[tclug-list] Email Crypto options vs NSA

Wed Sep 11 11:01:01 CDT 2013

On Wed, Sep 11, 2013 at 9:56 AM, Mike Miller <mbmiller+l at gmail.com> wrote:
> On Wed, 11 Sep 2013, Jay Kline wrote:
>
>> On Wed, Sep 11, 2013 at 8:50 AM, Michael Greenly <mgreenly at gmail.com>
>> wrote:
>>
>>> S/Mime uses a centralized certificate authority.  PGP/GPG is
>>> decentralized.  There's no question that PGP/GPG is preferable over S/Mime
>>> because of this
>>
>>
>> S/MIME and GPG/GPG use the same crypto.
>
>
> What do they use?  Is it very strong?
>

They both (generally) support RSA for the public/private keypairs
(varying sizes are supported), which will be used for digital
signatures and block cipher key wrapping.  For the block cyphers, 3DES
and AES are common.  Both S/MIME and GPG support more algorithms (you
would need to go look ad the documentation for specific software
versions to see what is supported).

What I was getting at, though, was the crypto-security of the two are
based more on which algorithms and keys you choose than S/MIME vs GPG
itself. I would think more about how you perceive trust between end
users of the system and how that fits your needs.  S/MIME will be more
centralized, and can be good when you have a trusted issuer you can
take advantage of. A corporate entity is a good example- a CA for the
company means any employee can trust the credentials of another
employee issued by that CA.  S/MIME is also good if you already have
an existing SSL-based infrastructure in place, you can use it without
adding many new parts.  GPG is decentralized forming a "web of trust",
and is better when you have ad-hoc communications or dont trust a
central authority (like Comodo CAs, for example).

Interestingly, GPG actually supports the S/MIME format, showing how
interchangeable the systems can be.

Are they strong? As long as you avoid known bad ciphers (3DES is
fairly weak by todays standards) and sufficient key sizes (RSA should
be 2048bit and AES 256bit) they are "strong" .  Strong enough to stop
the NSA? I wont venture a guess on that- plenty of speculation in the
news lately about it.

The NSA maintains two "suites" of algorithms, Suite A and Suite B.
Suite A is classified, so we dont really know what is there.  Suite B
is publicly released, and is the reference for US Gov't agencies and
partners for encrypting various kinds of data.  Sticking with Suite B
algorithms is a pretty safe bet that even if the NSA *can* break them,
it takes considerable effort to do so, and generally there are no
other groups capable of breaking them.

Jay