May 12, 2005 - Certified e-mail, digital signature, public key cryptography, certificate, .... 'advanced electronic signature' means: âan electronic signature which ...
IADIS International Conference on WWW/Internet 2005
A CERTIFIED EMAIL SYSTEM FOR THE PUBLIC ADMINISTRATION IN ITALY Francesco Gennai, Loredana Martusciello ISTI-CNR Via Moruzzi 1, I-56124 Pisa, Italy
Marina Buzzi IIT-CNR Via Moruzzi, 1, 56124 Pisa, Italy
ABSTRACT The growth of Internet services poses problems of security assurance such as providing trustiness of on-line transactions, guaranteeing user privacy, and furnishing message confidentiality. This paper describes issues related to sending documents via “certified email”, as required by Italian law. Issues of cryptography and digital signature are introduced followed by a brief description of the certified email system we developed, which successfully passed the interoperability and technical test carried out by the National Center for Informatics in the Public Administration of Italy1. KEYWORDS
Certified e-mail, digital signature, public key cryptography, certificate, Certification Authority.
1. INTRODUCTION The Internet is an insecure communication network. Sending messages via SMTP (Simple Mail Transfer Protocol) and its extensions (ESMTP) favors simplicity of client-server interactions but does not take care of the connection security and also does not guarantee the message delivery on the destination server. Furthermore error messages may specify a large set of events such as temporary or permanent faults (user unknown, domain unknown disk quota exceeded, etc.) and are very difficult to understand for unskilled users. On other hand the need for “guarantees” in data security has increased over time due to the rapid development of our Information Society and the availability of on-line services offered, for example, by ecommerce websites, health-care organizations, banks and Public Administration. Cryptography and digital signature technologies may furnish guarantees for the transmission of a message in the network. Digital signature can be associated with Internet messages in order to guarantee sender authentication, message integrity and non-repudiation of origin. Cryptography assures message confidentiality. These technologies are usually applied at the user level, i.e. between sender and receiver (end-to-end), but server-to-server application or, in specific contexts, hybrid applications, are also available. The application of digital signature and message ciphering by the users (end-to-end level) offers the maximum benefits: message integrity from sender to receiver and confidentiality (i. e. the encrypted message may be transferred over insecure channels and stored in the receiver mail server and its content, if accessed, cannot be interpreted). Furthermore, another advantage is sender authentication and no repudiation of origin, i.e. the message sender cannot deny having performed this action.
1
CNIPA, Centro Nazionale per l’Informatica nella Pubblica Amministrazione
143
ISBN: 972-8924-02-X © 2005 IADIS
The use of end-to-end cryptography associated with the message notification mechanisms available today on the Internet2 offers great benefits, but implies an extensive penetration of technology in the society, since every user would have a couple of asymmetric keys and the certificate associated with its public key signed by a CA enabled by law, and requires a high degree of user learning and technical knowledge (care of private key, awareness of risks deriving from incorrect uses). For masking a user from the complexity of cryptographic applications and its legal implications, cryptography may also be applied server-to-server. The use of server-to-server digital signature and message ciphering reduces the above-mentioned advantages since the protection does not cover the whole transmission. However its application is simpler and does not require user skill, so it is immediately applicable to a large number of users.
2. CERTIFIED ELECTRONIC MAIL The CNIPA (Centro Nazionale per l’Informatica nella Pubblica Amministrazione) is the national council for Informatics in the Public Administration. It acts under the Presidency of Council of Ministers (Presidenza del Consiglio dei Ministri) for implementing the policy of the Italian Ministry for the Innovation and Technologies (http://www.innovazione.gov.it/). On January 28, 2005 the outline of a Decree of the President of Republic containing the regulations concerning guidelines for utilizing the certified electronic mail, was approved by the Council of Ministers and, at the moment, the technical rules are under construction. The CNIPA defines certified electronic mail as: “a service based on electronic mail, as defined by the SMTP standard and its extensions, which permits the transmission of documents produced with informatics tools under the constraint of section 14 of DPR3, 28 December 2000, n.445.” For a discussion on legal value and the application field of certified electronic mail4 see (Interlex 2005). Practically speaking, certified electronic mail is equivalent to the traditional surface mail service of Registered Mail. In this scenario, certified email assures message delivery (delivery receipt) but it does not guarantee that the message is actually read by the receiver. The domain of certified mail is restricted to the mailboxes of Certified Email (CEM) users. As with surface mail service, there are three CEM actors: the sender, the receiver and the provider of the service. Scenarios involve transactions between users of two Certified Email Domains, or one Certified Email Domains and one traditional email domain. The Certified Email Providers manage one or more Certified Mail Domains with their own Access, Reception, and Delivery Points. The provider holds the private keys used for digitally signing receipts and messages. The access point, i.e. the CEM server of the sender, verifies the user’s identity and performs the formal checks on the input message. The server then prepares and sends a receipt (acceptance) to the sender, and builds the transport message, as shown in Figure 1. In particular, it adds the certification data in XML format, applies its digital signature5, and prepares the envelope for message routing. The certification data is a set of information describing the original message including: • date/time of message sending; • sender; • receiver; • message subject; • message identifier.
