Reverse engineering

Email encryption: Mailvelope

Warlock
September 13, 2013 by
Warlock

Between constant password breaches and the NSA looking in on everything you do, you've probably got privacy on the mind lately. If you're looking for a little personal privacy in your communications with friends and loved ones, or you just want to trust that the documents you email to your accountant or client aren't being intercepted and read, you'll need to encrypt those messages. Most email is sent as plain text. This means that anyone can intercept email messages. To rescue ourselves from man in middle attack we must have to use email encryption. Mailvelope is a browser extension that allows exchanging encrypted emails following the OpenPGP encryption standard.

Become a certified reverse engineer!

Become a certified reverse engineer!

Get live, hands-on malware analysis training from anywhere, and become a Certified Reverse Engineering Analyst.

Email encryption

Email encryption refers to encryption of email messages, to protect the content from being read by any unauthorized recipients. By using Email encryption we can keep our data safe when we send our documents. By the use of email encryption technique any unauthorized person is unable to understand the content of our mail. Email encryption can rely on public-key cryptography, in which users can each publish a public key that others can use to encrypt messages to them, while keeping secret a private key they can use to decrypt such messages or to digitally encrypt and sign messages they send.

Mechanism of email encryption

Encrypted email is a way of keeping the content of your email safe from eavesdropping as it bounces around the internet. The most common type of encryption is OpenPGP (PGP is "Pretty Good Privacy"). It was created by Phil Zimmerman in 1991. We can perform hard drive encryption, file system encryption as well as attachment encryption. It's basically based on Public Key cryptography which contains a public key and a private key.

Pretty Good Privacy is a popular program used to encrypt and decrypt e-mail over the Internet. It can also be used to send an encrypted digital signature that lets the receiver verify the sender's identity and know that the message was not changed en route.

Alice has two keys one is public and other is private. Basically public key is used for encryption purpose and private key is used for decryption purpose. Alice sends her public key to everyone who sends messages to her. And our user Bob also has a public key and private key. If Bob wants to send a message to Alice. Alice must share her public key with Bob so when the message comes to Bob, he will decrypt the message by using her private key and vice versa this is the main mechanism of PKC (Public key cryptography).

Why we use Email encryption

There are couple of reasons:

  • Many countries spy on telecommunication and web communications in order to find suspicious activity. No one can say no as we have already many informers who have leaked the government's secret data in which government policies are clearly visible to everyone.
  • There are some strange IT laws in some countries. For example: one country has an IT law that, if there are any emails lying in our account more than 1000 days then they have a direct ability to check that email to find something juicy. No need follow standard procedures or pass legal documents to see email. So many techies keep their whole backup in their Gmail so it will be unfair to them to be spied on.
  • Most email is sent as plain text. This means that anyone who can intercept email messages by using the "Man in the Middle" attack. No matter what age we are this attack will be there forever. You will never know how a person is sitting between you and you endpoint reading all your emails.

Mailvelope

Mailvelope is a browser extension that allows exchanging encrypted emails following the OpenPGP encryption standard. Mailvelope is available for Google Chrome and research is in process for Firefox.

Mailvelope uses public-key cryptography which means a key is split up in two parts: public and private keys with different purposes:

  • Public key: used to encrypt a message. Can and should be available to everybody.
  • Private Key: used to decrypt a message. Needs to be stored securely. Access is restricted by password.
  • Go to the Chrome web store and search for Mailvelope. Click on "Add to Chrome" and install it.

    After installation you will see the locker icon on the right side of the address bar which leads to Mailvelope's main menu.

    Now click on options. Key ring is basically the keys that you have shared with your partners. Click on generate case, enter the details and press the submit button. There are various algorithms and key sizes you can choose according to your preference.

    Now the same configuration is needed at the other end. When the configuration is completed at both the ends we have to share our public key, to do this click on export. Then display public key, copy the entire key or just click on copy to clipboard.

    Send this key to your partner. No matter if it's intercepted by someone, they will just see this kind of garbage values (as seen below) and they are not able intercept your email because they will never know which pass key and algorithm you used for encryption.

    When having to import a public key for your partner. You need to copy the key and click on options, then click on import keys. Paste it into the box and then press submit button, after the successful submission of the public key you will see the success message.

    After the configuration at both the ends, we are now able to send the encrypted email. Just open you email, enter the mail id of your partner, and enter the subject and…

    As we enter some text on the body of the mail we will see an icon on the right side of the mail body. Just click on that icon and now we are at the stage where we are able to enter our encrypted mail body.

    After drafting the mail, click on lock icon, displaying on the right hand side and it will ask where you want to send the encrypted email, select the person where you want to send encrypted email then click on add button, and click ok.

    Click on transfer and you will see that our small message will become large after the RSA encryption and it is impossible to read without the proper knowledge of key size and encryption algorithm. Click on transfer and send the mail to your partner.

    On the other end the receiver of the mail gets an encrypted mail, as shown below.

    For the decryption of the message we have just have to click as we put the key over the lock. It will ask for the password that we added during the configuration for the decryption of the message.

    By clicking ok, the message will be decrypted and we get our message on plain text.

    Benefits

    • Easy to Use

    • Ensures only authorized recipients can access secure emails.

    Limitations

    Become a certified reverse engineer!

    Become a certified reverse engineer!

    Get live, hands-on malware analysis training from anywhere, and become a Certified Reverse Engineering Analyst.
    • Mailvelope currently does not support signing of messages.

    References

    Warlock
    Warlock

    Warlock works as a Information Security Professional. He has quite a few global certifications to his name such as CEH, CHFI, OSCP and ISO 27001 Lead Implementer. He has experience in penetration testing, social engineering, password cracking and malware obfuscation. He is also involved with various organizations to help them in strengthening the security of their applications and infrastructure.