Tuesday, March 9, 2021

Crypto to Go

How to Implement Encrypted Email at Work  or on the Road

American eagle wearing headphones and clutching Ethernet switch.
Image courtesy of the
Electronic Frontier Foundation

Send them money.

Note: I was very excited about Mailvelope.  It seemed to be a way for people less geeky than I to use encryption.  Sadly, the developers of Mailvelope have chosen to cripple the free version.  As I write this, it  will not handle encrypted messages in the PGP/MIME format, which may be most messages encrypted with software other than Mailvelope.  In other words, it isn't compatible with other software, and so I can't recommend Mailvelope's free version.  The paid version may be better.

Eight years ago Edward Snowden exposed the lengths to which intelligence agencies had gone to collect every bit of information about everyone.  I wrote a series of posts exhorting people to encrypt their email on the grounds that "it's none of their damn' business!" The first one, It's Time to Encrypt Your Email, has links to the others.

Almost no one did it because it's too much trouble. I'm a retired professor, and at the time I was able to use my personal laptop both at home and in my university office.  Most people don't have that luxury, and most people didn't want to go through the fiddly steps to set up encryption.  Further, many, perhaps most, people use web based mail systems like Gmail.  Encryption that happens on the provider's server is not secure because the mail provider necessarily has the crypto key; it can be subpoenaed, bought, stolen, or coerced. (If the concept of key seems strange, read A Little About Encryption.) 

This article tells you how to implement encryption for your web mail and use it at home or at work, without installing any software on your Windows computer at work. I can write it because a friend told me about the Mailvelope software.

What We're Going to Do

  1. Acquire a key-ring size USB drive
  2. Generate a couple of very strong pass-phrases
  3. Set up encryption on the USB drive (optional)
  4. Install a portable version of Firefox on the USB drive 
  5. Install Mailvelope in Firefox on that USB drive
  6. a. Generate new crypto keys using Mailvelope or,
    b. Export your existing crypto keys and import them into Mailvelope.

When you're done, you'll be able to send and receive securely-encrypted messages anywhere there's a Windows 10 computer you can use, and without installing anything on that computer.  (Most of this stuff will work on a Mac, but you'd have to install the Mailvelope browser add-on on the computer.  Your boss might frown on that, and you will be handing a crypto key that should be secret over to whomever has access to that computer.) 

Note: If you don't need "to go" and only want to be able to encrypt web-based mail at home, just generate a pass phrase, install Mailvelope on your favorite browser, and use it to generate keys. Done!   If you want to go portable later, you can export your key pair from Mailvelope and import the same keys into the portable version.

Who Do You Trust?

Before any of this, we need to talk about issues of trust.  I think it's very unlikely that the U.S. National Security Agency can crack the encryption described below.  If they can, they don't dare admit it because it would start a rush to develop better, uncrackable encryption. The weak link in what I'm going to describe is who has access to your cryptographic private (secret) key.  Specifically, you are trusting the developers of Mailvelope not to snarf up your secret key and the passphrase that protects it and ship them off someplace nefarious.  I think it's highly unlikely because it's the kind of thing security researchers look for, and covert communication between a browser running Mailvelope and a server in Faroffistan would be pretty easy to detect.  If you use Thunderbird or GPG you're trusting those developers, too, and that's almost certainly OK for the same reasons.

Here's the biggie: Every time you plug that USB drive into a computer, you're trusting whomever has administrative control over that computer not to have installed software that secretly copies the contents of the drive.  That's a question of risk tolerance. I use encryption so confidential things like my  nieces' social security numbers can be emailed to me, and because "it's none of their damn' business!"  I'd trust a computer at my university, and maybe even one in the business center of a hotel.  If my life depended on the secrecy of my communications, I'd be much more careful.  YMMV.

USB Drive

If you're going to take your crypto to work, or perhaps traveling, you need portable storage. Find a USB drive that suits your style.  Look for small size, a metal case, maybe a loop for a key ring, and a brand name like Kingston, PNY, or Sandisk.  No eBay or no-name drives because you'll want this thing to be reliable.

A 16GB drive is plenty, and the smallest capacity likely to be available.  You should be able to find something for less than $15.  I like this one and you can get two for $16.  That will let you make a backup.  It's 32 GB, which is more than you need, but it'll work fine.

Make a backup copy of your drive from time to time.  Just copy everything to a folder on your home computer.

When you're done with the drive, I suggest physical destruction with a hammer. Reformatting is not always effective at destroying information on flash drives.

