end-to-end encryption
Hi to all I was looking at protonmail.com Is possible to implement and end-to-end encryption with dovecot, where server-side there is no private key to decrypt messages?
If I understood properly, on protonmail the private key is encrypted with user's password, so that only an user is able to decrypt the mailbox.
Anything similiar ?
On 15 May 2018 at 22:43 Gandalf Corvotempesta <gandalf.corvotempesta@gmail.com> wrote:
Hi to all I was looking at protonmail.com Is possible to implement and end-to-end encryption with dovecot, where server-side there is no private key to decrypt messages?
You could probably automate this with sieve and e.g. GnuPG, which would mean that all your mails are encrypted without server having key to decrypt this.
If I understood properly, on protonmail the private key is encrypted with user's password, so that only an user is able to decrypt the mailbox.
Anything similiar ?
In this case, the server *does* have the private key, even if it's encrypted... =)
Dovecot's mail crypt plugin can achieve *similar* thing with
mail_crypt_private_password=%{password} (see https://wiki.dovecot.org/Plugins/MailCrypt)
But this requires quite good planning, esp. if you are hosting mails, since there is currently no DR feature in dovecot. If you decide to use mail crypt plugin, set it up with private key password, and lose the password, then the mails really are gone.
Also worth noting is that, currently, dovecot does not encrypt indexes, which can contain information about your mails.
Aki
Hi
I personally use gpgit https://github.com/EtiennePerot/gpgit Which does the encryption of messages. Then I use a sieve script which calls gpgit for every msg and encrypts before saving into mailbox
Cheers
tobi
Am 16.05.2018 um 10:24 schrieb Gandalf Corvotempesta:
You could probably automate this with sieve and e.g. GnuPG, which would mean that all your mails are encrypted without server having key to decrypt
Il giorno mer 16 mag 2018 alle ore 06:09 Aki Tuomi <aki.tuomi@dovecot.fi> ha scritto: this.
Any guide or sample to look for ?
Il giorno mer 16 mag 2018 alle ore 11:19 <tobisworld@gmail.com> ha scritto:
I personally use gpgit https://github.com/EtiennePerot/gpgit Which does the encryption of messages. Then I use a sieve script which calls gpgit for every msg and encrypts before saving into mailbox
If I understood properly, for this to work, a public key must be stored on server, so that every message is encrypted. Then, on each MUA, the private key must be present, so that each MUA is able to decrypt the encrypted message, right ?
Yes the server need to know the pubKey for encryption and the client need access to the privKey to decrypt. The correct pubKey is determined from gpg based on the rcpt address
Cheers
tobi
Am 16.05.2018 um 11:30 schrieb Gandalf Corvotempesta:
Il giorno mer 16 mag 2018 alle ore 11:19 <tobisworld@gmail.com> ha scritto:
I personally use gpgit https://github.com/EtiennePerot/gpgit Which does the encryption of messages. Then I use a sieve script which calls gpgit for every msg and encrypts before saving into mailbox
If I understood properly, for this to work, a public key must be stored on server, so that every message is encrypted. Then, on each MUA, the private key must be present, so that each MUA is able to decrypt the encrypted message, right ?
On 05/16/2018 06:07 AM, Aki Tuomi wrote:
On 15 May 2018 at 22:43 Gandalf Corvotempesta <gandalf.corvotempesta@gmail.com> wrote: Is possible to implement and end-to-end encryption with dovecot, where server-side there is no private key to decrypt messages?
You could probably automate this with sieve and e.g. GnuPG, which would mean that all your mails are encrypted without server having key to decrypt this.
Considering the keywords "dovecot" and "sieve", that would still not be "end to end" and not even "MSA to MX"(-ish) but merely "encrypted storage upon/after final delivery", wouldn't it ... ?
FWIW, for auto-encrypting someplace near the MSA, I've used the "GPGPit" tool that's available on the web (and that I've made into an "SMIMEit" myself). The nontrivial problem with that is to retrieve recipients' pubkeys in an even remotely trustworthy manner, of course.
