How does CSE EXACTLY work ?

[Guest]

[Endymion]

As you are specifically restricting your focus on the decryption without CSE, did you at least confirm that  key generation is carried locally and that if both users use CSE both encryption, decryption are carried locally too?

In these Two scenario's, was the Email simply signed with Comodo's own PUBLIC KEY?..
(And then Decrypted with Comodo's own PRIVATE KEY when 'B' goes to view it Online with Comodo's Web Reader?)

Note:

Where I say, "Comodo's own * KEY", I am NOT referring to the Key's in the Digital Certificate that the User gets Free with CSE!

I am referring to Comodo's OWN key!

J2045 are you seriously implying that there is a Comodo master key?

Because of course this would be worse than asking you if you are NOT legitimately interested to understand how CSE works but only to discourage its use (at least).

Does your anonymity guarantee over you conjectures more than the replies form Comodo staff and CEO?

Because despite you are asking Comodo while neglecting existing replies, everybody else should acknowledge that your implied concerns may be totally unwarranted and not being swayed by them.

[J2897]

J2045 are you seriously implying that there is a Comodo master key?

 

I'm implying nothing... I was simply asking if it was ENCRYPTED with Comodo's PUBLIC KEY.

If the PUBLIC KEY is to ENCRYPT THE MESSAGE, and the PRIVATE KEY is to DECRYPT THE MESSAGE, then in those Two scenarios, it would make perfect sense if the MESSAGE was ENCRYPTED with Comodo's PUBLIC KEY. (If I'm understanding correctly of course!)

Again, I am referring to Comodo's OWN key, NOT the Key's in the Digital Certificate that the User gets Free with CSE!

[Endymion]

I'm implying nothing... I was simply asking if it was ENCRYPTED with Comodo's PUBLIC KEY.

If the PUBLIC KEY is to ENCRYPT THE MESSAGE, and the PRIVATE KEY is to DECRYPT THE MESSAGE, then in those Two scenarios, it would make perfect sense if the MESSAGE was ENCRYPTED with Comodo's PUBLIC KEY. (If I'm understanding correctly of course!)

Again, I am referring to Comodo's OWN key, NOT the Key's in the Digital Certificate that the User gets Free with CSE!

An why you question implicitly assume that the process rely on a Comodo key and not on enduser key?

Could it be you are still willing to drown this topic with feelings and analogies that advocate fear?

My feeling is that, in all of the scenarios, Comodo 'could' Decrypt the Email if they had access to it (even if it was Password Protected).

Analogy:

If a Lock Smith produces a Key (Private Key), they 'could' keep a Copy of that Key.  

You know the above quoted feeling and analogy was actually a reply to Comodo CEO post:

Comodo does not read, cannot read your emails when you are using digital certificates. You own the your private key in your PC, Comodo has no access to it.

Melih

Where it was explicitly stated DO NOT and CANNOT.

Again I ask:
As you are specifically restricting your focus on the decryption without CSE, did you at least confirm that CSE key generation is carried locally and that if both users use CSE both encryption, decryption are carried locally too?

[J2897]

An why you question implicitly assume that the process rely on a Comodo key and not on enduser key?

Because...

If the PUBLIC KEY is to ENCRYPT THE MESSAGE, and the PRIVATE KEY is to DECRYPT THE MESSAGE, then in those Two scenarios, it would make perfect sense if the MESSAGE was ENCRYPTED with Comodo's PUBLIC KEY. (If I'm understanding correctly of course!)

... As Comodo's PRIVATE KEY would then be needed for the DECRYPTION process. (After person 'B' Forwards the Email to Comodo's Web Reader.)

Where it was explicitly stated DO NOT and CANNOT.

If Comodo really wanted to, they 'could'. If you want to break any Encryption, all you need is the Guy's who created the algorithm. (Or just their knowledge of course.)

