Signed and encrypted email Dec 6, 2017
It’s surprising that S/MIME is not more widely used. It offers authentication, so that you can be sure the email comes from the person that email address belongs to, which will kill all (spear-) phishing attacks (as long as the originating account is safe).
And it offers secure end-to-end encrypted email, once you have a signature from the person you want to email to. Which means even a Gmail mailbox won’t be able to read the email, if you use an email client on your laptop or mobile device instead of webmail.
You’ll need a digital signature certificate, which you then install in your email clients. This used to be hard, but now it’s just a matter of following a few instructions.
Having used S/MIME in the past, I decided to get a new certificate and set it up again. In the hope that it will be of use to others, I’ll detail the procedure below, for both macOS and iOS. The good news is that, once installed, sending such signed and encrypted emails is effortless. Signing is automatic, once enabled (here on macOS):
If the person you’re sending to previously sent you a signed email, encryption is easy:
It’s all based on public-key cryptography, using a public key (K), and a private key (P). Applying K or P to a message produces an unreadable result, which can (only!) be decoded with the other key.
So to sign a message, I apply P to it (P is only known to me), and send the result, as well as K as attachment. Anyyone can verify it’s from me, because nobody else could have signed it with P. So it’s authenticated (just make sure you use a trusted K).
Conversely, anyone can send me a message which only I can read, by applying my K to the message. I then apply P and see the real thing. No one else can, no one else knows P.
Authentication & encryption are separate, but can be combined: sign with your P and encrypt with my K, send it to me (along with your K), and I can read the message, knowing it must be from you, and knowing that only I am able to read it. Brilliant.
Do I have reason to think anyone would want to impersonate me? Not at all. Do I have any secrets to share? Nope, sorry. But that’s not the point - personal email should be just that: from one person to another. If I wanted to speak in public, I’d post it here.
Anyway, here are the steps to take if you want to set up S/MIME on your macOS system. I’ll use Safari and Apple Mail, but it should work almost the same with say Firefox and Thunderbird:
- Get a digital signature. I purchased mine from Xolphin, which is a front for the Comodo and GlobalSign Certificate Authorities. Cost me €16 for 3 years.
- Within less than an hour, you get an email back with a link. You have to open it in the same browser you used to make the request. The result is a K + P pair, which gets auto-installed in your Keychain.
- Restart Apple Mail, and when you compose a new message, you should see that checkbox appear. Click on it to enable, it turns blue. This will stay on by default for future emails.
Send yourself an email. If all is well, it’ll show up in your inbox:
Now reply to that email, but this time click on the lock. This will encrypt the reply, which now comes back as:
That’s it. This is how authenticated and encrypted email should be - effortless!
Getting things working on my iPad with iOS took a little more head-scratching. The reason is that you need to get a password-protected “.p12” file to the device before you can set up S/MIME. We need to transfer our private key, i.e. P, not just certificates and K, so naturally there is a bit more protection involved.
As it turns out, KeyChain access saves two certificates. This one is of no use on an iPad:
What you need, is the one in the “My Certificates” section:
That one has a triangle in front, which will disclose the private key entry:
And that second item is the one which can be exported with a right click. When
doing so, you’ll be asked to password-protect it. Once done, email the resulting
.p12 file to yourself, and open it on the mobile device. Then double-click to
open, enter that same password, and you should be successful in getting it
stored into iOS’s keychain, or whatever it uses to store this information.
One last step is to enable S/MIME on iOS.
This is a bit hidden, but not very hard: go to “Accounts & Passwords” in the “Settings” app, select your email account, then select “Account” and scroll all the way to the bottom, to “Advanced”. Again, scroll all the way to the bottom (don’t you love it when stuff is buried so deeply…). You should be able to enable “S/MIME” with a slider, and then decide whether you want to “Sign” and/or “Encrypt” your emails. When you do, check that the proper certificate is enabled. I had to start/stop/reboot my mail app and iPad to get things going, but that’s maybe because I didn’t set up the certificate properly the first time around.
Anyway, with all that out of the way, your mobile device will use S/MIME from now on. I’m pretty sure it’s similarly “relatively easy” to set up on Windows, Android, Linux, or whatever system you’re using.
Just to clarify: I have nothing to hide, but even that fact itself is nobody’s business …
If you feel the same way about privacy, you may want to consider setting up S/MIME. Once enough people start doing this, we can get rid of a whole slew of unpleasant things happening out there on the internet.