EVENT SNAPSHOT: ISOC-CH Happy Hour on email encryption

A small group of experts from ISOC-CH, the pEp (pretty Easy privacy) project, former Planck Security AG/SA, Cisco and Google gathered on Thursday, Oct 29 at L200 to discuss the last developments in the email encryption space, securing email, beyond the body to header protection. The cozy Happy Hour approach gave the base for a longer discussion which started by two input talks on the topic.

Input 1: The Motivation (why we should care about email encryption)

by Hernâni Marques (ISOC-CH)

The first talk by Hernâni Marques (ISOC-CH, formerly pEp) gave some motivational arguments for why it still matters to care about email encryption, given, e.g., the fact that email is still the most widely distributed identity system for services on the Internet, with virtually no service allowing a proper sign up without an email address which also has the advantage that pseudonyms can be used avoiding to (directly) reveal one’s identity. There was also emphasis put on the existing Mass Surveillance practices — over 10 years ago, former national security contractor Edward Snowden showed the pervasive nature of US-led Mass Surveillance. It can be assumed the existing practice got even reinforced in the meantime. Also Switzerland engages in practices of Mass Surveillance — a respective secret service law was approved with majority vote by the Swiss population, making the also mentioned cypherpunk movement’s core point real privacy for citizens, enterprises or even the very own government, can only be achieved by technical means, that is, using cryptography.

Input 2: Technical developments (the RFC 9788 standard)

by Bernie Höneisen (Ucom.ch / ISOC-CH)

On the second input talk, Bernie Höneisen (Ucom.ch / ISOC-CH) showed ongoing developments from the IETF space which aim at making email encryption more accessible and useful. Main focus was put on the latter part. Using S/MIME or PGP/MIME, emails can be protected body-wise. However, the protection of current email systems typically does not include the header section. But the latter may contain sensitive information; e.g. the Subject header field might give enough clues on what a communication is about (without even knowing the messages’ content). To also protect sensitive information contained in the header section of an email, the IETF recently published a new standard (RFC 9788). In addition to protecting header fields, the document provides means to protect against a few other attacks as well as mechanisms to avoid protected information inadvertently leaking to unprotected (parts of) reply or forwarded emails. As Bernie pointed out and as it can be seen in his slide deck, tests in the past showed that existing header protection attempts showed different kind weaknesses in rendering emails. This included artifacts like having to click on attachments to open an email or even getting nuisance warnings regarding security. Using RFC 9788, also legacy email clients can render the received message without major issues. RFC 9788 describes in details how emails with header protection are created, rendered and replied to in a secure and private manner. Furthermore it includes test vectors and a lot of other useful information. Along with RFC 9788, the IETF also published RFC 9787 providing guidance on End-to-End Email Security for implementers of email systems.

Open Discussion

The discussion following the above was vivid with every person present playing an active role able to talk at length, leading to a few non-obvious take-aways:

• People don’t seem to care a lot about email encryption, while the government even has legislation in place targeting that channel (in CH: BÜPF and NDG)
• The email system is a legacy system and (because of interoperability) difficult to fix
• end-to-end encryption (E2EE) in email is an exception, while most organizations, which use encryption, use S/MIME internally
• Other (popular) messaging systems failed at replacing email, and its letter rather than chat / office room character; in that sense subject protection, for setting a topic, is very helpful
• Encryption between email servers, which got momentum after Snowden revelations, like widespread HTTPS use, might be enough to solve “80% of the issue with 20% of the effort”, as one participant put; even though this not being a true E2EE solution.
• Companies hesitant to E2E email encryption due to legal requirement or preserving information after a employee moves on

About the event format

The Happy Hour format proved to be a nice way to discuss a topic in an easy atmosphere, with the social aspect playing a bigger role than normally, this by the soon break of the line between presenters and (interested). Happy Hours are a suitable format for events where ISOC-CH members want have to a topic discussed and elaborate on a topic with an expert group, and not just to present a piece of content without the expectation of much engagement.

The post EVENT SNAPSHOT: ISOC-CH Happy Hour on email encryption appeared first on ISOC Switzerland Chapter.