[messaging] Axolotl for email
weihaw at gmail.com
Fri Jun 10 07:13:32 PDT 2016
On 9 June 2016 at 13:14, Jeff Burdges <burdges at gnunet.org> wrote:
> On Thu, 2016-06-09 at 11:16 -0700, Wei Chuang wrote:
> > Would it make sense to apply Axolotl for email encryption?
> Do you know about Pond? https://github.com/agl/pond
> Adam has taken pond.imperialviolet.org down, but you can read more at
> An Axolotl based messenger would normally decrypt the message only once
> and stores the decrypted message locally after reencrypting it with
> another local key. This provides deniability and improves
> If you want this, then you cannot integrate with email clients the way
> GPG does. Instead, you must provide POP proxy or something. And ask
> the user to set up full disk encryption.
> On Thu, 2016-06-09 at 21:15 +0200, Vincent Breitmoser wrote:
> > The obvious place to put the data is the mailbox. Mail servers via
> > imap are pretty okay at synchronizing immutable blobs of data, so it
> > should be possible technically to achieve synchronized state among all
> > MUAs.
> You mean using separate pairwise ratchets amongst your different MUAs?
> I suppose that's what OMEMO does.
> > But I think there's a catch: We can never reliably *delete* data from
> > the server. This essentially breaks the properties we gain from key
> > erasure ("forward secrecy") in the first place.
> Yeah, anything that goes through SMTP gets recorded by some adversary.
> In fact, I doubt it's worth attempting to fix email beyond minor
> improvements to GPG integration because the metadata leakage sucks too
Email is the only federated communicated protocol that's been successful.
Others are essentially proprietary. Agreed there are leakage issues but I
believe many other folks have been working on improving particularly the
PGP metadata leakage problem.
> That said, your Axolotl header encryption could be a wide block cypher
> that encrypted the body too.
I'm not familiar with Axolotl header encryption. Do you mean to use
Axolotl to help protect the header metadata? or is this a specific feature
> At least then the adversary must record
> the whole message attachments and all.
> Messaging mailing list
> Messaging at moderncrypto.org
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Messaging