Though my concerns were that Comodo was keeping a Copy of the Key's, which can be used to Decipher ANY Emails created with CSE, in a Data Base. I was also concerned about who had access to that Data Base and how Secure it was.

But after xiuhcoatl explained that the public key does not permit decryption, my concerns were over/relieved.

So why you choose to ask these ridiculous questions, I have no idea. 

[Endymion]

If Comodo really wanted to, they could. If you want to break any Encryption, all you need is the Guy who created the algorithm.

But what you are implying that the "Guy who created the algorithm" had to do?
Please consistently and thoroughly address this fictional scenario you alone introduced in this topic by means of feeling and analogies.

Though my concerns were that Comodo was keeping a Copy of the Key which can be used to Decipher ANY Emails created with CSE in a Data Base. I was concerned about who had access to that Data Base and how Secure it was.

Is this why you are posting your conjectures about a Comodo key?

Please reread you concerns/feelings/analogies..
Are you you guessing that a Comodo key would be needed and it will be used even when two users have CSE? How so?
Or this is something you are now guessing only for the scenario where the recipient use the online decryption services because s/he is not willing to install CSE? How so?

So why you choose to ask these ridiculous questions, I have no idea. 

If this is the you comment about asking you to reply to some of the conjectures you yourself posted about...

You know, you are the "Guy who created these concerns" in the first place.

You 'could' have asked those questions even if you were not genuinely concerned.
But apparently you were concerned about a Lock Smith keeping a copy of the key, isn't it?

[Endymion]

There must be a better way possible IMHO. In a Two Way conversation, there should only be Two People with access to the Public Key (A & B). Not Three (A, B & C).

Can you please clarify if the "better way possible" was just another guess along with that CSE don't use a supposedly existing "better way possible".

Your HO implied an alternative. What the "better way possible" should be like? (if does actually exist)

[Melih]

I'm implying nothing... I was simply asking if it was ENCRYPTED with Comodo's PUBLIC KEY.

If the PUBLIC KEY is to ENCRYPT THE MESSAGE, and the PRIVATE KEY is to DECRYPT THE MESSAGE, then in those Two scenarios, it would make perfect sense if the MESSAGE was ENCRYPTED with Comodo's PUBLIC KEY. (If I'm understanding correctly of course!)

Again, I am referring to Comodo's OWN key, NOT the Key's in the Digital Certificate that the User gets Free with CSE!

Comodo's key is used to provide Proof of Origination. You can use digital certificates (PKI) for 2 purposes
1)Security
2)proof of origination (digital signing)

When you encrypt it for someone else using their public key, you are using the security aspect of the PKI. You can also encrypt the data using your own Private key! Yep... what that means is everyone can decrypt it.. but the beauty is that everyone will know it came from you, cos only you have access to that private key that encrypted that data. And that is known as digital signing. So a digitally signed message is not about securing it but proving that it came from the author. So Comodo's keys are used in Digital Signing capacity, in that we digitally sign your public key, so that other people will trust your public key. Our key has nothing to do with the encryption of your data per se.

Melih

[xiuhcoatl]

Melih and or Endymion
 Let´s see if I have this straight
the final part in bold is kind of a question

  Alice & Bob both have CSE and have never sent emails to each other before
  Charlie does not have CSE

  One day Alice sends an Email to Bob.  Alice´s CSE checks the CCSs(Comodo Cert Servers) for a public key and finds one for Bob so Alice´s CSE ecrypts the Email to Bob who then uses his private key to decrypt the Email.

  Later when Bob reply's to Alice he has already received a Digital signed Email from Alice and that Digital Signature contains the Public Key of Alice, which Bob´s Computer has saved. So Bob´s computer does not need to check the Comodo servers for a Public key´, since Bob´s computer already has one provided that Alice´s digital Certificate is still valid.

