Introduction toSecure Messaging Issues

Russ Chung, American Eagle Group

The Open Group Messaging Forum

July 24, 2003

AgendaOverview of Encryption Technology

Implementation Issues

Secure Messaging Models

Encryption OverviewEncryption

Symmetrical keys

Asymmetrical keys

Encryption algorithms

Digital SignaturesHash functions

Certificate

Optional Devices

Smart Cards

Biometric Devices

And more…

Implementation

Successful secure messaging implementation requires consideration of:

Technical aspects

Organizational aspects

Inter-Organizational aspects

Implementation Roles Technical Aspects of Secure Messaging

Established and controlled by technical managers

Organizational Aspects of Secure MessagingInternal Policies, Practices, Procedures

Established and controlled by Company management

Inter-Organizational Aspects of Secure MessagingExternal Policies, Practices, Procedures

Established by agreements between organizations

Often involves senior management, boards, legal counsel

Technical AspectsKey generation

Key managementDistribution and exchange of certificate and private key

Key separation

Archiving of the certificate, and if necessary, the private key

Change and validation of certificate and if necessary, the private key

Manage the access to and representative use of the certificate and private key

Freezing and destruction of certificates

Non-Technical AspectsThe non-technical aspects are often overlooked or

underestimated

OrganizationalUsage Policies, Procedures and Standards

Training

Inter-OrganizationalCertificate Policy

Certification Practice Statement

Relying Party Agreement

Secure Messaging Models

Transport Layer Encryption

-or-

Message Encryption

-or-

Both

Secure Messaging ModelsModel #1 - End to end encryption

Model #2 - Gateway to gateway encryption

Model #3 - Secure web mail

Secure Messaging ModelsModel #1 - End to end encryption

Examples: S/MIME, PGPAsymmetrical key pairs generated for each userPro

• Message is encrypted at all times• Nearly impossible for anyone except the intended recipient to

read the message

Con• Nearly impossible to check for viruses, check content of the

encrypted message• Key management is an administrative burden

Secure Messaging ModelsModel #2 - Gateway to gateway encryption

Example: DomsecOne asymmetrical key pair generated per domainPro

• Fewer keys to manage• Permits scanning for viruses, content

Con• Messages are not encrypted when in transit between the user

and the gateway (unless transport layer encryption is used)• Messages are not encrypted in storage

Secure Messaging ModelsModel #3 - Secure Web Mail

Examples: Authentica Net Recall, Tumbleweed IME

Keys may be generated per user or per message

Pro• Recipient does not require special software - only needs a web

browser

Con• Must prevent unauthorized personnel from obtaining the key

Secure Messaging ModelsModel #4 - Hybrid model

Some or all of the above

How do we interoperate?

ConclusionSuccessful secure messaging implementation involves

Technical Activities

Organizational Activities

Inter-Organizational Activities

The organizational and inter-organizational activities are the larger and the more critical part.

There are multiple secure messaging models

Introduction to Secure Messaging Issues

Russ Chung, American Eagle Group

russ.chung@ameagle.com