Regards,
Jochen Bern Systemingenieur
www.binect.de www.facebook.de/binect
On 16.05.2018 12:56, Jochen Bern wrote:
On 05/16/2018 06:07 AM, Aki Tuomi wrote:
On 15 May 2018 at 22:43 Gandalf Corvotempesta <gandalf.corvotempesta@gmail.com> wrote: Is possible to implement and end-to-end encryption with dovecot, where server-side there is no private key to decrypt messages? You could probably automate this with sieve and e.g. GnuPG, which would mean that all your mails are encrypted without server having key to decrypt this. Considering the keywords "dovecot" and "sieve", that would still not be "end to end" and not even "MSA to MX"(-ish) but merely "encrypted storage upon/after final delivery", wouldn't it ... ?
FWIW, for auto-encrypting someplace near the MSA, I've used the "GPGPit" tool that's available on the web (and that I've made into an "SMIMEit" myself). The nontrivial problem with that is to retrieve recipients' pubkeys in an even remotely trustworthy manner, of course.
Regards,
To be strict, 'end to end' would mean that the SENDER would encrypt it on his station, and RECEIVER would only decrypt it on his station. Everything else is not end-to-end =)
Aki
On 05/16/2018 12:01 PM, Aki Tuomi wrote:
On 16.05.2018 12:56, Jochen Bern wrote:
Considering the keywords "dovecot" and "sieve", that would still not be "end to end" and not even "MSA to MX"(-ish) but merely "encrypted storage upon/after final delivery", wouldn't it ... ?
To be strict, 'end to end' would mean that the SENDER would encrypt it on his station, and RECEIVER would only decrypt it on his station. Everything else is not end-to-end =)
Yes. Hence my ad-hoc "MSA to MX" terminology for the middle ground that sysad-me can achieve *without* continued user enthusi^H^H^H^H^H^H^H cooperation. :-}
Regards,
Jochen Bern Systemingenieur
www.binect.de www.facebook.de/binect
Il giorno mer 16 mag 2018 alle ore 12:02 Aki Tuomi <aki.tuomi@dovecot.fi> ha scritto:
To be strict, 'end to end' would mean that the SENDER would encrypt it on his station, and RECEIVER would only decrypt it on his station. Everything else is not end-to-end =)
Yes, of course, but this solution with GPG where dovecot is able to encrypt mails with GPG key will increase the overall security, but still allows to read all email (just before the encryption) with some malwares and so on.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On Tue, 15 May 2018, Gandalf Corvotempesta wrote:
I was looking at protonmail.com Is possible to implement and end-to-end encryption with dovecot, where server-side there is no private key to decrypt messages?
Maybe the term "end-to-end encryption" has changed, but usually that means that clients are the "end". Hence, there are no keys on the server. There are some approaches to automatic key discovery and hosting with GnuPG's WKD / WKS.
If I understood properly, on protonmail the private key is encrypted with user's password, so that only an user is able to decrypt the mailbox.
When the encryption takes place on the server, the server admin is able to tinker the process, hence, this is no end-to-end. But, read Aki's fine answer about this.
Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iQEVAwUBWvvNJcQnQQNheMxiAQKGvggAmTSJypn1AnTbarajkEoTWw3q3ciBjDFP Ivv7ENlbXLVVEurx+KWCvP/eO3OnMunUKQjBcTqc9q4fuaDD8GK8CssP1I31oi1i FC4FPOU2U3WGlOjGmgCUsAJuQpdO3kyy28UGWZgmWLFOqDrGtBh3xEGJxOpxI3MH w1Sqhig9M//CBVT+cT5+jcQy2YxuHJODFQj0rhimdRXmK+xSsQioxlUrKpXihw1U n594pw9ogXkZPm5MoEsOahtqxwtXtWbzUqnQZiq3mPDWTtHj0YsSz2HoSAix8oJ/ mGOazhZwLTKYyRLjjTfzmKtT6XMvuHINqXIcrG78t7L9bJwIjdfpnQ== =VBMS -----END PGP SIGNATURE-----
participants (5)
-
Aki Tuomi
-
Gandalf Corvotempesta
-
Jochen Bern
-
Steffen Kaiser
-
tobisworld@gmail.com