Monday, February 1, 1999

Email and the encryption conundrum


By Victor Woodward

The US has had its share of debates surrounding encryption. Should cryptographic methods include a "spare key" that allows law enforcement officials to read the scrambled data? Should the best, most powerful encryption tools be sold overseas? What is the line between personal privacy and corporate or national security?

The increased use of email to transport sensitive information, the rapid growth of e-commerce, and the rise of computer-based crime are all factors driving the strong market demand for robust cryptographic solutions. The problem (outside of the troubling issue of government meddling) lies in finding a solution that fits the needs of your organization. There are policy issues, standards issues and usage issues. This article takes a brief look at the issues that are relevant to Notes and Domino administrators. Specifically, it addresses the issue of how encryption fits into a comprehensive content security solution.

An encryption primer

Encryption involves the conversion of data into a secret code for transmission over a public network. The original text, or "plaintext", is converted into a coded equivalent called "ciphertext" via an encryption algorithm. The ciphertext is decoded (decrypted) at the receiving end and turned back into plaintext.

The encryption algorithm uses a key, which is a binary number that is typically from 40 to 128 bits in length. The data is "locked" for sending by combining the bits in the key mathematically with the data bits. At the receiving end, the key is used to "unlock" the code, restoring it to its original binary form.

Secret versus public key

There are two cryptographic methods. The traditional method uses a secret key, such as the DES standard. Both sender and receiver use the same key to encrypt and decrypt. This is the fastest method, but transmitting the secret key to the recipient in the first place is not as secure.

The second method is public-key cryptography, such as RSA, which uses both a private and a public key. Each recipient has a private key that is kept secret and a public key that is published for everyone. The sender looks up the recipient's public key and uses it to encrypt the message. The recipient uses the private key to decrypt the message. Owners never have a need to transmit their private keys to anyone in order to have their messages decrypted, thus the private keys are not in transit and are not vulnerable.

Sometimes, both DES (Data Encryption Standard) and RSA (a form of encryption named after its authors: by Ron Rivest, Adi Shamir, and Leonard Adleman) are used together. DES provides the fastest decryption, and RSA provides a convenient method for transmitting the secret key. Both the DES-encrypted text message and the secret key needed to decrypt it are sent via the RSA method. This is called a digital envelope.