Pass Phrases

Note: If you already have a key pair other than with Thunderbird, it is already protected by a pass phrase. You won't need to generate a new pass phrase to use Mailvelope.

In portable mode, you won't have your trusty password manager to paste passwords in for you. You will need a pass phrase to protect your private (secret) key, and you may need another to protect your encrypted USB drive.   Everyone who does anything with security has seen the XKCD cartoon about passwords. "Correct Horse Battery Staple" is the kind of pass phrase you can generate using Diceware.  Four words are too few; use six or even more.  Memorize your pass phrases, and also write them down and put them in a safe place.  Here's a comment about the strength of such a passphrase.

To generate a pass phrase, roll the dice, read the numbers from left to right as digits 1 to 6, and look up that number in a word list.  Use real dice or the dice at random.org, which use an excellent source of randomness.  Use the Electronic Frontier Foundation's long word list.  Six throws of five dice will generate a six-word pass phrase.

This roll, 2 1 2 6 5, is the word "crane" in the EFF long word list. I tried six rolls and got "crane abridge unmixable congenial unclog dismay."  It's easy to make up a little story that makes those words memorable.  "There was a crane on a-bridge; unmixable is the opposite of congenial, and if you can't unclog, you get dismay."

You need a pass phrase to protect your private key.  If you're going to encrypt your USB drive, you'll need a second one.  The reason you shouldn't use the same pass phrase for both is obvious, right?

Encrypt Your USB Drive (Optional)

If your USB drive is lost, stolen, confiscated by the cops, or otherwise is out of your possession, an attacker must crack the pass phrase protecting your private key in order to decrypt your communications. If you've also encrypted the drive, the attacker must first crack the drive encryption.  Even better, if the drive is encrypted, there's no hint that it contains cryptographic software until the drive encryption is first cracked. Security professionals call this defense in depth.

Encrypting the drive means memorizing two pass phrases.  Whether to do that depends on how secure you need your communications to be and on the possibilities of the drive leaving your control.

Encryption will go fastest if you start with an empty drive, that is, do the encryption first. To encrypt a USB drive,  connect a formatted USB drive to a Windows 10 computer.  Select Control Panel > System and Security > BitLocker Drive Encryption, or just type "bitlocker" in the program search. At the bottom of the panel, under Removable data drives - BitLocker to Go, find the drive to encrypt and click "turn on BitLocker."  When prompted, click "Use a password" and type your passphrase twice.  You can save your recovery key to a file or print it. Click "Encrypt only used disk space" and "Next." Select "Compatible mode" and click "Next."  Click "Start encrypting."  The process will take one to two minutes on an empty drive.

Install Portable Firefox

Download Portable Firefox onto your flash drive and run the installer.  (There's a Portable Chrome, too, but it wants a Google login that you may not want to provide.) You will need to close any other instances of Firefox, such as a desktop version, to run Portable Firefox.  You can save yourself a click every time you use this if you move everything in the FirefoxPortable directory to the root directory.  You can delete the installer program. Consider making a donation to Portable Apps.

Aside: A Note About Cryptographic Keys

Public key cryptography, which is what this is all about, uses a key pair, two different keys. The one called the public key can be given to anyone, and is often uploaded to public key server computers.  People use your public key to encrypt messages for you, and also to authenticate messages digitally signed by you.

The other key of the pair, called the private key, or sometimes secret key, is used only by you to decrypt messages encrypted with your public key and to apply your digital signature to messages.  It should be kept absolutely secret, which is why you shouldn't just install Mailvelope (which needs your private key) on your work computer. There's more detail in A Little About Encryption.

You'll have two choices concerning cryptographic keys when you install Mailvelope.  It's pretty critical to make the right decisions because, in general, email systems decide which key to use to decrypt mail based on the sender's email address.  If one address has more than one key pair, things can get very confusing. Do not generate a new key pair with Mailvelope if you are already using encryption with the email address you intend to use with Mailvelope.

If you've never used encryption before, or never generated a key pair for the email address you will use with Mailvelope, you can let Mailvelope generate a key pair for you.  Skip to the next section.

If you already have a key pair you want to use with Mailvelope, you will have to export a copy of both private and public key and import them into Mailvelope.  Read on!

Export your key pair:  You will need to export copies of both your public key and your private key from your existing encryption software or email software to import them into Mailvelope.  How to do that depends on the software you're running.

Thunderbird: Select the account from which to export the key pair; it's the line just above "Inbox." Choose End to End Encryption from the top line.  Select the key you want to export; it will probably already be highlighted.  Click the chevron or down-arrow in the upper right corner of the box for that key and select "More."  You will need to select Backup secret key to file.  That actually includes your public key as well.  When you export your secret key, you'll be asked to set a password.  Use the pass phrase you generated for your private (secret) key.  You will end up with a file  with a long file name ending in secret.asc. You will import this into Mailvelope.

