ME Compa
atibility S/MIM
Assessingg the compa
atibility and best practicces of using S/MIME en
ncryption GLOBALSSIGN WHITEE PAPER owler, Security Analyst Ben Lighto
GMO Glob
balSign Ltd www.globalsign.com.sg
www
w.globalsign..
GLOBALSIGN WHITE PAPER Contents
Introduction ...................................................................................................................................................................................... 3 WHy S/Mime Certificates? ................................................................................................................................................................ 3 S/MIME Compatibility ....................................................................................................................................................................... 3 Best Practices ............................................................................................................................................................................... 4 Encryption Strength vs. Compatibility ..................................................................................................................................... 4 Setting Algorithms and Recommendations ............................................................................................................................. 4 Trouble Shooting ..................................................................................................................................................................... 5 Backing Up ................................................................................................................................................................................... 7 Fig 1: S/MIME Email Client Compatibility Table ................................................................................................................................ 8 INQUIRE ABOUT SECURE EMAIL SOLUTIONS ............................................................................................................................... 9 ABOUT GLOBALSIGN .................................................................................................................................................................... 9 www.globalsign.com.sg
Page 2 GLOBALSIGN WHITE PAPER INTRODUCTION
Many organizations, both large and small, face difficult choices when considering secure data transfer between stakeholder groups. Virtual teams made up of internal colleagues, outside partners and even potential clients find a need to collaborate effectively and securely, requiring cost effective ways to authenticate the integrity of data they receive but also the need to maintain confidentiality. This is especially true with data transmission systems using the open Internet to relay e‐mail and storage being so freely available in the “cloud” to collaborate (Google Docs, Dropbox etc). Now more than ever, data protection is one of the biggest concerns for CISOs and heads of security with solutions needed to cover the encryption of data either at rest or during transmission to other parties. Within this white paper we will be highlighting the use of S/MIME certificates as a solution; providing a way to maintain confidentiality, as well as proving the integrity and origin of emails and their authors. Although there has never been a want or a desire for sensitive information to be exposed, many organizations risk exposure by using insecure channels to transmit data. Password protecting ZIP files still requires the secure transfer of the password and the ever‐present problem of accidentally forgetting to protect a ZIP file prior to transmission. In recent times the need to encrypt sensitive information including the e‐mail text content itself has grown in prominence. As the world moves data storage and communications to the ‘cloud’ and assets become available ‘remotely’ extra dimensions are added to the threat model. However, this new added convenience need not require a compromise in security. Provided that the correct standard of encryption has been implemented, even if data has been intercepted, it cannot be exposed, modified or manipulated. S/MIME or Secure/Multipurpose Internet Mail Extensions is the industry standard for public key encryption for MIME based data. S/MIME Encryption provides Message integrity, authentication, privacy via data encryption and non‐repudiation via digital signatures. S/MIME is a standard tracked by IETF and now defined by several RFC’s 3851, 3850, 3370, and 3369. S/MIME works by using a data envelope to surround the data entity which is inserted into a PKCS7 MIME Entity (when encrypting). www.globalsign.com.sg
WHYS/MIMECERTIFICATES?

Prevent tampering of email content 
Prove message origin 
Prevent exposure of email content 
Flexible & secure communication S/MIMECOMPATIBILITY
The S/MIME protocol occupies an ever‐evolving space in the communications spectrum. Over time it has proven to be robust enough to cope with an array of different environment preferences and requirements. It is for this reason that browser‐based web client implementations, as well as desktop and server implementations, must be able to work with each other in this regard. This is where, to a certain extent, the system can develop a few pitfalls as it’s not always possible to meet future needs and past desires with the same settings. Due to the timeframes involved in product development and mismatched release cycles between different vendors, there appears to be no universal standard. Best practice at the time often moves the goal posts, with increased security sometimes being achieved at the expense of maximum compatibility. Algorithms used for digital signatures, for example hashing, have moved forward in recent years (from MD5 to SHA1 and now onwards towards adoption of the SHA2 family). In much the same way the RSA asymmetric key length necessary for signing has moved from 1024 to 2048 bit. Encryption too has now moved away from triple DES (3DES) to various strengths of AES (The Advanced Encryption Standard). Unfortunately in the case of unmodified email clients of different ages this can cause frustration where authors and recipients are unable to decrypt messages. A comprehensive summary into these issues can be seen in the Fig 1 at the end of this paper with conclusions offering a choice. One concern is that the value of email encryption seems to have been greatly underestimated, especially with so many recent high profile attacks against e‐mail service providers. Personal users with concerns over privacy and Page 3 GLOBALLSIGN WHITE P
