This is why publicly-used certificates & their associated key pairings
generally are obtained from trusted companies. The presumption is that
the attacker won't be able to obtain a forged certificate (with complete
certificate chain pointing back to a trusted source) with your name on
it.
-Z-
-----Original Message-----
From: Justin Roysdon [mailto:justin.web (at) roysdon (dot) net [email concealed]]
Sent: Monday, April 18, 2005 10:47 AM
To: focus-ms (at) securityfocus (dot) com [email concealed]
Subject: Fw: Re: using certificates in Outlook for encryption
Couldn't a person simply use your public key to decrypt the hash,
modify
the message, and then sign it with a forged private key and include the
forged version of the public key? How does this provide
non-repudiation?
If you send the public key in the same message, doesn't that lessen
the
effectiveness? This seems like a ridiculous waste of time. The only
way
this could be effective is if the recipient already had your public key
or
gained it from another trusted source AND could recognise a forgery.
Crypt0 G33k
---------- Forwarded Message -----------
From: Rod Dickerson <rod (at) dickersonbiz (dot) com [email concealed]>
To: focus-ms (at) securityfocus (dot) com [email concealed]
Sent: Fri, 15 Apr 2005 14:16:31 -0400
Subject: Re: using certificates in Outlook for encryption
It seems there are a few things being misunderstood in this thread. Of
course, I may be one of those misunderstanding, so let me try to
clarify. You have 2 ways to use certificates with email, including
Outlook. One is to encrypt, the other is to sign. You (and for
encryption, the recipient) must have a certificate which includes a
private and a public key. To encrypt mail to someone else, you must
have their public key. The message can only be decrypted by using the
recipient's private key. While this does provide privacy (encryption),
it does not provide non-repudiation. To achieve non-repudiation, you
would then digitally sign the encrypted message with your private key.
The digital signature is a hash (md5, sha1, etc) of the message, and
the hash is then encrypted using your private key. The message will
also contain your public key, which can be used to decrypt the hash
once it is received. The recipient software will then hash the message
and compare the 2 hashes. If they match, the message has not changed
and it had to come from you (provided you protect your private key).
So, to get someone your public key you can send them a signed message.
Then they can save your public key in their outlook contact list and in
turn send you an encrypted message. I have found that Outlook doesn't
always lookup the recipient's public key, but having it in the contact
list always works. This may be a specific issue with my site, others
may have had better luck. The is an option is Outlook to publish your
public key to the GAL, but again I have not had predictable results.
This is the correct way to do it, so like I said there may be problems
with my config. Anyway, this is how PKI mail encryption and signatures
work, if you were interested. Hope this helps. --Rod
generally are obtained from trusted companies. The presumption is that
the attacker won't be able to obtain a forged certificate (with complete
certificate chain pointing back to a trusted source) with your name on
it.
-Z-
-----Original Message-----
From: Justin Roysdon [mailto:justin.web (at) roysdon (dot) net [email concealed]]
Sent: Monday, April 18, 2005 10:47 AM
To: focus-ms (at) securityfocus (dot) com [email concealed]
Subject: Fw: Re: using certificates in Outlook for encryption
Couldn't a person simply use your public key to decrypt the hash,
modify
the message, and then sign it with a forged private key and include the
forged version of the public key? How does this provide
non-repudiation?
If you send the public key in the same message, doesn't that lessen
the
effectiveness? This seems like a ridiculous waste of time. The only
way
this could be effective is if the recipient already had your public key
or
gained it from another trusted source AND could recognise a forgery.
Crypt0 G33k
---------- Forwarded Message -----------
From: Rod Dickerson <rod (at) dickersonbiz (dot) com [email concealed]>
To: focus-ms (at) securityfocus (dot) com [email concealed]
Sent: Fri, 15 Apr 2005 14:16:31 -0400
Subject: Re: using certificates in Outlook for encryption
It seems there are a few things being misunderstood in this thread. Of
course, I may be one of those misunderstanding, so let me try to
clarify. You have 2 ways to use certificates with email, including
Outlook. One is to encrypt, the other is to sign. You (and for
encryption, the recipient) must have a certificate which includes a
private and a public key. To encrypt mail to someone else, you must
have their public key. The message can only be decrypted by using the
recipient's private key. While this does provide privacy (encryption),
it does not provide non-repudiation. To achieve non-repudiation, you
would then digitally sign the encrypted message with your private key.
The digital signature is a hash (md5, sha1, etc) of the message, and
the hash is then encrypted using your private key. The message will
also contain your public key, which can be used to decrypt the hash
once it is received. The recipient software will then hash the message
and compare the 2 hashes. If they match, the message has not changed
and it had to come from you (provided you protect your private key).
So, to get someone your public key you can send them a signed message.
Then they can save your public key in their outlook contact list and in
turn send you an encrypted message. I have found that Outlook doesn't
always lookup the recipient's public key, but having it in the contact
list always works. This may be a specific issue with my site, others
may have had better luck. The is an option is Outlook to publish your
public key to the GAL, but again I have not had predictable results.
This is the correct way to do it, so like I said there may be problems
with my config. Anyway, this is how PKI mail encryption and signatures
work, if you were interested. Hope this helps. --Rod
------------------------------------------------------------------------
---
------------------------------------------------------------------------
---
------- End of Forwarded Message -------
------------------------------------------------------------------------
---
------------------------------------------------------------------------
---
------------------------------------------------------------------------
---
------------------------------------------------------------------------
---
[ reply ]