[messaging] Axolotl for email

Wei Chuang weihaw at gmail.com
Fri Jun 10 07:13:32 PDT 2016

On 9 June 2016 at 13:14, Jeff Burdges <burdges at gnunet.org> wrote:

> On Thu, 2016-06-09 at 11:16 -0700, Wei Chuang wrote:
> > Would it make sense to apply Axolotl for email encryption?
> Do you know about Pond?  https://github.com/agl/pond
> Adam has taken pond.imperialviolet.org down, but you can read more at
> http://archive.is/iiF5f
> An Axolotl based messenger would normally decrypt the message only once
> and stores the decrypted message locally after reencrypting it with
> another local key.  This provides deniability and improves
> forward-secrecy.
> If you want this, then you cannot integrate with email clients the way
> GPG does.  Instead, you must provide POP proxy or something.  And ask
> the user to set up full disk encryption.
> On Thu, 2016-06-09 at 21:15 +0200, Vincent Breitmoser wrote:
> > The obvious place to put the data is the mailbox. Mail servers via
> > imap are pretty okay at synchronizing immutable blobs of data, so it
> > should be possible technically to achieve synchronized state among all
> > MUAs.
> You mean using separate pairwise ratchets amongst your different MUAs?
> I suppose that's what OMEMO does.
> > But I think there's a catch: We can never reliably *delete* data from
> > the server. This essentially breaks the properties we gain from key
> > erasure ("forward secrecy") in the first place.
> Yeah, anything that goes through SMTP gets recorded by some adversary.
> In fact, I doubt it's worth attempting to fix email beyond minor
> improvements to GPG integration because the metadata leakage sucks too
> badly.

Email is the only federated communicated protocol that's been successful.
Others are essentially proprietary.  Agreed there are leakage issues but I
believe many other folks have been working on improving particularly the
PGP metadata leakage problem.

> That said, your Axolotl header encryption could be a wide block cypher
> that encrypted the body too.

I'm not familiar with Axolotl header encryption.  Do you mean to use
Axolotl to help protect the header metadata?  or is this a specific feature
of Axolotl?


> At least then the adversary must record
> the whole message attachments and all.
> Jeff
> _______________________________________________
> Messaging mailing list
> Messaging at moderncrypto.org
> https://moderncrypto.org/mailman/listinfo/messaging
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://moderncrypto.org/mail-archive/messaging/attachments/20160610/2bbd0145/attachment.html>

More information about the Messaging mailing list