PAPER corporate users with concerns over confide
entiality need to net as the transp
port mechanism realize that using the Intern
for e‐mail iss equivalent to sending a postcard by snail mail. In the case o
of the postcard, anyone involved in the deliveryy chain is able
e to intercept an
nd read the conttent – at the sorting officce and right up to the letterbox iitself. Given that it’s obvvious never to se
end a postcard w
with confidentiall details in plaain text, why should an email be
e any different? Malicious ussers can monitor emails quite frreely and the authors are none the wiser.. BestPra
actices
Research into the strengthss and weakness o
of S/MIME compatible email clients has yielded certain
n recommend
dations of best p
practices when u
using certain applicationss. In sim
mple terms, the cchoice is down tto the user’s speecific needss. If the requirem
ment is maximum security over a long perio d of time, selectting the strongest and most robust algoriithm available iss the sensible ch
hoice. If the requi rement of the uuser is based in the short term and the primaary concern is cleear authenticatiion, then the old
der and moree proven algorithhms would be m
more suitable. SettiingAlgorithm
msandRecom
mmendationss
For o ptimal compatibbility settings, Outlook 2011 for Mac OS X users should sett their email seccurity settings to
o SHA‐1 ng algorithm and
d 3DES encryptin
ng algorithm for
r signin
comppatibility or AES‐‐256 for greater security. These settinngs can be locateed through Outlook‐> Preferencces‐> Accouunts‐> Advancedd‐> Security tab.. Encryptio
onStrengthv
vs.Compatibility
For almost aall mail clients users have the op
ption to set both the siggning algorithm aand the encryption algorithm. When selecting signing algo
orithms it can be
e tempting to hm available at tthe time. In the utilize the sttrongest algorith
case of Outllook 2010 this w
would be SHA‐25
56 up to SHA‐
512. While this might be re
eassuring, the ne
egative implicationss on compatibilitty can greatly ou
utweigh the benefits of tthe stronger enccryption, as high
hlighted in Fig 1. While options of algorithmss are more limite
ed in legacy versions, this does mean they are insecure.. The signing algorithm SHA‐1 (recommended below) is ccurrently etween ubiquitous compatibilityy striking the best balance be
h. and hash alggorithm strength
The other option available tto most mail clie
ent users is the encrypting aalgorithm. In this case it is the re
ecommendation
n of this autho
or to use the strrongest where possible. It was during the rresearch that pro
oduced that table below, see Fig 1, that th
he strongest enccryption possible
e was almost always used
d; 3DES in the caase of legacy clie
ents and AES‐
256 for morre modern mail cclients. This is no
ot to say that the encryption algorithms aavailable to older mail clients ndard. Users sho
ould not feel parranoid or are sub‐stan
insecure wh
hen utilizing the 3DES algorithm as their strongest en
ncryption algoritthm option. Thiss option is just as viable in a situation wherre certain compaatibility is called for. www.globalsign.com.sg
www.globalsign.com Outloook 2007 users ccan locate their eemail security seettings throuugh Tools‐> Trustt Center‐> E‐mail Security Tab‐>> Settinngs. As with Outtlook for Mac thee recommended
d settinngs are SHA‐1 siggning algorithm and 3DES encryypting algoriithm as shown bbelow. Page 4 GLOBALLSIGN WHITE P
PAPER securrity settings throough in Outlook via File ‐> Options‐> Trust Center Settingss‐> Email Securitty Tab‐> Settingss. Ideallly the Hash algorithm should bee set to SHA‐1 an
nd the encryypting algorithm AES (256‐bit). Thunderbird
d users will find that their email security settings are limited to the p
point where the option to change the signing and encrypting algorithm
ms is not available. Mail users can find the email secu
urity settings Mulberry M
through File
e‐> Preferences‐> Advanced Rad
dio button‐> Security Tab
b. For the highesst level of compaatibility available maake sure the ‘Usse MIME Multipaart Security with
h PGP’ is ticke
ed and for ease o
of use make sure
e the automaticallly verify and decrypt messages when opened options are ticked. The foollowing are a coouple of points tto avoid a few comm
mon issues. The first point is to aavoid an encrypttion flaggiing error, ensuree that the ‘send clear text messaages’ is tickedd. This option caan be located in Outlook via File ‐> Optioons‐> Trust Center Settings‐> Em
mail Security Tab
b as show
wn below. Trou
ubleShootingg
Outloook 2010 users m
might find the reecipients of theirr encryypted emails unaable to decrypt tthem. The follow
wing is a fix tthat Microsoft has released to address this prob
blem. The next secction is aimed att Outlook 2010 u
users. To check your hashing and encrypting algorithms, loccate the www.globalsign.com.sg
www.globalsign.com 11.
Start Registtry Editor: Start ‐> Search ‐> regedit 22.
Locate and then click to select the followin
ng registry subkey: HKKEY_CURRENT_U
USER\Software\M
Micros
oft\Office\114.0\Outlook\Seecurity 33.
Note Create the \Security rregistry subkey iif it does not exxist. 44.
Right click ‐‐> new ‐> DWOR
RD(32bitValue)
Page 5 GLOBALLSIGN WHITE P
PAPER 5.
