
P2P, Encrypted Email Protocol - gbrindisi
http://flowingmail.com/
======
Osmium
Speaking of the need for a more secure email, I just want to share an anecdote
that blew my mind recently. I was trying to pay for something with a _major_
tech company but they were having problems with my card, so they _emailed me_
my card details to check they were correct!

I'd be tempted to name and shame them, but it's not really their fault as much
as it is the specific person, because I find it hard to believe people aren't
trained not to do that. Makes me think that all customer support emails should
be regex'd for credit card numbers and if they're found their mail servers
shouldn't allow them to be sent...

In any case, the whole institution of email is a security nightmare. I doubt
this is the solution, but there certainly needs to be one, and as much for
"normal" people as anyone else. We all have information that needs to be kept
secure.

~~~
adambard
I've been trying to get some identity documents (birth certificate, marriage
certificate) translated recently. Every place I've contacted wanted me to just
email them scans of the documents, that will presumably sit on their ISP's
server in plaintext indefinitely.

I definitely think there's something to a messaging protocol that's simply not
able to be insecure.

------
ugexe
So this allows potential crackers to save every copy of every encrypted email,
allowing them to be cracked in the future when there is increased computer
power and more advanced cracking techniques/rainbow tables?

~~~
qznc
How would you prevent this?

It is not prevented by SMTP and not by this p2p approach.

~~~
ugexe
This puts your email in everyone's hands, it's just encrypted so it probably
can't be read without the key (yet). Regular email does not do this.

~~~
Karunamon
On the positive side, it's unlikely "everyone" who isn't a government agency
with billions of dollars of taxpayer money to waste has the time, storage, and
compute resources to mount the kind of attack you're talking about.

I know NSA is the topic of the day, but they're kind of a special case here.
They're the single most powerful and well funded adversary the average crypto
user will face.

~~~
tedunangst
Until you break up and your ex decides to publish your key in revenge. Unlike
a password, you can't change a key and revoke access.

~~~
Karunamon
Why on _earth_ would you let someone who is not you anywhere near your private
key? No security system in the world can fix user fail.

~~~
ugexe
The difference is when your ex releases your key and you are using this system
then everybody can read your email instead of just the NSA and the recipient.

~~~
18pfsmt
So, what you are saying is that nobody else, but you, should ever have access
to your private key, right? I'm pretty sure that's PKI 101, which I think was
Karunamon's point; and, I'm _pretty_ sure the solution to your proposed
'weakness' in this system is not technical.

~~~
ugexe
He edited his post and my reply doesn't make sense in context now

------
lectrick
I'm moving on until I see a link to some open-source code.

With a test suite.

------
omh
It seems like it would be relatively easy to perform traffic analysis of this
protocol. If you can see the traffic of a reasonable number of nodes (as I'm
sure the NSA can) then can't you just watch the messages being inserted and
retrieved and work out who the sender and recipient is?

Obviously this doesn't help with the content of the message, but in many cases
just knowing who's talking to whom is a good part of what you want to keep
secret.

~~~
tux
Unless you're using your real name this should not be a problem. Also many
will use this client with VPN/Proxy.

~~~
omh
In that respect it's not much better than just anonymously signing up for
gmail via a VPN.

------
sirsar
So it's like Bitmessage, but without an implementation?

~~~
johnchristopher
I also thought they already had a working client.

The wording is misleading:

    
    
        "FlowingMail is the name of a new decentralized messaging protocol, while FlowingMail Client is an email client that uses the protocol."

------
kgo
This seems very similar to bitmessage, which has a functioning client and
1000's of active nodes. Why would I wait for this instead of using bitmessage?

~~~
yapcguy
Read the Bitmessage white paper and you'll know why you should avoid
Bitmessage: Every node will have a copy of every single message sent across
the entire network. I believe the meme to use here is "Fail".

~~~
johnchristopher
Bitmessage messages are encrypted IIRC. I read that bitmessage would fail a
security audit but it's still designed to be encrypted.

~~~
jnbiche
Message security is actually quite good with Bitmessage -- the issue is
scaling the network and correspondingly, its vulnerability to traffic
analysis.

~~~
unicornporn
Is [http://tox.im/](http://tox.im/) better in this aspect?

------
Steuard
I've read chunks of the site, but I'm still not entirely clear on what
advantage this scheme has over RSA encryption of standard SMTP mail (via
PGP/MIME on the local machine, say).

Is the main advantage that a given identity isn't tied to a specific server
here? Is that a big enough gain to justify an entirely new protocol and
ecosystem of clients? I assume I'm missing some other benefits.

~~~
zokier
SMTP leaks metadata.

~~~
bcl
Only if the servers aren't using SMTPS. Which in practice many don't but there
really is no reason why that cannot be changed.

~~~
ape4
If yourserver.com is connecting to friendsserver.com on port 25... there is
some metadata. I mean if three-letter-agencies are monitoring the internet
they'll figure out what just happened.

------
ape4
This is a nice try. I would like to see some incremental improvements in mail.
For example in the header we could display a rating of how secure the mail is.
Based use of TLS, etc. If client programs displayed this it would encourage
infrastructure improvements.

------
frank_boyd
Is this about re-inventing the wheel again?

[http://retroshare.sourceforge.net/](http://retroshare.sourceforge.net/) does
encrypted p2p for "email"/chat/VOIP/file sharing/forums/etc.

~~~
dingdingdang
Thanks for mentioning retroshare, it is a VERY decent system. Still, I reckon
there's quite a bit of mileage in doing -one thing- right; retroshare's fix-
it-all-in-one-package may not appeal to everybody.

------
mic159
If I understand correctly, there is a key in the DHT that is effectively a
list of pointers to all your mail? If so, an attacker could control your inbox
by starting a bunch of nodes around that key, couldn't they?

To disable a persons mail, you would start up some altered nodes around the
address space you want to attack, have them respond normally until you control
enough or all of the nodes covering the target address. Then flip a switch
that makes them all start saying that inbox is empty. Then start backing off
your nodes, and replacement regular nodes would replicate your altered state.

Would this be possible? Or am I missing something?

------
Vektorweg
If xmpp would be more secure, it would be a good replacement for email. Using
multiple xmpp servers would give a comparable advantage to p2p email.

~~~
marquis
I wasn't aware XMPP wasn't secure? It supports TLS, SSL, OTR and more. Are
there known issues?

~~~
Vektorweg
The only problem is, that the server can see all messages. OTR solves this
problem, but who use it? OTR would even solve the e-mail issue.

~~~
marquis
XMPP supports signing of messages, and for push notifications OTR is great.

------
nightcracker
I've been looking at similar ideas lately, but I simply do not know how to
defeat the Sybil attack =/ A centralized certificate authority is necessary to
keep a functioning system, as far as I can see.

------
AndrewDucker
If it's P2P then I'm back to running my own server - and if you run your own
server then email is already P2P.

~~~
autotravis
But setting up a mail server is more difficult than firing up a piece of P2P
software.

~~~
AndrewDucker
True. But servers have advantages, like being able to get to my email from
anywhere. I remember the dark days of POP...

------
pampa
Any proof of concept source code yet?

------
mknits
Retroshare already do that.

