Introduction to Electronic Certificates – Part II
In this article we will be discussing the generation of X.509 certificates. We will learn the companies that offer them. In addition, we will cover the basics of security keys and be shown how to use them for everything we do, to even come close to the term “safe”. We will also learn of the services of which company worth using. And maybe eventually I can explain the idea of encrypted e-mail, using both available technologiesand signed messages inline?
Where to Get an X.509 Certificate
The short answer is – you can buy it. Polish institutions issue a CA certificate valid for one year for about 50 zł + VAT. Every year you have to renew it for half that amount. Certification applies only to a single email address. If we want to sign outgoing mail from multiple accounts, each address must buy a separate certificate.
If we do not want to pay for a certificate that identifies us on the Internet, we can get it for free in one of several certifying sites: Thawte Consulting, CAcert.org or Comodo. Free e-mail certificates operate identically to paid, in addition to price is an additional important advantage: you can get a certificate for each email address that you use. This allows you to digitally sign mail from different accounts, such as home and work.
The company Thawte (pronounced like the English word “thought”) was established in South Africa and is now the second largest certification authority in the world. In 1999 it was bought by the market leader VeriSign. Thawte offers free e-mail certificates, and to get them we need to register on the website, fill out the application and answer the test e-mail to verify our address. Because at this stage Thawte is not able to find our identity, the issued certificate will contain only the e-mail address and name rather than a description of the “Thawte freemail Member”.
Obtaining a personal certificate requires additional steps. Thawte coordinates an international network of associates, called “notaries”, acting on assumptions similar to those in the PGP web of trust. Thawte notaries verify the identity of the people who want to put their name on the certificate. This requires a personal meeting with the notary, along with two identity documents of which they will keep a photocopy on file for 5 years. If the data are consistent with the base Thawte, the notary confirms this fact and gives the trainee “trust points”. Depending on experience, the notary may grant from 10 to 35 points. A person who has accumulated at least 50 points may have their full name put on the certificate. As you can see, Thawte recognizes the identity of the person to be confirmed by at least two representatives.
Thawte Personal mail certificates are valid one year, after the expiry date, validity needs to be extended.
Update: In November 2009, the company failed to issue registered Thawte email certificates and coordination of networks of notaries. All previously issued certificates were revoked.
CAcert.org is a community based in Australia. Their policy of issuing certificates of registered e-mail is very similar to Thawte. Registration in the system and the response to a test e-mail is enough to get an “anonymous” certificate of only the mailing address. Instead of the names of places, CAcert comments with “CAcert WoT User”. Identical to Thawte, the name becomes part of the certificate after verification of the identity by the few trusted people, called here the controllers (or assurers). After a personal meeting and establishing the applicant’s identity, the controller gives the applicant 10 to 35 points. To obtain a personal certificate requires 50, and the applicant becomes CAcert with at least 100 points.
CAcert is found in Poland less than Thawte controllers, but meeting a few of them in big cities will rather not be a problem. The author of this article confirms the identity of the two networks – I am a Thawte notary and a CAcert controller.
Thawte or CAcert?
For most users Thawte certificates will be more attractive. Thawte’s signature is recognized by all major email programs, regardless of the hardware platform and operating system (actually Thawte is one of the oldest and reputed to be the best in the world of certification bodies).
In contrastto Thawte, CAcert.org for most browsers and email programs is not a trusted CA. The recipient of the letter signed with a CAcert certification will be warned of this fact by their e-mail program. A number of people eperience a worse impact than a letter without a signature.
CAcert is currently seeking to attach their clients’ public keys to the most popular programs, primarily the Mozilla family. But before that happens, the correct operation of CAcert certificates requires every user to install the appropriate key software and give it the necessary powers (in this case to identify e-mail users).
CAcert certificates have the advantage of a longer shelf life (2 years). In addition, members of the CAcert network with more than 50 points of trust can receive two years of free SSL certificates to identify web pages. This certificate contains only the address of the server, with no data about the company or institution. Attaching corporate data to the certificate is possible, but requires contact with Cacert support. After gaining 100 points, members can also receive a certificate for signing software (code signing certificate).
Free registered email certificates are also issued by another certificate authority – Comodo. This company, in the case of free certificates, has no way to verify the identity of clients. This is reflected in the contents of the certificate. In addition to the name, this appears on the note: “PERSONA Not Validated”. Comodo mail certificates are valid for one year and recognized by most browsers and email programs.
