How to Set Up Encrypted Mail on Mac OS Xby FJ de Kermadec
Do you send postcards? Probably. They're great to convey best wishes for the New Year, to send a "get well" note to your neighbor who is in the hospital, or a "hello" note to coworkers from your holiday place.
However, you would never send confidential information on a postcard, would you? Certainly not since the postal workers and every single person who handles the card can read its contents while it travels through the post system.
Well, I have news for you! When you send email to someone, most of the time you're not sending them a letter, carefully enclosed in an envelope. You're basically sending them the electronic version of postcards that can be read -- or worse, altered -- by anyone during their transit over the network.
Indeed, standard mail is not a secure means of communication: every single note you send travels through dozens of servers before arriving in your recipient's inbox and can be stopped, altered, and resent without you or the recipient noticing it.
While this may be acceptable when you're exchange healthy cooking tips with your grandmother, this is certainly not the case in your everyday workflow.
S/MIME and Certificates
S/MIME (Secure / Multipurpose Internet Mail Extensions) is a protocol that adds digital signatures and encryption to MIME, the standard format used to send mail.Thanks to this technology, you can now encrypt emails on the fly. In the real world, this is like putting your postcard into an envelope -- perhaps even better since envelopes can be easily opened. With this system, you can also "sign" messages electronically. Digital signatures attached to a mail prove two things:
- That the mail has not been tampered with while it was in transit.
- That the mail has been sent by the email address that claims to have sent it.
This better secures your email, since you can make sure that nobody, except the intended recipient, can read them and that they cannot be tampered with unnoticed during transit.
Note that I didn't say that the signature proves that the mail comes from you. The danger lies here: most people think that it does and this can have legal repercussions. As we will see in a moment, you need to hire a third party that will "guarantee" that you are you and give you the necessary elements to sign and encrypt your mails.
However, at the first level, this third party, commonly called a certification authority, only has limited means to check that you are who you claim to be. Used at their full potential, signatures should be able to prove that a mail is sent by a specific person, but since there still is room for impersonation during the certificate creation process, I prefer to say that the signature guarantees that a mail comes from a specific address.
The Encryption Technologies
The mail signing and encrypting process relies on an encryption family of technologies commonly called "asymmetric" or "public key."
These encryption technologies rely on two "keys" to encrypt and decrypt information. What you encrypt with one "key" can only be decrypted with another -- and not even with the one that was used to encrypt it in the first place.
This is a great way of securing information. Indeed, you only need to keep one key secret. This key is called your "private key" and should remain secret by all means. It identifies you when it comes to signing mails and plays a vital role in this process.
The other key is the public key that you distribute freely so that people can encrypt information that they send to you. Once it is encrypted, only you -- the owner of the private key -- can decrypt it. Needless to say, losing your private key would have catastrophic consequences.
In most cases, this system is way more secure than older ones that only use one key, since they allow you to exchange information securely with dozens, hundreds, or thousands of people securely without having to establish a separate password for every one of them.
The CA: Certification Authority
Generating keys is not that hard -- your Mac can do it if you enter a simple UNIX command in your terminal. However, in our case, keys will not only be used for encryption but for authentication as well.
Since, by definition, mail users should not trust the sender of the mail -- that can be impersonated easily -- we need a third person to tell them, "I have given the key to this person. Therefore, if you receive a mail with this key, you are dealing with this person." Of course, this is with the very important limitations we talked about above.
Therefore, you cannot generate the keys yourself, or the certificate would not have the authentication value it is supposed to have.
There are a few well-known certification authorities out there -- some will say too few, others too many -- and some of them even deliver the basic certificates that we want for free.
In a nutshell, they will perform some checks to "make sure" that you are who you claim to be -- usually by asking you precise personal questions -- and deliver a special signed pair of keys that you will use to sign and encrypt your mails.
Your recipients will then know that the keys are certified to be valid and will be more confident. The resulting signed public key is a "certificate."
Of course, to make sure that you are who you claim to be, these companies would need to perform more detailed checks: meet with you and ask you to show them your passport, for example. And that's exactly what they do!
Most of them deliver two kind of certificates. One that says "Yeah, we are 90% sure this person is who he or she claims to be" (and this is the certificate we are getting together today), and others that say "We are 99.99% sure this person is who he or she claims to be."
Open Source and Networks of Trust
You may have heard of a similar open-source system called PGP (Pretty Good Privacy) that delivers such keys. Unlike S/MIME, this system does not require that you ask for the certification of a third-party authority.
However, it requires that you rely on a network of people to whom you will show proofs of identification. Would you not meet other members of the group and show them your passport (or any other relevant document), the key you get is like any other homemade key.
With S/MIME, you still have to rely on a network of people to obtain 99.99% accuracy, but you can still reach a good level by dealing with your CA. Most CAs have their own network and can give you a list of people to whom you may want to talk to, so that they can give more value to your key pair.
Both PGP and S/MIME have their advantages, but S/MIME is widely used by companies and is probably far less intimidating for many people -- although this is only my personal opinion.
Serious About Cryptography?
Public key encryption and mail signing is a very complex subject if you want to learn the theory behind it. It is, however, as fascinating as it is complex, and I could not recommend enough an excellent O'Reilly book, Web Security, Privacy & Commerce by Simson Garfinkel and Gene Spafford.
It's an 800-page detailed look into all the aspects of what we are talking about today, while still being easily understandable by the average advanced user -- and experts will love it too.
Here is a (slightly adapted) quote from this book:
All that digital signatures prove is that the person or program signing the digital signature has access to a particular private key that happens to match a particular public key that happens to be signed by a particular certification authority. The goal of this identification system isn't to eliminate the possibility of impersonation but to reduce to acceptable levels the risk of impersonation and the resulting losses.
A big thanks to Simson Garfinkel for allowing me to reproduce it here.
Obtaining a Certificate
At first, obtaining a certificate seems complex; but actually, you only need to take your time and do things step-by-step.
As we have seen together, S/MIME requires that you obtain a certificate from a third-party certification authority. Since most Mac users will probably obtain their certificate from Thawte, I will use their web site as a basis for the next part of the tutorial.
There is no obligation. Thawte delivers email certificates for free and is widely seen as a serious company, belonging in fact to the huge VeriSign group. If you want to use another certification authority, simply keep in mind that you will be required to give accurate confidential information to them and you should therefore only deal with trusted partners. You should also take your local legislation into account, and make sure that you are authorized to obtain a certificate and use cryptographic methods in your country.
I have personally dealt with Thawte. However, I would like to say that I do not specifically recommend or endorse them. You be the judge.
Choose Your Tools
The certificate-obtaining process will happen over an encrypted connection. Therefore, it is required that you use a web browser capable of handling SSL in a solid manner.
Also, at the end of the process, you'll be given a certificate file. These files use a specific format that only a few browsers can understand. Unfortunately, Safari is not one of them.
Therefore, you may want to download Mozilla Firebird and use it to get your certificate. In my experience, Mozilla complements Safari nicely and I love the fact that, like Safari, it comes from an open source effort.
Installing Mozilla is a simple matter of drag-and-drop.
Connecting to Thawte
To go to Thawte's email certificate site, simply click here.
You may want to take a moment now and have a look at their FAQs and support pages, available from the menus located on the lefthand side of the page. These pages do not contain any breakthrough information, but they are quite well written and will probably answer most of your questions about certificates. Also, it is important to know the certification authority you are going to deal with as well as you can.
Their software pages do not mention Apple products or Mac OS X. There's no need to worry, however: the certificate you will get will be compatible with Mail and other Mac OS X mail clients.