Traditional certificate-based S/MIME email encryption is “end-to-end.” Encryption and Decryption is done at the mail client level. This technique provides excellent confidentiality and authenticity since the emails are stored encrypted on the email server and clients. However, there are significant difficulties to S/MIME implemented at the mail client level.
- Private Key Access: Because the emails are stored S/MIME encrypted at-rest, and the decryption is done ad-hoc on the mail client, EACH mail client needs to have access to a current copy of the user’s private key to decrypt the message. So, every workstation, laptop, smartphone, etc. must have access to the user’s current private key to read messages. Webmail based access further complicates reliable message access to S/MIME stored emails in a user’s inbox.
- Public Certificate Distribution: To encrypt an email to another person, the sender (S) needs the public certificate of the recipient (R). Traditionally, any inter-organization S/MIME email would require that R first sends a digitally signed email to S so he can capture R’s public certificate. Only then can S send an S/MIME encrypted message to R.
- Email Archiving: Because the emails are encrypted in the mail server, they will also be archived encrypted as well. This necessitates that the archive or eDiscovery solution either (1) must have access to each users’ private keys to access the messages in the future, or (2) the mail clients themselves must decrypt and push the messages to the archive. Neither of these solutions are optimal, and also go against best practices for private key security.
- Key Rotation: As a user’s public certificate expires (usually yearly), they must be reissued. Although the process itself is trivial, it can present two large hurdles: (1) How can the user access old encrypted emails in the inbox after they update their key (they must archive all of their previous private keys), and (2) How will a sender know what public certificate to use when a user has updated their private key, either due to a compromise or periodic ‘rotation’? They must be informed of the user’s new public certificate, and there will be a period when the user will receive some emails encrypted with their expiring key and others with their new key.
- ‘Sent’ Folder: Despite all these efforts to keep messages encrypted at rest on the mail client and server, there is still a weak point in the chain: The ‘Sent’ mail folder of the sender. Most often, S/MIME messages are stored plain-text in the Sent folder on both the mail server and the local mail client. The only alternative is to encrypt the messages separately with the public key of the sender and store that in the sent folder. But this process is cumbersome and isn’t the intended purpose of S/MIME: to provide email confidentiality and authenticity (among other things) to emails in transit.
So, what is the solution to all the pitfalls with end-to-end S/MIME?
(1) Use a gateway-level solution for S/MIME encryption and signatures.
(2) Secure your archives, mail server, and mail client data (possibly with folder or system level disk encryption).
Note: These recommendations are part of those published by the National Institute of Standards and Technology (NIST) in their publication in section 22.214.171.124 of Special Publication 800-177 “Trustworthy Email”
Here are the corresponding advantages:
- With a gateway solution, you no longer need to have private keys spread amongst many devices, possibly stored with unprotected or weak passwords (or stored on systems that have been compromised with spyware). All private keys for your organization can be stored encrypted on one hardened server system, behind your corporate firewall.
- Public certificates can be stored and accessed from a centralized server, available to all. A common gateway can publish all user’s public certificates, and automatically update the repository with the latest certificate when revocations or reissues are necessary.
- Archiving and eDiscovery solutions have no issues capturing and indexing emails from the mail server since S/MIME encryption/decryption takes place at the server level; the mail server does NOT store S/MIME encrypted messages.
- Key rotations and reissues can be done all at once on the server. Since the public keys are published and available for other parties, they will automatically receive the new public key after a reissue.
What about ‘Data at Rest’?
When employing a gateway level S/MIME solution, it is vital that your email infrastructure follows data security best practices. Data at rest should be protected at the mail server level and the mail clients either through a disk-based encryption solution or other means of tight access control. All connections such as IMAP between the client and server, and SMTP between the server and encryption server/service MUST be TLS encrypted. This is easily implemented and should already be part of any organization’s security posture if they’re handling sensitive or regulated data.
S/MIME is a fantastic tool for provide information security email communications. But all too often the hurdles presented by conventional end-to-end S/MIME make it a non-starter.
GlobalCerts has been successfully implementing a truly seamless, turn-key, gateway level S/MIME solution since 2002. Medical organizations, financial institutions, and state governments all use our solution to leverage S/MIME encryption that just works. We use a DNS-based, patented infrastructure called SecureTier™ to publish all users’ public certificates, and automatically update this repository with the latest certificate when revocations or reissues are necessary.
Our SecureMail Gateway™ servers automatically leverage SecureTier to S/MIME sign and encrypt emails to other users, anywhere in the world. Our solutions automatically decrypt inbound messages and examine their digital signatures to ensure that messages originated from the indicated sender, and that the content has NOT been modified in transit. An easy to read footer is attached to all S/MIME messages to show the recipient that the message was secured and verified. GlobalCerts takes the headache out of email security by providing its customers with a completely automatic, seamless email security solution.