STARTTLS Everywhere Brings Hop-to-Hop Encryption to Protect Emails from Mass Surveillance
The Electronic Frontier Foundation (EFF) has announced STARTTLS Everywhere, a project to improve the security of email delivery by encrypting communication channels between mail servers.
Similar to how HTTP got a security boost with HTTPS, it's now time to get some security with SMTP, as well. SMTP or Simple Mail Transfer Protocol was designed even before HTTP - no surprise why it's so easy for the likes of the GCHQ and NSA to scoop up emails by bulk.
STARTTLS is an addition to SMTP, which allows one email server to say to the other, “I want to deliver this email to you over an encrypted communications channel.” The recipient email server can then say “Sure! Let’s negotiate an encrypted communications channel.”
The two servers then set up the channel and the email is delivered securely, so that anybody listening in on their traffic only sees encrypted data. In other words, network observers gobbling up worldwide information from Internet backbone access points (like the NSA or other governments) won't be able to see the contents of messages while they’re in transit, and will need to use more targeted, low-volume methods.
To get into the most basic explanation, when you are sending an email to someone, your mail server connects to theirs to be able to deliver the email. With criminals, corporate spies, and law enforcement often sitting on this connection trying to listen to conversations, STARTTLS promises to encrypt the traffic between the mail servers to hide all these transactions from snoopers.
Since this protocol is quite a headache to set up, EFF is aiming to automate the process to speed up its adoption. "In 2015, researchers discovered that ~20% of the Alexa top million domains which have mailservers don’t use STARTTLS, and ~40% present invalid certificates," the not-for-profit reports. "In addition, STARTTLS commands from several countries were being regularly downgraded, as high as 96% of the time."
STARTTLS Everywhere for "more secure email, less mass surveillance"
With STARTTLS Everywhere, the Foundation aims to make email delivery process more secure. The firm wrote that it intends to "increase STARTTLS adoption, increase the number of mail servers that actually validate certificates, and offer a STARTTLS Policy List to help prevent downgrade attacks on email services."
The project essentially enables mail server administrators to get a valid certificate from Let's Encrypt, configure their mail servers to use STARTTLS, check the configuration to make sure everything is secure, and present valid certificates to other email servers since you can never be sure if you are talking to an impersonator.
EFF wrote that even if all of the above is taken care of, someone sitting between mail servers can drop STARTTLS messages and fool servers into thinking that you do not support TLS. To bypass this kind of an "attack," EFF recommends admins to add their domain to its index of high-security email domains so servers have another point of reference to discover that you do indeed support STARTTLS encryption.
This is, however, not a replacement of end-to-end encryption since STARTTLS offers hop-to-hop encryption, where hops are the computers an email goes through before reaching its recipient. This means that if there's no added protection, mail providers can read emails. EFF added that STARTTLS simply "allows email service providers and administrators to provide a baseline measure of security against outside adversaries," thereby reducing the chances of mass surveillance.