

Proposal safer email. - Ihmahr

I am (have been for two months) thinking of starting an email service that is compatible with the current email system, but adds features.<p>-If server is seized by authorities they got nothing;<p>-RSA&#x2F;public key encryption on every email. Every user has a public key and incoming mail is encrypted on the server right away. Public key is available for every email upon request, then other party encrypts and not the server. (this to integrate with other providers who can adopt this protocol)<p>-Probably need downloadable apps (can be simple javascript) to prevent &#x27;man in the middle&#x27; attacks.<p>-Private key is generated via a standard procedure, client side, on every login. User password (such as &#x27;correct horse battery staple&#x27;) will be the &#x27;seed&#x27; for the procedure to generate private keys.<p>I need help for this project. 
Please respond for any suggestions.
======
claudius
Rather than using RSA/public key encryption, I would rather suggest using
OpenPGP so that others can encrypt email before it even arrives on the server.
Instead of generating the private key on each login, it might be better to
either a) store it on the server with the password acting as a passphrase or
b) store it somehow in the browser/app. It will be interesting to figure out
how to transfer it from one device to another, then.

~~~
Ihmahr
Yes, encryption before sending it to the server is possible as follows: Ask
server for public key associated with email address, encrypt, send. But if
other people do not have this feature for their mail, the mail is encrypted on
the server.

The server should never directly store the private keys. Maybe more efficient
than generating every time again is to use symmetric encryption on the client
side to store the assymetric keys on the server in encrypted form.

