E-Mail Encryption: Why Isn't Everyone Doing It?
Eric S. Johansson
Wed Oct 23 15:47:02 2002
Simon Josefsson wrote:
> carl w spitzer <firstname.lastname@example.org> writes:
>>While an estimated 900 million people use e-mail, few take advantage of
>>NewsFactor.com, Aug. 5, 2002
> Why isn't everyone doing phone encryption? Why isn't everyone
> encrypting their personal postal mail? Just because something is
> technically possible doesn't mean everyone should use it.
that's not an entirely fair answer. Phone encryption isn't done because
people have an unrealistic expectation of privacy. Same is true of
postal mail; it's an envelope, it can't be easily snooped. e-mail is
perceived as being hard to read on the wire because the end-user can't
see it except with their e-mail client.
I've often thought it would be "amusing" to capture e-mails in transit
to make them visible via a Web interface. Obviously one would need a
very good lawyer and plenty of $$ to defend yourself but it would get
the point across about e-mail not being private.
Now, more directly to Carl's question:
1) user interface sucks
2) users will barely tolerate a single password and a pass phrase is
just plain rejected
3) it's not integrated into the client delivered by the ISP
4) it's too much like work to dig up keys of the other person
5) the user interface still sucks
I'm encountering similar problems with the camram antispam system. I'm
trying to figure out how to train system without letting the user know
that they're the training system. It's a challenge getting the user to
do anything different.
As part of the camram system, I'm trying to address some of the
encrypted e-mail in transit issues. For example, I will be propagating
public keys as part of every message. I'm going to ignore the whole key
server infrastructure because it just won't scale (think one public key
per user per year, no revocation).
The next sacred cow to be slaughtered is I will not require any
passphrases. Yes, if an attacker gets in and steals the private key,
they can cause all sorts of mischief. The chances of the happening are
extremely low especially if we generate new keys on a regular basis.
there will be no user interface for the encryption system. It will all
work in the background. well, maybe there will be a geek/tinkerers user
interface but 99 percent of the users will ignore it.
now, nothing I'm doing will stop you from running the ugly-interface,
hard-to-use encryption system of today. but for the vast majority of
users, the system I'm working on will probably be good enough. Yes, it
has certain weaknesses (mitm, unprotected private keys) but that's OK.
If we can come up with a way to fix these problems without requiring the
naive user to change how they work, then so much the better. The
important thing is that the amount of encrypted traffic on the net would
go up and it would be indistinguishable from encrypted traffic using the