  So Bob´s CSE goes ahead and encrypts the email with Alice´s Public Key without checking the CCS(Comodo Cert Server).

or

Bob´s CSE verifies the public key is valid and and encrypts the email with valid Public Key of alice either from the cert received earlier or the valid one from the CCS(Comodo Cert Server).

Finally Bob Sends another email to Charlie who does not have CSE

Depending on Bob´s Setting in CSE One of two things happen or both or I have this totally wrong?
A) Bob´s CSE Digitally signs & encrypts the message and sends it Charlie with a one time Key to decrypt it?
      1) Charlie can only read the email by Forwarding the Email to Comodo's Web Reader?
      2) How many times or for how long can Charlie use the web reader to read the email?


B) Bob´s CSE only Digitally Signs the message?

[J2897]

That was an awesome post Melih! 

It filled in MANY of the gap's in my lack of understanding.

The only thing I am still confused about is:

- 1) If A doesn't already have B’s digital certificate.

ii)   B can forward the mail to our web reader, and read the mail by supplying a password which A agreed with B in advance, e.g. by telephone or letter. Not as secure as i)
iii)   B can forward the mail to our web reader but does not need to supply a password.  Not as secure as ii)

How was this message Decrypted?

Using the new knowledge from your/Melih's last Post, I can only assume Two possible answers: (Instead of One.)

• Person A Encrypted it using his Private Key, then the Comodo Web Reader Decrypted it using A's Public Key. (Like in the Signing process.)
• It was just simply Encrypted using Comodo's Public Key. (Then simply Decrypted using Comodo's Private Key.)

The latter method seems more Secure; it uses a Private Key instead of a Public Key for the Decryption process.

Is there a Third possible answer? 

Thanks! 

[Endymion]

• It was just simply Encrypted using Comodo's Public Key. (Then simply Decrypted using Comodo's Private Key.)

The latter method seems more Secure; it uses a Private Key instead of a Public Key for the Decryption process.

Coincidentally it also looks like a perfect match for your locksmith analogy and even more for you comment about CSE...

I was going to try CSE a while ago (Months). But what put me off is, I think Comodo would be able to Decrypt my Emails.

As far as I'm aware, it would be almost the same as Two People (A & B) sending Secure Gmail's to each other; accessing their Web Mail Page using https. (Staff at Google would be able to Decrypt my Emails.)

I think this could be the Second main reason why a lot of people simply don't bother Encrypting. If a Company can easily Decrypt your Email, whether it is Comodo, Google, or your ISP who can Decrypt them, then why bother?

Whereas as specifically mentioned the other assumed answer in the following quote would allow everybody to decrypt the email.

Using the new knowledge from your/Melih's last Post, I can only assume Two possible answers: (Instead of One.)

• Person A Encrypted it using his Private Key, then the Comodo Web Reader Decrypted it using A's Public Key. (Like in the Signing process.)

Is there a Third possible answer? 

Likely the possible answer is a patent pending one...

Whereas the patent is likely to apply i, ii and iii

If A doesn’t already have B’s certificate, CSE has a few options for B to read this mail, all determined by A using our patent pending single user certificate system and our server.  A sends the e-mail using this system, setting which options from the list below B can use to read it. 

i)   B must install CSE to read the mail.  This is our recommend method and is fully secure.
ii)   B can forward the mail to our web reader, and read the mail by supplying a password which A agreed with B in advance, e.g. by telephone or letter. Not as secure as i)
iii)   B can forward the mail to our web reader but does not need to supply a password.  Not as secure as ii)

[J2897]

Oh' FGS...

[Comodo_Shane]

Hi All,

Ok, Comodo SecureEmail uses public digital certificates which have an associate private key.  It’s this private key (and the fact it stays ‘private’) that is the bit that makes everything secure.

The public certificate (only a template) and the private key are both generated on your PC when you sign up for a digital certificate.  The public certificate template part is sent to Comodo servers to be turned into a ‘real’ certificate and signed by Comodo’s private key.

In the following scenarios, Alice is the sender, Bob is the recipient.

