Why Email Can’t Be Protected From Government Surveillance

Ads by Google

“If you knew what I know about email, you might not use it either,” said the owner of secure email service Lavabit as he recently shut it down. “There is no way to do encrypted e-mail where the content is protected,” said Phil Zimmermann as he suddenly shut down Silent Circle’s secure email service. The reality is that email is fundamentally insecure and can never be protected from government surveillance in the same way some other communications can.

Sure, you may be using a different encrypted and “secure” email service that hasn’t shut down yet. But they’re vulnerable to the same US government pressure Lavabit faced — that’s why Silent Circle shut down before it was contacted by the government. Some less principled services will opt to cooperate with governments rather than shut down. We don’t know exactly what demands Lavabit faced, as they’re forbidden from disclosing anything they experienced as a result of backdoor orders from the secret US surveillance court that enables PRISM and other NSA surveillance programs.

Now, let’s look at why email is a poor choice for secure communications, and how it’s an easy target for government snooping.

Metadata Can’t Be Encrypted and XKEYSCORE Can Intercept It

An email isn’t really a single piece of data. It’s multiple pieces of data: There’s the message body, the subject line, the From field, the To/CC/BCC fields, and other metadata that includes the location you’re sending the email from.

Even if you use the best email encryption technology possible, you can only encrypt the message body of the email. Anyone monitoring the connection you’re using can view the subject of the email, who you’re communicating with, and where you’re emailing from. Under the XKEYSCORE program that essentially allows the US government to capture most of the traffic flowing over the Internet by intercepting it at large backbone routers and gateways, the government can build up quite a picture of who you’re communicating with, when you’re communicating with them, where you’re each communicating from, and what the subject lines of your emails are, which gives them an idea of what you’re talking about. They may find the fact that you’re encrypting the contents of your emails suspicious and target you for further, more in-depth surveillance of everything else you do.

Ads by Google

The US government collected US email records in bulk until 2011. According to the NSA, this program was discontinued because it wasn’t effective — but they’re still gathering metadata under XKEYSCORE, so they’re likely intercepting all the email metadata they can get their hands on. They’ll get lots of information from you even if you encrypt your emails.

For more information, read about the things you can learn from an email’s “header”, or metadata.

xkeyscore metadata slide   Why Email Cant Be Protected From Government Surveillance

Many “Secure” Email Providers Have the Encryption Keys For Convenience

Encrypting and decrypting emails is complicated. In theory, you’d use something like PGP or GPG on your local computer to decrypt emails. In practice, the setup can be complicated and confusing, even for more tech-savvy users. This also makes it impossible to access the encrypted emails via a browser or lightweight mobile client.

In practice, many secure email providers have dealt with this by holding the encryption keys at their end, decrypting emails when you access them. This is how Silent Circle’s secure email service worked — they had the encryption keys so they could easily decrypt emails and offer a good user experience. In practice, this means that the government could demand all the encryption keys — or just the ones they needed — and decrypt all the emails they wanted to. If the provider has the keys, they could hand them over. The only way to securely encrypt and decrypt email bodies is with complicated desktop software. Even all this effort leaves the metadata exposed.

The Government Can Demand Backdoors: See Hushmail

Canada-based Hushmail is one of the most popular and widely-known encrypted email services. In 2007, Canadian courts compelled Hushmail to hand over the emails of one of their users. The emails were then passed to U.S. courts under a mutual legal assistance treaty between Canada and the USA.

Hushmail theoretically couldn’t do this. They didn’t keep users’ encryption keys on their servers. They recommended users use PGP or similar software to decrypt the emails on their computers for maximum privacy. However, many people thought this was too inconvenient, so Hushmail also offered a downloadable Java applet located on a web page that allowed you to access your email. When you accessed the web page, the latest version of the Java applet would download to your computer, you’d enter your encryption key, and the applet would download and locally decrypt your email without Hushmail gaining access to your encryption key.

Hushmail was compelled to serve a version of the Java applet with a built-in backdoor to the user in question. The modified Java applet sent the user’s encryption key to Hushmail after it was entered and Hushmail gained access to the user’s emails, which they handed over to the courts.

If you do use secure email, the provider can be forced to acquire your key in any way possible. Even if they couldn’t gain access to your key, the provider could hand over your encrypted emails themselves, which would show the government who you’re communicating with, when, and about what (via the email subject line).

hushmail legal warning   Why Email Cant Be Protected From Government Surveillance

Email Messages Are Stored on a Server, Instant Messages Are Not

Even if the government can’t get or intercept the encryption key, they may be able to decrypt your emails anyway. Your encrypted email messages are stored on a server — that’s just how email works. If the government were to demand this data, the hosting provider would have to hand it over in encrypted form. The government could then try to break the encryption — new hardware regularly makes current encryption mechanisms much weaker, and the US government may be storing such encrypted communications in the hopes of breaking them in the future.

In contrast, instant message-style communications are harder to archive. An encrypted message can be sent directly to the recipient and not stored on a server where it can be accessed in the future. The government would have to install a monitoring device and capture all the communications in real time. If they failed to do so and didn’t have all the encrypted data, they wouldn’t be able to go get it years later — but they can often do this with email.

