The new Dark Mail Alliance formed this week by Lavabit and Silent Circle will offer an open platform for secure email that will use existing protocols and cloud storage as a way to evade surveillance. The new system, which should be available next year, is in some ways a throwback to the pre-Internet days, officials involved in the project said.

The Dark Mail project is a response to the current surveillance climate, one that caused both Lavabit and Silent Circle to close down their previous secure email offerings. Lavabit, which is reportedly the service that NSA leaker Edward Snowden used, shut down its service rather than comply with a request from the FBI for its encryption keys. Seeing the writing on the wall, Silent Circle decided to ceases its own Silent Mail service preemptively soon thereafter.

In the weeks following those closures in August, engineers from Silent Circle began talking with Lavabit founder Ladar Levison and soon hit on the idea of building a new, Web-based secure email platform that would be resistant to surveillance and backdoors. The idea, said Jon Callas, co-founder of Silent Circle, involves sending a short routing message to the intended recipient of the email over a protocol such as XMPP. That message will have a link to a cloud storage location where the user can pick up the actual email. That email will be encrypted and and the key to decrypt it will be included in the routing message.

“It separates the routing and addressing from the actual content of the email,” Callas said. “It makes it so an email, which could be anything from ten characters to a few megabytes, doesn’t have to be pushed all the way down the line and transferred from server to server and make sure everything is safe.”

Callas, a cryptographer and former co-founder of PGP Corp., another secure email provider, said that in some respects, the Dark Mail idea is relying on concepts from the dawn of the Internet age.

“This resembles in a lot of ways things that were done in the pre-Internet days. SMTP has served us well for many years, but it was not designed to be secure at all,” Callas said. “That means there’s all sorts of metadata that can’t be encrypted and sticks around forever. That data ought to be in a log somewhere, not in the email. It’s really trivial for people to pick it up and do metadata analysis on it.

“This is going forward into the past. We want to go back to using things that were used on LANs and update it using crypto. This is going to be an open offering for the Internet. Why not just open it up for everybody? We all decide that it’s better for the world to have an open, non-SMTP way to do email and those of us who are in the email business can offer whatever services we want on that infrastructure. Email was originally done with no security at all and we’ve been dialing it up ever since. Why not start over with high levels of security and let people dial it down if they want?”

Callas said that he hopes the new offering will be available sometime in 2014, but much of that depends on the amount of help the Dark Mail Alliance gets from the rest of the community.

“We view this as, if it’s successful, it will be tweaked by people in various ways, because I don’t expect that our ideas on how to do this are perfect,” Callas said. “I don’t think we’ve solved every problem there is.”

Categories: Cryptography, Government, Privacy

Comments (2)

  1. Jan

    Hi, my name is prince $name of $kingdom. Please use the key below to read the mail I have sent you about a very sensitive matter that requires your immediate attention.

    Oh yes, what about the people that have Apple, and don’t support xmpp :p

  2. StarForce

    We are of the opinion that Edward Snowden has deserved a medal for his contribution to the development of information security. His actions shook the industry and made us to look at many things from a different perspective. And the development of the Dark Mail project by the Lavabit founder is proof to this statement.

    In our lab we decided to explore potential features of the new service offered by Ladar Levison and consider its possible pitfalls. After analyzing the meager information flow about Dark Mail, the biggest unanswered question for us was the step of trust relationship setup. For this purpose usually certification centers can be used, when both parties trust the third party in the communication process. The main problem of cryptography without certification centers (e. g. for PGP) is the need to understand all the details of security process by an end-user. It undoubtedly reduces the number of potential users of e-mail service.
    Also in the Internet there are anecdotal reports that the SCIMP algorithm will be used in the Dark Mail project. This algorithm (at least in version 1.0 – 20paper.pdf) is based on modified Diffie-Hellman protocol. According to it, the communication parties should exchange a number of messages to perform the key exchange. Most likely, the creators of the Dark Mail will try to adapt this technology for e-mail where it is not convenient to send the multiple messages for communication starting.
    Another interesting thing is how to avoid “Man in the Middle” attack in SCIMP 1.0. This algorithm uses “manual” (e.g., phone talk) confirmation of first connection setup. The connection is considered to be successfully established if parties confirm to each other the coincidence of two short codes generated by the algorithm. This procedure looks cumbersome for the ordinary users of the email service, but its non-compliance calls into the question the principle of protection.
    We expect Dark Mail to launch in the second quarter of 2014, and we will have a chance to know if its developers could find an elegant solution for the issues risen above. In the meantime we use, and StarForce E-m@il.

Comments are closed.