Tales from the crypt

Wherever you stand on the matter of Hillary Clinton and her email server, if you have any technological instinct, you might have been wondering about the lack of encryption on the emails. Why weren’t they encrypted? Let’s see if I can answer that question.

Let me take you back in time to the wonderful world of 1990’s banking and legal services. My firm had several contracts to deliver services electronically (via email) for banks, building societies, insurance companies, debt recovery agencies, and similar big businesses. Not once was the commencement of the work delayed because of the need to set up encryption. Why? Because encryption wasn’t wanted. Nobody on the client side wanted to use it, and since it would have made things that much more difficult for us, we never suggested it. (Probably we should have.)

There were two occasions when somebody at one of the banks (the same bank in each case) asked the question about using encryption. When we replied that we had never been asked, the response was that the bank had to use encryption. (Wrong, but not worth arguing over.) And so, on these two occasions, we put in place systems to encrypt email. And, from memory, one episode of encryption lasted about a month. The second lasted about a week. In both cases the bank asked us to stop using encryption. Why? Because it was too hard to use; it was fiddly, time consuming, and didn’t seem worth the effort.

I don’t know what the modern situation is, but based on Hillary’s email server episode, and the following from the Register, not much has changed:

E-mail crypto is as usable as it ever was, say boffins

Ask friends to use PGP. They’ll love you for it

And the detail:

The main reason the world is able to read and enjoy the contents of Hillary Clinton’s emails is that crypto tools aren’t any better than back when Phil Zimmerman created PGP, the crypto system even he can’t use.

That’s the conclusion of this study into e-mail crypto usability, a follow-up to a study which reached the same conclusion 15 years back.

The study, which hit Arxiv at the end of last week, was conducted by a group of Bringham Young University researchers led by Scott Routi.

Checking over the Mailvelope PGP browser extension and which carries EFF endorsement. For the study, the researchers got ten pairs of participants to try to install and use Mailvelope.

They may as well have not bothered: even getting started with crypto defeated nearly everybody:

  • In two pairs out of ten, the person supposed to initiate contact never managed to actually use the software to send a message;
  • In another two pairs, the recipient couldn’t work out that they needed to install Mailvelope to read a message;
  • One pair managed to get as far as trying to share their public keys, but didn’t really know what to do with them.
  • Just one pair, of which one member already knew about public key crypto, actually managed to install Mailvelope, trade their PGP keys, and communicate.

There’s also the question of what to do if a sender wants to encrypt, but is sending to a receiver that isn’t ready or knowledgeable.

In such a case, the study suggests, some kind of integrated tutorial and automatic Mailvelope invites for new recipients might mean a message doesn’t just get dropped in the junk folder.

In short, encryption is still too hard to use. Sounds like an opportunity for somebody. I wonder why Google or Microsoft haven’t got something that can do the job, effortlessly.