End to end email encryption web application

Question

Hope this question is within the scope of stackoverflow, it contains some questions that are closer to a discussion but others that can be answered.

For my final year project I would like to try and set an end-to-end secure email web application (regardless of language DB or server).

I was going through encryptions and such and got stuck at public-key encryption. Quoting from HowStuffWorks

The sending computer encrypts the document with a symmetric key, then encrypts the symmetric key with the public key of the receiving computer. The receiving computer uses its private key to decode the symmetric key. It then uses the symmetric key to decode the document.

So the text gets encrypted using a symmetric key and the symmetric key is encrypted using the public key of the receiving comp? but then the receiving comp uses its private key to decode the symmetric key? Q1: why not use its own public key?

Furthermore although i didnt fully understand public-key encryption and services that use it like PGP i read on about digital certificates but again i dont understand how reliable that is, Q2: wouldnt it be better to continue using the authentication that the user used/passed in order to log in to his account? [Discard this Question it was a fault of my understanding]

Q3: In addition to all the above I was wondering if there are any good steps that can be used in order to prove the security of the system.

This is my first contact with encryption methods and such so please be a little patient with my ignorance.

Thank you.

P.S * Is there any better way known rather than public-key encryption? been wondering how good that is with the recent events and publications about NSA computer processing power.

Answer 1

Q1: why not use its own public key?

The semantics of public key cryptography is that you can only decrypt something that has been encrypted with a public key by using the matching private key.

In pseudo code, the below proposition holds:

Dec(PrivateKey, Enc(PublicKey, Message)) == Message

However, you can NOT decrypt Enc(PublicKey, Message) using PublicKey. You need the private key.

Q2: wouldn't it be better to continue using the authentication that the user used/passed in order to log in to his account?

I don't understand this question (I can guess about your meaning, but won't as that can derail conversation). If you can clarify I will edit the answer.

Q3: In addition to all the above I was wondering if there are any good steps that can be used in order to prove the security of the system.

Yes, there are many tools with which to prove the security of a system. From a high level proving the protocols (ex: Proverif, strand space, easycrypt) all the way down to proving the actual code you run is correct (ex: theorem provers such as Coq, Isabelle, and HOL4 or discharging proof obligations automatically via SMT as in fs2pv or F7 (ex: mitls).

There is even a programming language, Cryptol, designed and implemented with integrated SMT support, allowing proof of correctness properties of algorithms to be embedded and some functionality to be implemented in a more natural style (disclosure: I work for Galois).

Answer 2

This is a pretty tricky subject. I'll answer as best I can. Lets start with an example. You want to send an email to a friend in a secure format. You write the email and sign it with their public key. Then hit send. An encrypted ssl tunnel is opened to your email provider and the message is transmitted. Your mail provider forwards the message to their mail provider. He receives it and decrypts it with his private key and can read the message. Pretty easy right.

Q1: If you could decrypt with the public key than anyone could decrypt it. Q2: What if the mail provider gets hacked and your password gets stolen? Q3: Security is only as strong as the weakest link. There are many steps in the middle you have no control over. The only real control you have is the encryption on your side and their side. The best thing you can do is use known good encryption standards and rotate your keys early and often.

On a side note if your browser says https your using an encrypted SSL tunnel. It makes communication very secure between 2 parties. You encrypt with their public key and they decrypt with their private key. Whats not widely known is that the private keys for https are issued from what are called root certificate authorities. Its how browsers know the key being used is not forged or tampered with. Its widely believed that the NSA has obtained all private keys issued by the root CA's making all webpage traffic decryptable by them.

The best option for your email solution is to use privately generated keys. Using something like PGP or a competing standard. Do not use any that have been issued.