Kleopatra: Select the key you want to export in the "My Certificates" window.  Export secret keys is within the file menu.  You will need to supply the pass phrase used when the key was generated.  You'll get a file ending in SECRET.asc.  You will import this into Mailvelope.

Install Mailvelope

Open Portable Firefox.  (Ypu;ll have to close desktop Firefox first.)  Go to https://www.mailvelope.com/en/ and click the magenta “Download Mailvelope”button.

You will be transferred to https://addons.mozilla.org/en-US/firefox/addon/mailvelope/

Click the "+ Add to Firefox" button, then click “Add” in the dropdown from the browser address bar.That dropdown tells you the permissions you're giving Mailvelope, so look at it!

Decide whether to click “Allow this extension to run in private windows” and check or not. I don't see any need to allow that.  Your mail provider knows when you connect to them.  I guess if you had a secret email account you were trying to hide from someone who had access to your computer's browsing history, you might want to check it, but not otherwise.

Note the Mailvelope icon at top left. Click the blue “OK, Got it”

Click the Mailvelope icon, then “Let’s start.”

Choose either “Generate key” or “Import key” depending on whether you have a key pair from another cryptography program.

To import keys:

Click “import” and “select files.  Drag the key file into the gray window, or click “Add file” to browse for it.  When ready, click “Import keys”

Review the keys that are being transferred and, if all is well, click “Confirm.” The private key you just imported will be marked as the default key.There's more about keyservers below.

Click the > at the right of the box containing the key. (Be careful not to click the trashcan.)  In the pink box that says “The key is not synchronized with the Mailvelope key server,” click the “Synchronize” button.  Each email address associated with your key pair will receive an email message with a link you must click to show that you have access to that email.  Click the link(s).

Go to Options and check "Sign all outgoing messages."  This will put your digital signature on your outbound mail. I've written a separate post about how digital signatures work.

To generate a key pair:

Note: Generate a new key only if you have never used encryption with the email address you're setting up.  Otherwise, use the existing keys as described above.

Click the "Generate" button and fill in your name, email address, and the pass phrase twice.  Optionally un-check "Upload public key to Mailvelope Key Server."  Leave it checked if you're generating a for-real key, but, but be sure to un-check if experimenting and plan to throw away the generated key.  If you choose to upload your key, your email address  will receive an email message with a link you must click to show that you have access to that email.  Click the link(s).

Go to Options and check "Sign all outgoing messages."  This will put your digital signature on your outbound mail. I've written a separate post about how digital signatures work.

Using Mailvelope

Once you've reached this point, you don't need me any more.  The Mailvelope folks have good directions here: https://www.mailvelope.com/en/help#first_mail

There some alternate directions here: https://freedom.press/training/encrypting-email-mailvelope-guide/

Please do read the final two sections.  They're important.

Keys and Key Servers

You either generated or imported a key pair, two keys. The public key can safely be given to anyone; it is used to encrypt messages intended for you and to verify your digital signatures.  Your private key should be accessible only to you.

Your email address is necessarily on the key server.

Key management
Select key
PGP Fingerprint at bottom right

And a Final Note About the Law

The FBI, DEA, CIA, TSA, DOJ, and every other TLA (three letter agency) hate encryption because it prevents them from taking certain shortcuts.  That said, in the United States, using strong encryption is completely legal.  It is very different in some other countries; it's up to you to know your laws.

Can "they" make you reveal your pass phrases?  As of spring, 2021, that's an unsettled question in the United States.  Where I live, within the jurisdiction of the United States Court of Appeals for the Eleventh Circuit, the answer is no; the Eleventh Circuit has ruled that passwords and pass phrases are "testimonial" and so protected by the Fifth Amendment of the Constitution.  Other Circuit Courts have ruled differently, so this is a question that's ripe for consideration by the Supreme Court.  Even within the jurisdiction of the Eleventh Circuit, expect to spend money on lawyers if you need to protect your right not to reveal that pass phrase.

It is not safe to depend on strong encryption to protect you from the consequences of illegal acts.  Those TLAs solved crimes long before electronic communication and strong encryption existed.

And the final word: The TLAs and other authoritarian types would love to make strong encryption illegal.  When deciding who to vote for, make their stance on legality of encryption an important consideration. It not only protects your email, it's crucial to online commerce, credit, and banking.