July 5, 2022

Engineering an insider-attack-resistant email system and why you wouldn't want to use it

Earlier this week, Felten made the observation that the government eavesdropping on Lavabit could be considered as an insider attack against Lavabit users. This leads to the obvious question: how might we design an email system that’s resistant to such an attack? The sad answer is that we’ve had this technology for decades but it never took off. Phil Zimmerman put out PGP in 1991. S/MIME-based PKI email encryption was widely supported by the late 1990’s. So why didn’t it become ubiquitous?
[Read more…]

End-to-End Encrypted GMail? Not So Easy

Last week Julian Sanchez urged Google to offer end-to-end encryption for GMail, so that your messages would be known to you and your browser (and your email correspondents) but not to Google itself. Julian explained why this would be a positive step for users and, arguably, for Google itself. Let’s talk about what would be required to make it happen.

We have had standards for end-to-end email encryption for a long time: PGP since at least 1996 and S/MIME since at least 2002. In these systems, each user has a private key that they use to encrypt and digitally sign their email. If two people know each other’s public keys, they can exchange email securely without the network, or even their email services, being able to read or tamper with the messages. This feature has long been supported in desktop email clients. What would we need to make it work for a cloud email service like GMail?
[Read more…]