E-mail has been around in various forms for decades, but the underlying technology used to send it is almost as old -- and that’s a big problem, according to engineers who develop e-mail protocols. So, representatives of the world's biggest e-mail service providers have united to improve the security of e-mail traffic.
SMTP Strict Transport Security (SMTP STS) is a new mechanism that lets those providers define policies for establishing encrypted e-mail communications. The new standard was developed by engineers from Google, Microsoft, Yahoo, Comcast, LinkedIn and 1&1 Mail & Media Development & Technology.
The proposed protocol was submitted to the Internet Engineering Task Force late last week. The task force is a large open international community of network designers, operators, vendors, and researchers "concerned with the evolution of the Internet architecture and the smooth operation of the Internet."
How It Works
SMTP STS would protect users against attackers trying to intercept or modify e-mail in transit either by impersonating the destination server or by breaking through the Secure Sockets Layer (SSL), the standard security technology for establishing an encrypted link between a Web server and a browser.
The engineers said that when an e-mail is sent to a domain that supports SMTP STS, the program will automatically ensure that the destination supports encryption and has a valid certificate before sending, helping the sender ensure that the message is going to the correct server. If the recipient domain isn’t valid, the e-mail won't be delivered and the sender would be told why. The overall idea is to make certain that e-mail communication is properly secured by enforcing rules that have been around for years on the Web, but usually not in e-mail.
Kelley Mak, an analyst with Forrester Research Inc., told us the proposed protocol was a great improvement, especially coming from such a team of large enterprise and consumer technology companies.
"Encryption is necessary, and encryption needs to also be seamless and easy to use," said Mak. "If it's a change that can happen outside of user interaction, then adoption will be big and immediate. If it takes setting up, adoption will most likely take a bit of time."
SMTP STS would take over from SMTP STARTTLS, which was created to fix the flaws in its predecessor, Simple Mail Transfer Protocol (SMTP). That standard, which is still widely used in plain text e-mails, is mostly unencrypted. The SMTP STARTTLS extension was added in 2002 as a way to include TLS (Transport Layer Security) with SMTP connections, but the extension wasn’t widely adopted until recently.
Unlike HTTPS (HTTP Secure), however, STARTTLS doesn’t validate the digital certificates presented by e-mail servers, meaning that STARTTLS connections are vulnerable to attacks in which a hacker can send the e-mail sender any security certificate, even a bogus one, and it will be accepted, leading the way for the traffic to be decrypted. STARTTLS connections are also susceptible to having encryption removed entirely via so-called encryption downgrade attacks.
SMTP STS proposes to give e-mail providers the means to inform clients that TLS is available, with instructions on how to validate the certificate and what to do if a TLS connection can’t be safely negotiated.
According to data from Google, 83 percent of e-mail messages sent by Gmail users to other e-mail providers from around the world are encrypted, but only 69 percent of incoming e-mails from other providers are encrypted.