2
Specifically, the Delivery Status Notification is produced by a server both when a message is (successfully or unsuccessfully) delivered and the Message Disposition Notification used to report the disposition of a message after it has been successfully delivered to a recipient (Hansen 2004) 3 Decree by the President of the Republic 4 In Italian the acronym is PEC: Posta Elettronica Certificata 5 Specifically the server generates its Advanced Electronic Signature. Conforming to article 2 of the European Directive 1999/93/EU, ‘advanced electronic signature’ means: “an electronic signature which meets the following requirements: (a) it is uniquely linked to the signatory; (b) it is capable of identifying the signatory; (c) it is created using means that the signatory can maintain under his sole control; and (d) it is linked to the data to which it relates in such a manner that any subsequent change of the data is detectable;”
144
IADIS International Conference on WWW/Internet 2005
Figure 1. Transformation of the original message (left side) into transport message (right side)
The reception point, i.e. the CEM server of the receiver, controls the correctness of the input message (transport message), verifies the digital signature and creates and sends a receipt of “take in charge” or a message of transport anomaly. Both the servers must verify whether the message contains a virus, and if so, block its transmission, immediately notifying the sender of this event (error notification). Last, the delivery point verifies the transport message and generates a receipt of delivery or a receipt of delivery error. From a technical point of view, CEM messages are built in Secure MIME (S/MIME) format, as specified by RFC 3851 (Ramsdell 2004). Message types are: • Receipts, produced by a server for the following events regarding the message: o Acceptance; o Delivery; o Delivery error; o Take in charge (i.e. the server assumes the responsibility for message delivery); • Transport message; • Anomaly of transport message; The server administrator keeps track of any operation carried out in a specific message log file. The service provider must store these data and preserve them for 30 months, as required by law. Data of service providers enabled to perform the certified email service are collected in a list of “certified email providers” kept by CNIPA. The exchange of certificates containing public keys is done via LDAP server o LDIF file (downloaded via HTTPS). Digital signature verification occurs without the verification of the certification chain: in this way every provider can operate with certificates issued by a non-trusted Certification Authority. “The guarantee of trustiness is delegated to the certified email providers, included in a list kept by the CNIPA (which will verify the objective and subjective requirements, for example their ability and technico-organizational experience, the knowledge of procedures and methods for managing security, and the ISO9000 certification of the process), who will guarantee successful delivery" (Interlex, 2005). The law requires that a certified email provider must have a minimum capital not less than one million Euros, causing great discontent among SMEs (Small Medium Enterprises), which are practically excluded from the possibility of performing this service.
3. AN APPLICATION We designed and developed a CEM system (PMDF-CEM) in the OpenVMS (v. 7.3-2) environment, using a PMDF mail server (http://www.process.com/). The system scheme is presented in Figure 2. The PMDF-CEM is organized in Modules, and each one is dedicated to implementing one of the fundamental functions defined by the CEM guidelines (see RUPA 2004). The system, implemented as a PMDF mail server add-on has been developed in C language and utilizes heavily the OpenSSL libraries (The OpenSSL project, http://www.openssl.org/). System components carry out following tasks and actions:
145
ISBN: 972-8924-02-X © 2005 IADIS
•
CEM-ACCEPT Module carries out all functions related to the access point (checks for revealing virus presence, creates acceptance receipt or error notification, applies digital signature, generates transport message). • CEM-RECEIVE Module carries out all functions related to the reception point (checks for viruses, verifies digital signature, generates take in charge receipt or transport anomaly message). • CEM-DELIVERY carries out all functions related to the delivery point (delivery of message to mailbox of receiver and generation of delivery receipt or delivery message error). • CEM-MANAGER Module maintains the certificate database of CEM Providers (access to LDAP server), controls system operability. As required, every Module performs a detailed registration of events/actions in a log file.