Other Types of Communication Can Be Secured

Email just wasn’t designed with encryption in mind. It’s been bolted on after-the-fact, and it shows. Even the most careful of secure email service users can’t hide who they’re communicating with and when. If you really want to avoid government surveillance, you’re better off using different secure messaging services instead of relying on email.

That’s why Silent Circle still offers a secure messaging service that they’re confident in the security of. It’s not the only option either — Cryptocat is another. Cryptocat had a recently publicized vulnerability and other services may have their own problems that we’ll hear about in the future, but these services are on the right track — they’re not fundamentally insecure by design the way email is.

Of course, encrypted email isn’t necessarily worthless. For example, if you want to secure important business communications against eavesdropping, it can be useful. But encrypted email isn’t going to slow down the government very much — it’s not the ideal communications tool when you’re trying to talk without the NSA hearing.

start cryptocat chat   Why Email Cant Be Protected From Government Surveillance

Do you agree with the principles behind Lavabit’s and Silent Circle’s shutdown? Do you use a secure messaging service to communicate without your conversations being stored in a massive government database?  Leave a comment and let us know which email-alternative you prefer.

Image Credits: Metal detector Via Shutterstock

Ads by Google

14 Comments - Write a Comment

Reply

AriesWarlock

What a coincidence, I was watching an interview with Lavabit’s founders and then this article showed up
http://youtu.be/somIHlk1RLk

Reply

Mac W

Maybe it is time to buy shares in the paper and envelope businesses

Reply

Martijn Brinkers

Nothing is safe against traffic analysis. Silent Circle claims that their chat service is secure because they do not store any metadata. However traffic analysis will provide all the information the NSA needs. By analyzing incoming and outgoing data of the chat service, it’s pretty straightforward to detect who is chatting with who even if the data is encrypted. Especially for a chatting application since the communication is instantaneous. It’s almost impossible to build a service which provides real anonymous communication if the “attacker” has access to all communication.

Bruce E

But the only real information they are getting from it are the possible endpoints, not the content unless they are capturing all of that traffic. Even then, the amount of computing power required to crack it would be enormous, especially if there was an error in endpoint determination (not likely, but possible at the start of a communication session).

Martijn Brinkers

Yes that is true but this is true for encrypted email as well. Security wise there is not a big difference between some encrypted chat or encrypted email. The only reason silent circle stopped providing “secure” email was because they did not have an application that encrypts/decrypts on the mobile device. Silent Circle spins this as a shortcoming of email in order to push their chat service. However their chat service is as vulnerable to meta-data analysis as any other encrypted service (like encrypted email). Traffic analysis provides all the information who is communicating with who. And if traffic analysis is not sufficient, the powers that be will force any organization to install some monitoring device. It really hard to provide full anonymity. Only a worldwide service with multiple intermediate and end-points and random introduced delays and dummy encrypted data that flows constantly between the intermediate servers and end-points can provide some form of anonymity (A Tor like service). The point I wanted to make is that you should encrypt your data to make sure that only the right recipient can read the content whether or not this is email or some kind of chat service (security wise there is not a big difference between email or chat) and not focus too much on whether or not this anonymous or not (unless you are a journalist for example) since no one can provide real anonymity.

Reply

Guy M

This article needs to be on a major news service. That’s about the highest compliment I can give, Chris.

Reply

David A

“Why Email Can’t Be Protected From Government Surveillance”: it shouldn’t have to be; but as citizens of the U.S., we should be protected from illegal abuse stemming from that surveillance…

Reply

HildyJ

First, no matter what you do (other than carrier pigeon) the government knows who you’re communicating with. We’ve even learned that the post office photographs every letter and package.

Second, it is rumored that encrypted email is captured and stored as a matter of course (just as key words are apparently used to target email). Which encryption methods have backdoors is a matter of speculation but if the government takes an interest in your email they can always brute force decrypt it and, under current law, they may be able to force you to reveal your keys.

Bottom line – privacy no longer exists.

Zaphod Beeblebrox

@HildyJ: If you use a sufficiently long and random PGP RSA key, 1K or more, then brute force decryption is of absolutely no use whasoever. Unless someone arrives back in a time machine from 2045 with a quantum computer.

Bottom line – If you have sufficiently encrypted e-mail, then they will not be able to crack the message content.

Reply

ovigia

bitmessage maybe the answer….

http://www.reddit.com/r/bitmessage/

GEorge

I wanted to write this ! :) Yes,I think also this might be the answer

Reply

Dennis

What a joke. Big brother is watching and will spy on you, and if not he will get your significant other to do it for you. Hmm sounds like what the Soviets had, but with less tech.

Reply

Myself

Mails can be save, thats how to do it:
I write my Mails on a standalone Atari STF, from there I transfer it via RS232 over Z-modem to my standalone PC where I wrote my own z-modem Implementation which immediately encrypts it using the highest AES krypto there is. Then I uuencode it, then I use the utf8 codes of any character to reference to the utfcode# word in a free gutenberg book, then once a night, my standalone PC connects to the net and mails all my mails to a disposable MailService like mailinator, where my recipient checks it. try to hack that ;)

Zaphod Beeblebrox

@Myself: Nice setup. Yours is the most sensible comment so far.

Your comment