Perfect Forward Secrecy in Email Encryption

EncoDHer is a utility I wrote in Python to provide for symmetric encryption (AES256) of email using Diffie-Hellman key exchange to generate a shared secret encryption key. EncoDHer provides perfect forward secrecy in email encryption (i.e. once the DH key sets are destroyed, no one - including the original sender and receiver - can read the email). This is essentially the ephemeral Diffie-Hellman algorithm used in SSL/TLS ported for use with email.

So why use symmetric encryption with DH shared secrets - why not just use some form of public key encryption? The biggest argument in favor of symmetric encryption has to do with the difficulty required to generate new keys. It is much easier to generate a new set of DH keys than it is to generate a new pair of RSA keys, for example.

An important second argument in favor of using the DH key exchange protocol is that for a given key length, DH protocols are stronger than public key protocols. The additional strength comes from the fact that the best known algorithm for breaking either is the General Number Field Sieve. The matrix algebra part of this algorithm involves a large matrix with bits as entries for public key protocols, and with large integers as entries for DH protocols. In essence, this makes the DH protocols stronger by a factor of the length of the integers in the matrix (the length of the large prime used in DH). More detail on the above can be found here.

One further advantage of DH protocols is that both sender and receiver are automatically authenticated. It takes the sender's DH secret key and receiver's DH public key to encrypt a message and the sender's DH public key and receiver's DH private key to decrypt the message. In contrast, public key protocols only authenticate the receiver - anyone can encrypt a message using the receiver's public key. While it is true that the sender can sign the message to authenticate it, this requires a separate operation and is not a part of the basic public key encryption protocol.

There are some additional minor advantages that arise due to the nature of the standards specifying these two encryption methodologies - DH is free and the public-key algorithms have historically been protected by patents.

The primary disadvantage of using DH for generating shared secrets is, of course, that you need a separate DH secret key for each email route that you want to use. EncoDHer provides a simple way to manage all of these keys.

EncoDHer also provides a mechanism for anonymous communication between parties. In this case, communication takes place via the public usenet newsgroup mailbox alt.anonymous.messages rather than by standard email.

Happy Encrypting!

All code, text and images are Copyright © 2013-2017 by David R. Andersen. All rights reserved unless otherwise specified.
This site is produced using the Haggis static site generator.