[liberationtech] Security / reliability of cryptoheaven ?

Maxim Kammerer mk at dee.su
Tue Oct 2 20:41:03 PDT 2012 

On Wed, Oct 3, 2012 at 3:52 AM, Brian Conley <brianc at smallworldnews.tv> wrote:
> I am immediately suspicious of any service advertising simple easy encrypted
> email

Why? The notion that easy encrypted email is hard is a myth, perhaps
resulting from people being trapped inside the concept of using PGP
and its non-scalable bweb of trustb. LibertC) Linux implements cables
communication [1], which provides just that b easy encrypted email.
The catch is that there is no interoperability with SMTP, and there
are no easy-to-remember usernames.

> but perhaps someone here can offer a coherent reply based on their
> privacy policy  or other info as to why this should not be trusted?

>From going over the security summary [2], I don't see why
CryptoHeaven's servers can't trivially MITM retrieval of recipient's
public key:

bThe public portion of the key is then sent to the server where it can
be picked up by others connecting to the system.b

>From Security FAQ [3]:

bCryptoHeaven manages public keys automatically and securely. User
simply allows others to communicate with him through the use of
"Contacts" within the CryptoHeaven system. The system takes care of
the exchange of the public keys automatically.b

The underlying problem is that the username (apparently) does not
include a hash of the public key. It is possible that user ID
mentioned in bHow can I verify that I am sending messages to whom I
think I am?b entry in the FAQ is such a hash, but it is not clear from
the brief description.

It is also not clear whether the server can decide to make a message
disappear b i.e., are there mandatory authenticated receipts?

And of course, due to the centralized nature of the system,
CryptoHeaven can perform traffic analysis, building social networks of
correspondents, etc.

I am also not sure why they mention bnon-repudiation and anonymityb in
the FAQ. Non-repudiation is seen as problematic in encrypted
communications nowadays (together with lack of perfect forward
secrecy, which seems to be an attribute of the protocol as well), and
is differentiated from communication authenticity per se (e.g., see
OTR [4]). The claim of anonymity looks like an overstatement.

All of the above is written based on high-level descriptions on
CryptoHeaven website b I didn't look at the code (which is available
[5]), so some points could be incorrect.

[1] http://dee.su/cables
[2] http://www.cryptoheaven.com/Security/security-encrypted-email.htm
[3] http://www.cryptoheaven.com/Security/SecurityFAQ.htm
[4] http://www.cypherpunks.ca/otr/
[5] http://www.cryptoheaven.com/Download/Files/CryptoHeaven-SourceCode.jar

-- 
Maxim Kammerer
LibertC) Linux: http://dee.su/liberte
--
Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech

----- End forwarded message -----
-- 
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A  7779 75B0 2443 8B29 F6BE

More information about the cypherpunks-legacy mailing list