In 2007, a program of issuing free certificates of registered mail, based on a network of trusted notaries, was launched by an Israeli company called StartCom. I do not know if the company has managed to build a network of trust; as of early 2008, just five notaries had joined the program (none in Poland) in Europe. Without confirmation from people you trust, StartCom seems like Comodo certificates: registered, but with the warning “Persona not validated.”
How to Encrypt E-mails
Algorithms used when placing a digital signature can be used for email encryption. In fact, message encryption would be the primary use of public key cryptography, with the ability to digitally sign appearingon the occasion.
The digital signature key pair of the email uses a private key signature and public key for verification. The recipient does not have to be your key pair. The encryption keys for the email address are: a public key for encryption, and the private key to decrypt it.
As you can see, to send an encrypted e-mail we have to know the recipient’s public key. Potentially everyone can know the public key of X, so anyone can send a coded message. However, only a person X has a corresponding private key, so only she will be able to decrypt and read the message.
Asymmetry key (encryption is different from the decryption) is the foundation of public key cryptography, invented in the mid-70s by two American mathematicians Whitfield Diffie and Martin Hellman. Using an explicit encryption key solved the main problem of traditional cryptography: key distribution. In traditional “symmetric” cryptography encrypted correspondence, you have to replace the secret key that is used in both the encryption and decryption. In unencrypted e-mail, you cannot send a secret key, you must use another secure channel of information (for example, during a personal meeting or by a trusted messenger). This significantly hindered the practical application of cryptography on the web.
All programs that support digital signatures can also encrypt messages. You must have the recipient’s public key. For PGP the public key can be downloaded from the key server. The S / MIME keys are supplied together with the signed message. In practice, we have the need to send digitally signed, but unencrypted email. The recipient will receive it so that our public key and its response to us may already be encrypted. If additional encryption is needed to digitally sign a correspondent, then both parties will benefit from the ability to encrypt e-mails sent between them.
Encrypting messages with S / MIME or PGP is very easy, for example, in Thunderbird by simply checking the appropriate menu option in the compose window. The program will check if we have the recipient’s public key and send a warning before failing.
The encrypted list does not have to (although it may) be digitally signed. Theoretically, it is possible to encrypt the letter, even if the sender does not have its own certificate, because you need only to use key customers. However, most e-mail programs require that the sender has his own key pair. This is justified by security at the sender side. Typically, the programs save outgoing mail in the sender’s computer, such as in the “Sent” folder. Some programs open for longer than a few minutes while editing the letter will automatically save its provisional character to disk. But it will be sent with encrypted key customers, so the sender after encryption can not read it already! Therefore, to avoid saving confidential messages in clear text in the sender’s local computer (or on the mail server when using IMAP), archived outgoing mail will be encrypted with his own public key.
The security of the entire public-key cryptography based on the assumption that no one is in possession of the secret key (private). Therefore, the secret key must be strictly protected. The ideal situation is to keep it on the “intelligent” cryptographic card (called the smartcard), password-protected, and never save it to your computer. This type of card is equipped with memory keys, and all operations that require the use of a secret key (making signature and decryption of messages) are performed by a microprocessor embedded in it. The secret key never leaves the card and in any case does not go to the computer’s memory. Reading the secret key from the smart card is not technically possible! Often the card also includes a random number generator used to create the key pair. So the key is generated only in the memory card, and there is not even the possibility of creating a backup.
The smart card is no different in size than ordinary credit cards, but its use requires a special reader. There are also miniature cryptographic devices inserted directly into the USB port of your computer. From a technical point of view, it is a combination of cards and a card reader in one device. Cryptographic devices are produced by several companies, one of the most popular is the eToken PRO Israeli company Aladdin. eToken performs cryptographic operations (RSA cipher) with a maximum key length of 2048 bits, has a hardware random number generator and the memory of a dozen pairs of keys. With the included software (and middleware) it seamlessly integrates with popular e-mail programs and browsers on both Windows and in Linux. Keys stored in the eToken can also use PGP programs, including GnuPG.
Unfortunately, most users have the need to keep secret keys in the drive, usually in a folder of your email program data. Good programs (such as Mozilla Thunderbird) make it possible to password-protect the key. In Thunderbird secret keys are protected by a double – each individual key and all keys have a master password security module. It removes the keys from memory after a certain period of inactivity, which to some extent makes it difficult to gain an unauthorized key, even if you move away from your desk, leaving the email program on.
Every time you generate a key, we have to answer a lot of questions. This article and the previous one was an attempt to respond to them. In the next article we will create our own certification authority and we will be generating and signing the electronic certificates. By the way we learn also how we should electronically sign our software. The next step is to create a LAMP server with lots of extras, fully utilizing the benefits of SSL.