digitally signed email and email viruses

  • Thread starter Thread starter =?iso-8859-15?Q?Rainer_H=F6ll?=
  • Start date Start date
?

=?iso-8859-15?Q?Rainer_H=F6ll?=

Hello there,

it is often said that digital signatures enhance email security, i.e. that
when you get a digitally signed email from somebody you know, you can be
sure that it was sent by this person and is therefore (normally) virus-
free.

Is this really true in times where email viruses are able to send
themselves automatically to all entries in the Outlook address book? If a
virus can send emails _using_ Outlook, why should it not be able to sign
these emails (or even encrypt them if the recipient's digital signature is
stored in the address book)?

In other words: Can I trust a digitally signed email in this sense or not?

A couldn't find an answer to this on the net. Hope you know more. Thank you
very much.

Regards,
Rainer
 
If a
virus can send emails _using_ Outlook, why should it not be able to
sign these emails (or even encrypt them if the recipient's digital
signature is stored in the address book)?
Click to expand...


Because it doesn't know the passphrase for the likes of PGP?



Regards,

Ian
 
If a virus can send emails _using_ Outlook, why should it not be able to
Because it doesn't know the passphrase for the likes of PGP?
Click to expand...
And if I do not use PGP but a certificate by Verisign or another autority?
At no point I had to enter a passphrase. I just had to import the
certificate, and now signing my email is just a matter of checking a box -
something a virus could do as well.

Or am I fundamentally wrong about something?

Rainer
 
Rainer said:
Hello there,

it is often said that digital signatures enhance email security, i.e.
that when you get a digitally signed email from somebody you know, you
can be sure that it was sent by this person and is therefore (normally)
virus- free.

Is this really true in times where email viruses are able to send
themselves automatically to all entries in the Outlook address book? If
a virus can send emails _using_ Outlook, why should it not be able to
sign these emails (or even encrypt them if the recipient's digital
signature is stored in the address book)?

In other words: Can I trust a digitally signed email in this sense or not?
Click to expand...

no, you cannot...

consider the following:

a) the email worm could put a fake signature on an email - most people
don't actually bother checking to see if signatures are valid so the
presence or absense of a signature won't mean much of anything...
b) the email worm coult attach itself to emails you're actually trying
to send and legitimately sign with your key...
c) the recipient might think you simply forgot if there's no signature...
d) the worm could send itself in a message saying the email isn't
signed with the old key because the key expired or became compromised,
etc...

digital signatures don't offer the kind of protection some folks think
they do, especially when you rely on people (who are not necessarily
knowledgable and/or are lazy) to verify the signature is valid...
 
It depends on how you set up your email client and how the virus works. For
example if the virus used your address book but its own email engine then it
wouldn't be signed. If you set up your email client to automatically sign
outgoing messages and the virus programmatically uses your email client to
send messages then they will probably be signed. If you set up your email
client in which you still manually sign your email then the virus would have
to programmatically use your mail client and programmatically apply the
signing function of the client for the messages to be signed.
 
Digitally signing and encrypting email has nothing to do with security in respects to
viruses. Either or both can have infected attachments. Signing email is used for
repudiation and encryption is used for privacy. One must still use AV software in an
environment where digitally signing and encrypting email or receiving them is the norm.

Dave

| >> If a virus can send emails _using_ Outlook, why should it not be able to
| >> sign these emails (or even encrypt them if the recipient's digital
| >> signature is stored in the address book)?
| >
| >
| > Because it doesn't know the passphrase for the likes of PGP?
| >
| And if I do not use PGP but a certificate by Verisign or another autority?
| At no point I had to enter a passphrase. I just had to import the
| certificate, and now signing my email is just a matter of checking a box -
| something a virus could do as well.
|
| Or am I fundamentally wrong about something?
|
| Rainer
 
David H. Lipman wrote:

i was with you until you said:
Signing email is used for
repudiation and encryption is used for privacy.
Click to expand...

repudiation? i think you mean authentication - and the concept you're
interested in with authenticated data is non-repudiation (can't sign
something and then say it isn't your signature)...

unless you really did mean repudiation, in which case i don't agree...
while the presence of your signature can prove something came from you,
the absense of it can not prove the converse...

agree with everything else, though...
 
Kurt:

To be honest I get confused on the "repudiation" term. I received a specialized version of
a Smart Card and have installed ActiveCard Gold on all our office computers in preparation
to use the specialized Smart Cards, a Schlumberger USB (or PCMCIA) reader and Outlook 2000
for what was a Oct'03 requirement. Luckily that requirement was *just* pushed back to
2cndQtr'04 !

My "company" has presently issued ~1.2 million of these specialized Smart Cards to-date.

Excuse my if I "screwed up" the repudiation terminology. In this instance, I am still on
the learning curve. One of the hurdles I recently overcame was distributing Security
Certificates in *.CER (Base 64, x.509) format via our NT Login Script using the MS
cryptographic tool CERTMGR.EXE.

Dave

| David H. Lipman wrote:
|
| i was with you until you said:
|
| > Signing email is used for
| > repudiation and encryption is used for privacy.
|
| repudiation? i think you mean authentication - and the concept you're
| interested in with authenticated data is non-repudiation (can't sign
| something and then say it isn't your signature)...
|
| unless you really did mean repudiation, in which case i don't agree...
| while the presence of your signature can prove something came from you,
| the absense of it can not prove the converse...
|
| agree with everything else, though...
|
| --
| "hungry people don't stay hungry for long
| they get hope from fire and smoke as the weak grow strong
| hungry people don't stay hungry for long
| they get hope from fire and smoke as they reach for the dawn"
|
 
Back
Top