Skip to content

Security

Jump to bottom
Joshua Thijssen edited this page May 27, 2020 · 9 revisions

I'm in no way a security expert, which makes it scary when trying to create a secure system for dealing with (personal) emails.

These are the things we thought about, or that still pose problems:

  • MailServer to MailServer uses TLS with ECDHE for perfect forwarding secrecy.

  • Everything depends at the moment on a single private RSA key (4096 bits). It is used for the following:

    • logging into the mailserver to read emails
    • logging into the mailserver to send emails
    • decrypting emails

  • Once a private key is exposed, the following can happen

    • we can write emails on behalf of somebody
    • we can decrypt the catalog-key inside each message-header, which results in:
    • we can decrypt the blob-keys inside each message-catalog, which results in:
    • we can decrypt each blob of each message

  • Exposing a public key by itself means you need to know the actual email address. The only unencrypted email address reference is a SHA256 sum.

Could we?

  • Private key should have a pass-phrase. Can we force this?
  • Can we store the private key securely in for instance the OSX keychain for example?
  • Can we decrease the attack surface? When a private key is compromised, we might be able to send/receive emails (provided we also know the actual email address for this private key), but can we somehow make sure we can't decrypt the emails?
  • Could every email be encrypted with a different key (like DH?). How would this work?

BitMaelum Logo

Clone this wiki locally