If you’re reading this, I’m going to go out on a limb and assume you’re familiar with the internet. You know it can get pretty darn harry out there. Any information you put out there can be taken from your control at any time. You don’t have to be a bad guy to want to keep you information private. Whatever your reasons, your interest in keeping your data to yourself may be a factor inhibiting you from moving to Exchange Online. In this article I am going to explain the different type of encryption you can use in Exchange Online, and how best to employ each of them.
Before I start on the specifics of encryption in Exchange Online, we need to talk a bit about encryption itself. Encryption is the process of obscuring information in such a way that only the intended recipient can understand it. Encryption does nothing to prevent unauthorized parties from intercepting your messages, but it is intended to make those messages unintelligible to any unauthorized parties who intercept your messages.
There are lots of different ways to encrypt a message, so let’s start by introducing the simplest form of encryption. Say I want to send you the very sensitive information (for a sixth grader) that “Jimmy likes Kim”, but I want to make sure the teacher does not embarrass any of us by reading this message aloud in class. I know that if I write a note with this message on it, there is a good chance that the teacher is going to intercept that message before it gets to you. I need to make sure that if our teacher does intercept this message she cannot understand it, but the person I am sending it to can understand it.
A sixth grader doing this might use the “Julius Caesar” cypher to encrypt that message. This simple cypher just shifts each letter by a specific number, so we’ll use a shift of 3. So to encrypt the first letter, “j”, I shift it 3 places in the alphabet and it becomes “m”. Doing this with the rest of the message “jimmy likes kim” becomes “mlppb olnhv nlp”.
This type of cypher has a bit of a downside in that it is way too easy to decrypt. I would expect that the fictional teacher in this example would easily decode this message.
There is another problem with this cypher too. How do you and your class mate both know the rules of this cypher? In this example you probably meet at recess and talked them out. “We’ll add 3 to each letter in our message”. If your cypher is more complex though, you probably have to right down these “rules”. Also, the more you use these same “rules” the easier it is going to be for your teacher to figure out what your rules are, and thus be able to read any future messages she intercepts. Maybe you decide on the first day of the month you’ll do +1 to each letter, and on the second day you’ll do +2. You can imagine ways to make this cypher more and more complex, but if there is a pattern to it someone who intercepts your encrypted traffic is going to be able to figure out what your pattern is.
This is the same problem that everyone throughout history has had with encryption. One of the main reasons the Germans lost WWII was because they tried to solve this problem with a machine called “The Enigma Machine”. This machine was a really complex mechanical way of trying to create new “encryption rules” (or a cypher) every day. The idea was that if I had an Enigma machine and you had an Enigma machine we could come up with a difference set of really complex cypher rules every day, but no one else could guess what are rules were going to be. Turns out that an Englishman named Allan Turing was able to figure out how this Enigma machine worked, and the allies were able to understand all the German’s communications for much of the war.
The only way to have a 100% unbreakable cypher is to use a “One-time pad”. A one-time pad is a truly random set of rules for how to encrypt your message. Let’s go back to our example of wanting to encrypt the word “Jimmy”. Instead of switching every letter in our message +3, we’ll switch each letter by a random amount. We’ll say our one-time pad is the 5 random numbers 16 5 9 23 and 2. When we encrypt “jimmy” using that one time pad, it translates to “znvja”.
That, my friends, is a 100% unbreakable cypher. If you sent your friend the message “znvja” I promise that no one would ever be able to figure out you mean “jimmy” unless they have that one-time pad.
So if one-time pads are so good, why doesn’t everyone just use them for all encryption? Well there are three reasons. First, go ahead any try it. Pick a 5 letter word, then right down 5 random numbers. Use your 5 random numbers to encrypt your 5 letter word, I’ll wait for you to get done…
OK, how long did it take you? Long time, right? That was just for one short word. Imagine if you had to do that with this entire article. To this point in this article there are more than five thousand letters including spaces. That means it would take you about a thousand times longer to encrypt this article to this point that it did to encrypt a five letter word. Secure encryption is very hard work, even for computers.
The second problem with a one-time pad is both ends, the sending and receiving, have to have the same set of truly random numbers. That is fine if the two people see each other every day, but if you see each other every day why do you need to encrypt messages to send to each other? Just go someplace private and tell each other what you have to tell each other. Encryption is needed when you don’t see each other all the time and you need to send messages to each other over a transmission method where other people can overhear what you are saying (like the internet, or radio). Maybe you could make up a really big one-time pad when your together then each take a copy of it while you are apart. That is good for as long as the one-time pad lasts, but what happens if you are not back together before it runs out?
That leads us to the third problem with the one-time pad. Since I have typed “one-time pad” a bunch of times by now, you may have guessed the problem; you can only use it once. If you try to use the same one-time pad for a different message, then the people who are trying to read your messages are going to be able to figure out your code. There is a long mathematically explanation for this, but you’re just going to have to trust me. If I use the same one-time pad I used above to encrypt the word “sales”, then I use it again to encrypt the word “patch” there is going to be a pattern for smart people to figure out.
By this point, you are probably saying “Well then how does my browser work when I go to an encrypted website? Did my computer somehow trade a one-time pad with the server?” The answer to that is both yes and no.
Here is where we switch to some encryption jargon. The one-time pad we have been talking about is now going to be called a “synchronous encryption key”. That means that we use the same “rules” to encrypt and decrypt our message. So if a one-time pad is a “synchronous encryption key”, the opposite would be an “asynchronous encryption key”. What is an “asynchronous encryption key” you ask?
In the 70s some really smart guys figured out a neat trick you can do with math. What they figured out that if you take two really big prime numbers and multiply them together, it is really hard to factor that product back into the original numbers. I’ll show you with small numbers.
5 and 7 are both prime numbers (that means that they are only divisible by 1 and themselves). If I multiply 5 and 7 I get 35. Anyone can multiple 5 and 7 and get 35, that is easy. What is really hard though is to take 35 and figure out what two prime numbers I multiplied together to get it. OK, it’s really not that hard with 35. You’re going to have to trust me that this works with really big prime numbers.
Anyway, the math trick that these guys figured out allows us to use “asynchronous encryption”. I’m not smart enough to explain the details of how it works, but if I use my product of those two really big prime numbers (35) in this special formula to encrypt a message it turns out that the only way to decrypt that message is if I already know those two really big prime numbers (5 and 7). This means that I can have a “public key” that I openly publish where anyone can access it. If someone would like to have an encrypted communication with me, they can use this public key to send me an encrypted message.
So now what? How do I reply to that message? Unless the person who sent me that message also has a public key published that I can use to encrypt a message to them, then this looks like it is only going to be a one way conversation, right? Remember earlier when we were talking about the problem of how do I get a new one-time pad to someone who is not standing right next to me? This public key encryption turns out to be a great solution.
This is how SSL communication works on the internet.
- I setup and publish a “public key” that anyone can use to encrypt a message to send to me.
- When you want to have an encrypted conversation with me, you use this public key to encrypt a version of a one-time pad and you send that to me.
- Now we both have a secure one-time pad we can use to keep our conversation private.
In reality the whole process is a bit more complicated than that, but that servers as a good biases.
In the next article, we’ll start getting into the specific of how the different types of encryption available in Exchange Online work, and how you can put them to your best advantage.