1

For quite some time, I was wondering if there are ways I could record forms of communication with, say, Facebook servers and have a plausible proof that a specific event (such as receiving a private message with given contents) actually took places. While I learned that I cannot record TLS session and use it as a proof that would be difficult to forge, I wonder if the DKIM-signed notification e-mails would work better.

In other words, if somebody sends me an e-mail and his server supports DKIM - do I have a reliable proof that this e-mail was sent by this person and is genuine? Are there any caveats?

d33tah
  • 6,524
  • 8
  • 38
  • 60

2 Answers2

3

The only proof you have with DKIM is that the mail was sent over a specific mail server. You can only conclude that the mail was send by a specific user if

  • the mail server only accepts mails from this specific user (unlikely)
  • enforces that the From header in the mail (which is part of the DKIM signature) matches the actual sender of the mail, i.e. no spoofing possible (unlikely too)
  • the mail account of the user is not compromised so that somebody could use it to send mails in the users name
  • everything else is secure, i.e. the mail server is not hacked, the DKIM entry in DNS not compromised due to a weak key, compromised key, DNS spoofing or similar.

Thus, a valid DKIM signature helps to narrow down possible senders but taken alone it is far from a proof that a specific user has send this mail.

Steffen Ullrich
  • 184,332
  • 29
  • 363
  • 424
  • Still, while it's not a proof that the user which purportedly sent it actually did it, having a DKIM-signed email by facebook is a much stronger evidence. – Ángel Sep 03 '17 at 23:53
2

As Steffens answer covers that DKIM is not a proof that an email originated from that specific account but rather it has been sent from the mail server responsible for that address, I'm covering the other question as to what might be a proof, i.e

How can I be sure an email is from the email address in the From field or from a person associated to that address?

Both PGP and S/MIME signed mails to have that property, to some extent.

While with PGP, you must manage the trust of the key beforehand and verify it matches the senders actual key (by verifying the fingerprint via phone or similar means), with S/MIME, you don't.

For S/MIME Email certificates, a certificate authority (CA) does check that and you base your trust on the CA.

Both methods are not proofs in a theoretical/cryptographic sense, as with PGP, there could be hash collisions (very unlikely) and the public key infrastructure used for S/MIME has a whole bunch of different problems that could lead to incorrectly issued certificates.

Yet, those two methods do offer a pretty good approximation for your problem, with S/MIME not being as trustworthy but easier to use in exchange.

Tobi Nary
  • 14,302
  • 8
  • 43
  • 58