Compare EndCryptor to competitors

EndCryptor, S/MIME and PGP under attack

We study here two attacks: the exposure of a private key and the man-in-the-middle attack.

The S/MIME email encryption method uses a public key infrastructure (pki) which means that there is a Certificate Authority that digitally signs every new public key. Users already have the public key of the Certificate Authority and use this public key to verify the signature of a certificate that contains the new public key of a user. When a new public key is introduced it must first be certified by a Certificate Authority and then delivered in a certificate to a user.

In PGP the public key can be delivered with or without a certificate.

In S/MIME and PGP the public keys are changed usually at intervals of years.

EndCryptor instead delivers new public keys of the sender in every encrypted message and they are delivered in encrypted form – they are encrypted together with the plaintext. When the message has been decrypted the new public keys are ready to be used. The encrypted message that delivers the new public keys is signed by a previous public key that the receiver is known to have. The public keys are specific to the receiver: if say Alice has many contacts then each one of them uses a different public key of Alice when a message is sent to Alice. The first public keys can be delivered with a certificate whose public key signs them.

Using our method the public keys are changed more frequently: if the parties communicate in turns one public key is used only once. An exposed private key has a very short life time in our solution. Our solution for the renewal of public keys is cost-free.

Using S/MIME or PGP one public key may be in use for many years.

Now let’s consider the man-in-the-middle attack. In a public key based cryptosystem an attacker Eve can initiate this attack if she can introduce her public key to Alice and Alice believes that it is Bob’s key. In theory a certificate eliminates this possibility. The problem is that the certification infrastructure has weaknesses. There are machines being sold that use fake certificates to read SSL communication to web servers. Therefore a cryptosystem should provide means to reveal an ongoing man-in-the-middle attack. It is also important to understand when the attack can be started.

In EndCryptor the attacker can initiate this attack when the initialization files are exchanged, in PGP when a new public key is received and in S/MIME when a new certificate for a user is received. The reader should check how a possible S/MIME solution responds when a different certificate for a same email address is received. Naturally in all these systems the attacker Eve can start the attack if she can access users’ computers and read the exposed security data or modify it.

EndCryptor provides two methods to reveal the attack: one that uses e.g. a telephone conversation and another one that uses the exchange of messages. In EndCryptor it is also possible to compare and allow/deny certification paths of certificates.

Home