Encrypted email search indexing
*"Various hurdles are preventing wide-spread adoption of PGP encrypted communication, with easy searchability being one of them. I propose a standard allowing users to search through encrypted email safely. The search is tailored for text messages containing distinct words. Searching is achieved through a search index in plain-text attached to each email. The index contains each of the unique words contained in a message, salt hashed. There will be 10-50 salts per email account used randomly on a per word basis. Larger amount of salts mean more safety and more expensive search. Incoming messages will also get appended with a search index using IMAP APPEND command. ..."* https://ipfs.io/ipfs/QmVntBs8AxmeuLacGappM5LhB8ao9k2RPijvByESt4HmgC
On Thu, Dec 03, 2015 at 01:25:44AM -0800, Silicon Dragon wrote:
*"Various hurdles are preventing wide-spread adoption of PGP encrypted communication, with easy searchability being one of them. I propose a standard allowing users to search through encrypted email safely. The search is tailored for text messages containing distinct words. Searching is achieved through a search index in plain-text attached to each email. The index contains each of the unique words contained in a message, salt hashed. There will be 10-50 salts per email account used randomly on a per word basis. Larger amount of salts mean more safety and more expensive search. Incoming messages will also get appended with a search index using IMAP APPEND command. ..."*
https://ipfs.io/ipfs/QmVntBs8AxmeuLacGappM5LhB8ao9k2RPijvByESt4HmgC ---end quoted text---
this makes little sense. pgp is for encryption in transit, not at rest. you should decrypt and reencrypt your mail. and you can also index it easily when doing so. -- otr fp: https://www.ctrlc.hu/~stef/otr.txt
Dnia czwartek, 3 grudnia 2015 12:06:43 stef pisze:
this makes little sense. pgp is for encryption in transit, not at rest. you should decrypt and reencrypt your mail. and you can also index it easily when doing so.
It *kinda sorta* make sense if we're talking about an e-mail provider that wants the user to be able to search even when they're using their webmail and have no access to the private key. But on the other hand that in itself makes no sense to me. ;) -- Pozdrawiam, Michał "rysiek" Woźniak Zmieniam klucz GPG :: http://rys.io/pl/147 GPG Key Transition :: http://rys.io/en/147
Quoting rysiek (2015-12-05 15:57:10)
Dnia czwartek, 3 grudnia 2015 12:06:43 stef pisze:
this makes little sense. pgp is for encryption in transit, not at rest. you should decrypt and reencrypt your mail. and you can also index it easily when doing so.
It *kinda sorta* make sense if we're talking about an e-mail provider that wants the user to be able to search even when they're using their webmail and have no access to the private key.
But on the other hand that in itself makes no sense to me. ;)
As long as you store emails in the server and you retrieve them on demand your provider will be able to guess the content of your encrypted emails. I'll explain it. Imagine that you have the index in perfectly secure way, or locally stored or an ideal nifty way in the provider where you can do queries and the provider can not guess the content of the queries. Let's first assume that you have your emails stored as they arrive, your encrypted email is stored encrypted and your decrypted email is stored decrypted. After each query you retrieve the resulted emails, so the server sees which decrypted emails are related to which encrypted ones and in the long term can infer the content of the encrypted ones as well. Let's imagine then that you store all the emails encrypted. Then your provider could send to you crafted emails with the kind of content she cares about to discover, so it can notice each time you retrieve one of this crafted emails and what other emails are related to that. You could minimize this attack by not only fetching the emails that you care about, but fetch way more. But at the end or you have your whole set of emails locally or the server will be able to infer data about the encrypted emails. -- Ruben Pollan | http://meskio.net/ -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- My contact info: http://meskio.net/crypto.txt -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Nos vamos a Croatan.
participants (4)
-
Ruben Pollan -
rysiek -
Silicon Dragon -
stef