[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Encrypted SMTP (was Re: wish list)

To: securedistros@nl.linux.org
Subject: Re: Encrypted SMTP (was Re: wish list)
From: Sandy Harris <sandy.harris@sympatico.ca>
Date: Sun, 13 Jun 1999 18:10:54 -0400
References: <199906071907.EAA13354@fiend.securesys.com.au> <m3lndwurfo.fsf@k6.jhcloos.com> <199906071311.SAA09933@bhairavi.newdelhi.sgi.com> <ppw7lpfzhgm.fsf_-_@pixie.mit.edu>
Reply-To: securedistros@nl.linux.org
Sender: owner-securedistros@humbolt.nl.linux.org

Ray Jones wrote:

> > Anyhow, I feel that it's more important to have user-level mail
> > encryption rather than system- or connection-level encryption.  Not
> > that the latter is not important!

Both are important, but they have different functions.

>  However, the arguments are:
> >
> > 1.  System- and connection-level encryption is a massive load on the
> > CPU.  If all (or most) of your SMTP connections are encrypted, which
> > is presumably what we're aiming for, then your CPU will be doing
> > nothing except handling 20 open SMTP connections at any given time.

A 486/66 at half load handles 3DES for a T1.
http://www.xs4all.nl/~freeswan/freeswan_trees/freeswan-1.00/doc/glossary.html#3DES

[snip]

> *Not using encrypted communication when it's available is almost
> always the wrong thing.*  It gives the eavesdropper a strong hint that
> they chould concentrate their resources on the encrypted
> communication.  You've leaked a single bit of information, but it's
> one with high value.  It's also an invitation to accidentally send
> something in the clear when you meant to encrypt it.
> 
> > Keeping this in mind, I'd rather focus on user-level security,
> > i.e. PGP, GnuPG or an equivalent.  There the user has the choice of
> > whether to encrypt the message or not, and privacy is much much
> > higher.  In other words, encrypt the payload and let the connection
> > take care of itself.
> 
> These methods are less than optimal because they fail to hide as much
> information as they should.  Mail headers are for the most part left
> in the clear.  Traffic analysis is in many cases more important than
> content analysis.  Fully encrypted exchanges are one step closer to
> where you want to be.  (Mixmaster/Onion routing goes even further...)

IPSEC can encrypt everything passing over an untrusted network.
Linux IPSEC distribution is at:

http://www.xs4all.nl/~freeswan

With correct configuration and usage, this can provide some resistance
to traffic analysis. You need some form of anonymus routing protocol
as well to really defeat traffic analysis, though, and IPSEC does not
provide that.
-
Securedistros: A common list for all secured Linux distributions
Archive:       http://humbolt.nl.linux.org/lists/

Follow-Ups:
- Re: Encrypted SMTP (was Re: wish list)
  - From: Ray Jones <rjones@pobox.com>

References:
- Re: wish list
  - From: John <john@fiend.securesys.com.au>
- Re: wish list
  - From: "James H. Cloos Jr." <cloos@jhcloos.com>
- Re: wish list
  - From: Raj Mathur <raju@sgi.com>
- Encrypted SMTP (was Re: wish list)
  - From: Ray Jones <rjones@pobox.com>

Prev by Date: Re: Wish List,
Next by Date: Re: Encrypted SMTP (was Re: wish list)
Prev by thread: Re: Encrypted SMTP (was Re: wish list)
Next by thread: Re: Encrypted SMTP (was Re: wish list)
Index(es):
- Date
- Thread