Electronic mail and Electronic Signature

Email is poorly secured and therefore it is an untrusted way of communicating. Electronic signature technology based on personal certificates helps you resolve this situation.

Why Sign Emails?
Emails at a Glance

Email Scheme

Weaknesses of Email
People vs Email Addresses

  • Does alice@a.org really belong to Alice?
  • Did Alice really write the message?
  • Did or did not Bob change the message from Alice?
  • Encrypting messages and even their transfer is optional:
    • Did or did not any of smtp.a.org, mx.b.org, pop3.b.org or imap.b.org servers change the message from Alice?
    • Did or did not someone else change the message during the transfer?

How Does an Electronic Signature Work?

Electronic Signature

A secure electronic signature provides following guarantees:

  • document integrity – you can see if a document has changed since it was signed to see if the document is authentic,
  • signatory identification – identity statement,
  • signatory authentication – identity verification
  • indisputableness – the undersigned person cannot deny that they have made the signature.
  • recognized electronic signature – is recognized for communication between a citizen and state authorities, as it must meet the statutory requirements:
    • It uses qualified certificate issued by accredited certification authority.

What the Electronic Signature Does Not Serve for

Electronic signature does not provide the following guarantees:

  • confidentiality – anyone unauthorized may not be able to read the content of the document,
  • authorization – permission to perform certain actions,
  • verification of creation time – time is taken from the system clock.

Asymmetric Cryptography

Asymmetric Cryptography – operates with two different keys (private and public), between which a specific relationship is, which allows verification and ensures that the private key cannot be obtained by knowing the public key.

  • private key – used to create a signature and uniquely identify the signatory, it must be securely retained only by the signatory,
  • public key – used to verify the signature and determine who the signature belongs to, it is necessary to distribute it among the recipients of signed documents.

Certificates

Personal certificates – an electronically signed confirmation from a trusted third party, documenting what person the public key belongs to:

  • Qualified Certificates – The requirements, their content, the method of reviewing the identity of the owner and the liability for these findings are defined in the law;
  • Commercial’ Certificates – no statutory requirements,
  • Self-signed Certificates – the issuer of the certificate is the same as the certificate holder.

Credibility – how much you can trust the information in the certificate.

Restriction of Usage – signing/encryption of messages/documents.

Certificate Storage:

  • for trusted vs untrusted certificates;
  • system vs application storage;
  • cloud storage usually contains ‘pre-approved’ certificates.

Certification Authorities (CA)

Certification Authority -a certificate issuer:

  • verifies the identity of the signers, if they own the public key and whether they have control over the private key,
  • maintains a list of revoked certificates and verifies the validity of certificate revocation requests.

Types of CA:

  • Qualified CA – they may issue qualified certificates and has statutory requirements for its operation.
  • Accredited CA – the state has verified compliance with legal requirements.
  • Commercial CA’ – issues “commercial” certificates.
  • Tree Organizational Structure: root CA (‘self-signed’ certificate) and subordinate CA.

PKI – Public Key Infrastructure

Centralized system, where certificates are issued by certification authority and credibility of certificates and distribution of their public keys is solved by using “chain of trust”:

  • If I trust the root CA (certificate of the root CA),
  • then I trust all subordinate CAs (certificates of subordinate CAs),
  • and so I trust all the personal certificates they issue,
  • and any electronic signatures they create.

StandardsX.509 (content and coding) and PKCS (containers):

  • PKCS #12 – certificate, private key and intermediate certificates,
  • PKCS #7 – message signature and certificate chain.

Certificate’s Credibility:

  • certificate is trusted,
  • certificate is untrusted,
  • not enough information to evaluate the trust of the certificate.

PGP – Pretty Good Privacy

Decentralized system in which users self-issue certificates and trust certificates using “web of trust”:

  • If I trust the user (or their personal certificate),
  • I sign their certificate with my private key (to my certificate),
  • This creates a complex network of relationships and trust between people.

Certificate’s Credibility:

  • certificate is most trusted
  • certificate is fully trusted,
  • certificate is partially trusted,
  • certificate is untrusted,
  • not enough information to evaluate the trust of the certificate.

Creating and Verifying an Electronic Signature
Hashing and Collision Documents

Hashing – creating a fingerprint (hash value) with a fixed size using hash function from arbitrarily large data:

  • even a small change in the document results in a significant change in hash value,
  • finding two documents with the same hash value(collision documents) is actually very difficult,
  • finding a collision document to that given document is even more difficult.

Resolving issue with collision documents:

  • “Continuous strengthening”of cryptographic algorithms and hash functions used for signing
  • Restricting the validity of certificates and thereby limiting the length of time it is possible to verify an electronic signature

Signing Process

The electronic signature is number, which is the result of the implemented program (asymmetric cryptography), entered by:

  • hash value of signed document – the signature is dependent on the document and can detect its change,
  • private key – signature is individual,
  • time information – to validate the certificate when signing.

To attach an electronic signature to a document:

  • internal electronic signature – must support the data format, including multiple signatures, the signature is always available,
  • external electronic signature – any data can be signed, a more complicated solution of signature-signed data relationship.

Signature Verification Process

  • Signature validity: valid vs invalid vs validity unknown.
  • Necessary conditions for signature validity:
    • document integrity intact – otherwise invalid
    • personal certificate is valid (at the moment of assessment):
    • validity has not expired – otherwise validity unknown
    • not invalidated – otherwise invalid
    • all intermediate certificates are valid:
      • validity has not expired – otherwise unknown
      • not invalidated – otherwise invalid

Signature Verification Process – Steps

  1. Document Integrity Verification:
    • new fingerprint (hash value) is detected from signed document (hashing)
    • the original fingerprint of document by calculating from electronic signature and public key (asymmetric cryptography) is detected
    • the new and original fingerprints are compared.
  2. It verifies that the certificate has not been revoked
    • OSCP – Instant Verification of Certificate Revocation,
    • CRL – List of All Revoked Certificates that can be updated with a delay.

Electronic Signature and Email

Only the message body is signed:

  • header information (recipient, sender, subject) not guaranteed

Message signature implementation:

  • S/MIME – PKI-based mail signing by sender:
    • compound message using MIME (multipart/signed)
    • signature as attachment: smime.p7s (Content-Type: application/pkcs7-signature).
  • PGP/MIME – PGP – based sender signature of mail:
    • compound message using MIME (multipart/signed),
    • signature as attachment:signature.asc (Content-Type: application/pgp-signature).
  • DKIM and ADSP – mail signature and authentication on server:
    • It verifies that the given mail comes from that particular domain,
    • policy on how the recipient should handle unsigned messages.

Mail client with S/MIME or PGP support (see Wikipedia for list).

Conclusion

Secure electronic signature enhances the trust of communication through mail using:

  • message integrity violation detection,
  • Identification and authentication of the signatory.

At VŠE, it is easy to obtain TCS personal certificates applicable to:

  • signing messages and documents,
  • encrypting messages and documents.