Ad
dd the followingg registry data to
o the this ke
ey: Value name: UseIssuerSerialNumber Value daata: 1 (0x00000001 (1)) 6.
Close regedit and Restart Outlookk. es the method byy which emails This quick fiix simply change
are encrypted. Rather than
n using the newe
er Subject Key Identifier (SKI) method for e
encryption, Outlook will revert to using the
e Serial Number (S/N) of the certtificate. While SKI offers an
n advantage in that multiple ‘re‐‐issued’ certificates could all have th
he same SKI (SKI is a SHA‐1 hash
h of the public key) rather thaan being tied to a unique S/N, it is not yet widely used by other email clientss and operating systems. Th
his is described in RFC 5652 and implemented in the Crypttographic Message Syntax (CMS). For m
more info please visit Microsoft K
Knowledgebase article ‐ httpp://support.microosoft.com/kb/21142236 Anothher issue potenttially affecting O
Outlook 2010 useers is an atttachment error. It could be thee case that MAC OSX userss (even those usiing Outlook for M
MAC) receive winm
mail.dat attachmeents as shown b
below. This isssue is caused bby the sender (An Outlook 2010 user), using g an email formaat known as ‘Rich
h Text’. To temp
porarily changge this option onn a message by m
message basis th
he optio n is available unnder the Format Text tab when compposing a new meessage. www.globalsign.com.sg
www.globalsign.com Page 6 GLOBALLSIGN WHITE P
PAPER Or to changge this option on a permant basis the option can
n be located tthrough File‐> Options‐> Mail‐> Compose Messages heading‐> Compo
ose messages in the this format. mended to have this option se to
o either Plain It is recomm
Text or HTM
ML. Backing
gUp
It is highly recommended th
hat when using aany Digital Certificate aand Public Key, tthat you make a backup of your Certificate aand Private Key. Windows users may create a back up in the form of a PKC
CS#12 (.pfx) password protected fiile. To do this, o
open Internet Explorer in administrator mode (this prrovides the nece
essary permissionss for private key exporting) and ffor all versions previous to IE 9 locate the ttrust store throu
ugh Tools‐> Internet Options‐> Content‐> Certificates. O
Open IE 9, again
n in administrrator mode, and locate the certificate store through the
e cog icon in the top right hand ccorner of your browser the
en ‐> Internet Op
ptions‐> Content‐> Certificates.
www.globalsign.com.sg
www.globalsign.com Next select your Certtificate from the Personal tab an
nd click the ‘eexport’ option. SSelect the ‘makee private key exporrtable’ radio buttton and follow tthe export wizarrd. Once you have backeed up the Certificcate, the issuingg Certifficate and have tthe PKCS12 file aavailable to you, place it on aa removable meedia device of yo
our choice and sttore it in a seecure location.
Page 7 GLOBALLSIGN WHITE P
PAPER FIG1:S/
/MIMEEMA
AILCLIENT
TCOMPATIBILITYTAB
BLE
www.globalsign.com.sg
www.globalsign.com Page 8 GLOBALSIGN WHITE PAPER INQUIREABOUTSECUREEMAILSOLUTIONS
To learn more about GlobalSign S/MIME solutions, please visit http://www.globalsign.com/authentication‐secure‐email/ or contact us for further information. We would be happy to discuss your specific requirements. ABOUTGLOBALSIGN
GlobalSign was one of the first Certification Authorities and has been providing digital credentialing services since 1996. It operates multi‐lingual sales and technical support offices in London, Brussels, Boston, Tokyo and Shanghai. GlobalSign has a rich history of investors, including ING Bank and Vodafone. Now part of a GMO Internet Inc group company ‐ a public company quoted on the prestigious Tokyo Stock Exchange (TSE: 9449) whose shareholders include Yahoo! Japan, Morgan Stanley and Credit Suisse First Boston. As a leader in public trust services, GlobalSign Certificates include SSL, Code Signing, Adobe CDS Digital IDs, Email & Authentication, Enterprise Digital Solutions, internal PKI & Microsoft Certificate Service root signing. Its trusted root CA Certificates are recognized by all operating systems, all major web browsers, web servers, email clients and Internet applications; as well as all mobile devices. Accredited to the highest standards As a WebTrust accredited public Certificate Authority, our core solutions allow our thousands of enterprise customers to conduct secure online transactions and data submission, and provide tamper‐proof distributable code as well as being able to bind identities to Digital Certificates for S/MIME email encryption and remote two factor authentication, such as SSL VPNs. Singapore
Australia
Hong Kong
GMO GlobalSign Pte. Ltd
GMO GlobalSign Australia
GMO GlobalSign Hong Kong GMO GlobalSign Thailand
www.globalsign.com.sg
[email protected]
www.globalsign.com.au
hk.globalsign.com
th.globalsign.com
[email protected] [email protected] [email protected]
Thailand
www.globalsign.com.sg
Page 9