Figure 2. Logical schema of the CEM system
Our system successfully passed the interoperability and functioning test performed by CNIPA, conforming to the draft of the technical rules defined in (RUPA 2004). Of course we are now awaiting the technical rules provided by law for adapting the system to any new changes (a draft has been published by CNIPA on May 12 2005).
4. RELATED WORK As discussed above, the application of server-to-server cryptography with respect to user-to-user mechanisms reduces guarantees for users since the protection does not cover the entire transmission. However, in Italy numerous companies such as Microsoft Italia (http://www.microsoft.com/italy/pa/soluzioni/coop/posta_elettronica.mspx) and Sun Microsystems (http://it.sun.com/solutions/government/posta_elettronica/index.html) have already developed modules for integration of the certified email in their e-mail systems. Another approach to simplifying user interaction and reducing the cost of bulk cryptographic operations6 is to provide cryptography as a network service (Berson 2001). Authors designed and built a centralized "cryptoserver" equipped with HW cryptographic accelerators for providing public key operations to clients via their internal network. This system allows clients to benefit from hardware speedups while reducing CPU load as well as the cost of a single cryptographic operation, because the cost of the accelerator is spread out over a large number of clients. Note that this approach implies that the client must trust the “cryptoserver” with knowledge of his private key. This delegation mechanism practically simplifies the design of the userserver interaction, although it poses a security risk of private key storage and protection. In this case, assuming that the communication between the client and server is secure, the cryptographic operations have the same degree of trustworthiness as performing the computation locally. 6
Public key operations are computationally expensive
146
IADIS International Conference on WWW/Internet 2005
5. CONCLUSION In this paper we describe Italian legislation concerning the security of message services for public administrations, which specifies requirements, modalities and rules for the application of server-to-server cryptography technique. The use of server-to-server digital signature and message ciphering reduces the advantages of using an end-to-end mechanism since the protection does not cover the whole transmission. However this kind of approach it is very simple to apply for services directed toward a large audience, such as that offered by Public Administrations and Health Departments, since it does not require user skill. Based on the draft of technical rules for certified email systems (defined by the National Council for Informatics in the Public Administration) we designed and implemented a certified email system, which successfully passed the interoperability and functioning test. The system architecture and the functions of its components are briefly described. In a (hopefully near) future, when all citizens have their own certificates, and are knowledgeable and aware of risks when accessing on-line services, the legislation will need to adapt to this new scenario as well as to any European Union Directive concerning this area.
REFERENCES Berson, T. et al, 2001. Cryptography as a network service. Proceedings of Eighth Annual Network and distributed System Security Symposium. San Diego, USA. http://www.isoc.org/isoc/conferences/ndss/01/2001/INDEX.HTM CNIPA, 2005. L'e-mail e la posta elettronica certificata. http://www.cnipa.gov.it/site/itIT/In_primo_piano/Posta_Elettronica_Certificata__(PEC)/ T. Hansen, 2004. RFC 3888: Message Tracking Model and Requirements. September 2004 Interlex, 2005. Schema di decreto del Presidente della Repubblica recante regolamento concernente disposizioni per l’utilizzo della posta elettronica certificata, approvato dal Consiglio dei Ministri del 28 gennaio 2005 http://www.interlex.it/testi/dprposta.htm B. Ramsdell, 2004. RFC 3851: Secure/Multipurpose Internet Mail Extensions (S/MIME) Version 3.1 - Message Specification, July 2004 RUPA, 2004. Linee guida del servizio di trasmissione di documenti informatici mediante posta elettronica certificata. http://www.ct.rupa.it/allegati/rupa/Posta-Certificata---Linee-guida.pdf, and Allegato tecnico alle linee guida del servizio di trasmissione di documenti informatici mediante posta elettronica certificata. http://www.ct.rupa.it/allegati/rupa/Posta-Certificata---Allegato-Tecnico.pdf
147