[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] Secure email with limited usable metadata

To: tor-talk@xxxxxxxxxxxxxxxxxxxx
Subject: Re: [tor-talk] Secure email with limited usable metadata
From: Jimmy Chen <me@xxxxxxxxxxxxx>
Date: Sun, 30 Jun 2013 16:26:49 -0700
Delivered-to: archiver@xxxxxxxx
Delivery-date: Sun, 30 Jun 2013 19:27:05 -0400
In-reply-to: <N1-b4XXucOHMJ@xxxxxxxxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-id: "all discussion about theory, design, and development of Onion Routing" <tor-talk.lists.torproject.org>
List-post: <mailto:tor-talk@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
References: <N1-b4XXucOHMJ@xxxxxxxxxxxxx>
Reply-to: tor-talk@xxxxxxxxxxxxxxxxxxxx
Sender: "tor-talk" <tor-talk-bounces@xxxxxxxxxxxxxxxxxxxx>

This poses a really interesting question.

Another solution would be to use already existing remailers, and doubling
the encryption together with the TO: email in the inline plaintext. The
question is how to properly do a dual encryption.

My proposed solution is the following:

Plaintext message (encrypted for recipient, with unencrypted portion
dictating the recipient through inline text) -> Encrypted Message
(encrypted again to remailer's PGP, including inline portion) -> Remailer
(decrypted intended layer. Message is sent to recipient dictated in the
inline text) -> Recipient's Email Server / Provider (cannot be read by
provider) -> Recipient Mailbox

On Sun, Jun 30, 2013 at 8:52 AM, <alice-tor@xxxxxxxxxxxxx> wrote:

> everyone is tooting about pgp these. pgp encryption doesnt solve the
> problem of tla surveillance. pgp encryption does not touch metadata
> (recipent, sender).
>
> how to secure mail communication?
>
> i was thinking about pointing the mx record of the tld to a mail server
> that is shared with other individuals. the server is configured to drop
> incoming non-tls smtp connection from other mail server. On a per account
> basis, every message that is not encrypted to the public pgp key of the
> address is dropped, too. users use pop3/smtp over a hidden server to
> download/send messages.
>
> what do you think? the setup is easy to maintain. if inbox size is limited
> to a few mbs any cheap vps thats like 20$ a year can be used to service
> hundreds of thousands of accounts. a trusted umbrella organization is
> needed to maintain the server as anonymity is increased by increasing users
> count. is the tor project or torservers.net interested in running such a
> service? i would literally pay money for that, so would others.
> _______________________________________________
> tor-talk mailing list
> tor-talk@xxxxxxxxxxxxxxxxxxxx
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
>
_______________________________________________
tor-talk mailing list
tor-talk@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

References:
- [tor-talk] Secure email with limited usable metadata
  - From: alice-tor

Prev by Author: Re: [tor-talk] Firefox Portable and Access Denied on Lock File (Windows, x64) (Was: Tor Browser Bundle 3.0alpha1 test builds)
Next by Author: Re: [tor-talk] Questions about IT security - can TOR help? Are theyre other systems out there?
Previous by thread: Re: [tor-talk] Secure email with limited usable metadata
Next by thread: Re: [tor-talk] Secure email with limited usable metadata
Index(es):
- Author
- Thread