: jesse.thompson () doit wisc edu
Attachment:
smime.p7s
Description: S/MIME Cryptographic Signature
Current thread:
- Encrypted email Heather Flanagan (Mar 18)
- <Possible follow-ups>
- Re: Encrypted email Mike Wiseman (Mar 18)
- Re: Encrypted email Jesse Thompson (Mar 19)
- Re: Encrypted email Jesse Thompson (Mar 19)
- Re: Encrypted email Mike Wiseman (Mar 19)
- Re: Encrypted email Heather Flanagan (Mar 19)
- Re: Encrypted email Matthew Gracie (Mar 20)
- Re: Encrypted email Jesse Thompson (Mar 21)
- Re: Encrypted email Jesse Thompson (Mar 21)