When Alice or Bob send a signed e-mail, their public key certificate is attached.  The recipient can then verify who they are because their certificate was signed by Comodo.

Alice wants to send an e-mail and:
Scenario 1)
Alice already has Bob’s public key (received via a signed e-mail etc)

In this scenario, Alice encrypts (S/MIME) using Bob’s public key.  The e-mail can be decrypted in any S/MIME compliant e-mail system like CSE, Outlook or Thunderbird.

Scenario 2)
Alice doesn’t know Bob’s e-mail certificate in advance.

(Alice chooses if the Web Reader can be used or not or turn off Web Reader access but we’ll deal with the Web Reader service when describing Bob’s actions)

In this scenario the situation is a little more complicated.  Alice doesn’t have Bob’s public key certificate to encrypt for so CSE does this:
-   It generates a Single-Use Certificate and private key for this 1 e-mail.
-   CSE then encrypts the e-mail (S/MIME) and attaches this to an instruction e-mail and sends the e-mail to Bob.
-   CSE then uses a Comodo secure server as a temporally storage location and uploads the session certificate pair, encrypted, over and secure connection.

At this point, Bob has the e-mail, Comodo have the temp session keys.

So on Bob’s side.
-   Bob receives an e-mail which has the S/MIME encrypted e-mail attachment.

Bob now needs to decrypt the mail, his choices are:
-   Bob has CSE, CSE decrypts automatically.
-   Download Comodo SecureEmail.
-   Forward the mail to the Web Reader service (if Alice has allowed this, if not, bob can’t decrypt via the Web Reader)

Ok, so let’s deal with these three choices below:

Bob already has CSE
-   Bob already has an e-mail certificate and is using Comodo SecureEmail.
-   Comodo SecureEmail contacts Comodo’s server to download the key over a secure connection.  Comodo’s servers requires authentication via Bob’s real e-mail certificate (he must complete a private key operation based on industry standard SSL authentication) before the server will release the keys.
-   If Bob’s authentication is successful then Comodo SecureEmail can decrypt the message and allow it to pass into Bob’s inbox.
-   Bob’s CSE can also send back his ‘real’ e-mail certificate to Alice.  This is now a very neat key exchange process.
-   From this point on Alice can encrypt straight to Bob.
-   The result it Bob receives the mail smoothly and automatically and doesn’t even know what Alice didn’t have his key in advance.  Alice’s records are now updated too.

Bob download’s Comodo SecureEmail.
-   Comodo SecureEmail requires that Bob has an e-mail certificate for the address Alice e-mailed to before downloading the keys.
-   Comodo SecureEmail contacts Comodo’s server to download the key over a secure connection.  Comodo’s servers requires authentication via Bob’s real e-mail certificate (he must complete a private key operation based on industry standard SSL authentication) before the server will release the keys.
-   If Bob’s authentication is successful then Comodo SecureEmail can decrypt the message and allow it to pass into Bob’s inbox.
-   Bob’s CSE can also send back his ‘real’ e-mail certificate to Alice.  This is now a very neat key exchange process.
-   From this point on Alice can encrypt straight to Bob.

Bob chooses to forward the mail to the Web Reader service
-   The server first checks if Alice has allowed Bob to read this mail via the Web Reader, if Alice has disallowed it, the server sends a rejection mail to Bob.
-   If allowed, the server returns a unique URL to Bob to read the mail.
-   Bob navigates to the URL over HTTPS where the server then checks if Alice has required Bob to enter a password (pre-agreed between Alice and Bob).
-   Bob may or may not enter a password dependant upon Alice’s choice.  The mail is then decrypted and shown to Bob in his web browser.

Hope this answers everyone’s questions.

Regards,
Shane.  

[xiuhcoatl]

Thanks Shane For me that´s about as clear as it can get.

This topic has been closed and locked. If you need it reopened please PM a Moderator

X

[Tags:]