What is the s/mime encryption strength on iOS?

security ios email encryption

Solution 1:

SHA-1 is most likely it. Here's what I've found to support that claim:

On the Cryptographic Message Syntax Services Reference document, it is stated that the S/MIME version used is 3.1, which is defined here and where it's stated that it supports SHA-1, SHA-256, SHA-384, and SHA-512 but:

The SHA-256, SHA-384, and SHA-512 algorithms [FIPS180-2] are not currently recommended in S/MIME, and are included here for completeness.

Even more, on the Certificate, Key, and Trust Services Reference document (although it's the Mac version), it's stated that the default algorithm used is the SHA-1.

In another document, it is said:

The most common hash function you will use is SHA-1, an algorithm developed and published by the U.S. Government that produces a 160-bit hash value from any data up to 2**64 bits in length. There are also a number of more exotic algorithms such as SHA-2, elliptic-curve-based algorithms, and so on.

For compatibility with existing systems and infrastructure, you may occasionally need to use older algorithms such as MD5, but they are not recommended for use in new designs because of known weaknesses.

So, although I couldn't find any direct statement confirming the use of the SHA-1 algorithm, clues point in that direction.

Solution 2:

For a specific message, you can use openssl asn1parse to peek inside.

I sent myself a message using iOS Mail, signed and encrypted to me, and using the command line

$ openssl smime -pk7out -in message.eml | openssl asn1parse

and the contents of the results showed the message appears to be encrypted with 3DES EDE in CBC mode:

  913:d=5  hl=2 l=   8 prim: OBJECT            :des-ede3-cbc

Finding the signature algorithm is another challenge. I think it's SHA-1, but the decrypted message includes a lot of certificate signatures, and I'm not sure which is the message's. 

$ openssl smime -decrypt -in smime.eml -recip me.crt -inkey me.key | \
    openssl smime -pk7out | openssl asn1parse


   30:d=5  hl=2 l=   5 prim: OBJECT            :sha1

While the question is actually asking about the symmetric and hash algorithm used to encrypt the message data, the parameters for the certificate itself (which contains the public key used to encrypt the symmetric key which is, in turn used to deal with the data) are selected at key generation time. I've seen this in action while generating a new personal key pair at StartSSL; the web interface asks for the size of the RSA key and which signature algorithm I wish to use, along with the warning that choosing SHA-1 will leave you with a certificate incompatible with some systems.

For what it's worth, my own personal certificate uses 2048-bit RSA and the SHA-1 signature algorithm, which I've found works well across several different systems, including OS X Mail.app, iOS Mail, and Outlook 2007.

Related

Home screen is moving about in iOS7
European week numbers to iOS calendar?
Root file system is full and I need to install additional software.
Do we need CALs for our clients if we store their user accounts for third party apps in Active Directory? [duplicate]
How to do this Nginx location configuration
Replacing a HP P410 RAID Card
What's wrong with this server? After I ssh into the unit and enter the password, the connection closes
Can I configure exim to deliver new mail to Maildir cur/ instead of new/?
phpmyadmin forbidden through ssh tunnel
other than manually changing it, how is MTU set?
Eliminate certificate warning when users access Outlook/Exchange 2010 on split domain setup
Sendmail: Mails are still being relayed to root@localhost