<http://www.newscientist.com/article.ns?id=dn6865&print=true> New Scientist Simple snoop-proof email launched 16:04 11 January 2005 NewScientist.com news service Will Knight Software that aims to make encrypted email communications simple enough for even computer novices to use was released on Tuesday. Encryption is the science of securing communications against eavesdropping by converting the content of a message into a code, or cipher, which can only be unlocked using a secret "key". But modern cryptography often involves using complex mathematical algorithms and convoluted key exchanges to protect messages against skilled code-crackers. Ciphire, developed by Ciphire Labs in Munich, Germany, uses a technique called "public key cryptography" to sign and encrypt email messages. Once loaded on to a computer hard drive the software performs all of the complex tasks involved behind the scenes. Ciphire also works with almost any email software client - like Microsoft Outlook, for example - without requiring prior configuration. "The real benefit is the ease of use," says Laird Brown, chief strategist at Ciphire. "Everything is automated, so it's much like a virus scanner. It just sits quietly in the background." Brown told New Scientist the security of the system has also undergone rigorous testing. "From a security perspective, we've taken it as far as we can," he says. The program is being offered free for non-commercial use and can be used by companies for a licence fee. Virtual invisibility Once installed on a PC, Ciphire runs in the background in conjunction with an email client program. It intercepts email after the "send" button is pressed but before the email leaves the computer, and intercepts incoming email before it is formally received by the email program, making it virtually invisible to the user. The program automatically manages the creation of a set of public and private cryptographic keys, simply prompting the user for a password from which the keys are generated. The public key is sent to Ciphire's servers and the private one is stored safely on the user's machine. The two keys are mathematically linked in such a way that two independent parties can communicate securely without first exchanging secret keys. A private key can be combined with another person's public key to create an encrypted message that can be deciphered using the corresponding public and private pair. Each time a message is sent Ciphire checks with its servers to see if the recipient already has their own public key. If they do, the program uses this to encrypt the message. At the other end of the exchange, the recipient's version of the program should automatically retrieve the sender's public key and perform the necessary decryption. If the recipient does not have a key pair the program simply "signs" a message - this key allows the recipient to confirm an email's authenticity but does not protect it from eavesdroppers. Unique signatures The keys kept on Ciphire's servers are also utilised to generate coded signatures unique to the content of each email message sent using the system. If the content of a message is intercepted and altered somewhere between being sent and received - this signature will not be the same, alerting users to the tampering. Brown says this makes it virtually impossible for anyone - including Ciphire itself - to change keys without users becoming aware. Ciphire had several independent cryptography experts audit the software and made modifications based on their recommendations. Russ Housley, of US company Vigil Security, who performed a study of the software, says that it stood up to scrutiny. "The security provided by Ciphire is very robust," he told New Scientist. "In every situation, the designers have chosen the strongest possible cryptographic algorithms and the longest possible key sizes." Housley notes that Ciphire combines several encryption algorithms. This means messages should remain secure even if a fundamental flaw should emerge in one of the algorithms. "This is like holding your pants up with both a belt and suspenders," he says. "If one fails, your pants still stay up." But Housley adds that the main advantage of the software is its simplicity. "If it is difficult to use, then it will not be used," he says. "Transparency is vital for acceptance by users." -- ----------------- R. A. Hettinga <mailto: rah@ibuc.com> The Internet Bearer Underwriting Corporation <http://www.ibuc.com/> 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'