[cryptography] The next gen P2P secure email solution

Randolph rdohm321@gmail.com
Tue Apr 22 10:56:30 PDT 2014


>
> This thread pertains specifically to the use of P2P/DHT models
> to replace traditional email as we know it today.


*Anonymous Email based on virtual institutions*

What about this model? In a network you send your public email encryption
key to an "virtual institution".
The institution is defined by a name (e.g. AES string) and postal address
(e.g. hash key). Having this information added to your node, all your email
to you or from you will be stored in the virtual email provider
institution. This detaches your nodes IP and encrpytion key from the
institution. That means, care-off (c/o) institutions will be able to house
3rd-party e-mail without needing to distribute their own public keys.

To create a post office for your friends, two methods exist:

1) Define a common neighbor (e.g Alice and Bob connect to a common
webserver as node, and all three have email encryption keys shared), then
the webserver stores the emails, even if Alice or Bob are offline.

2) Or/additionally: Create an virtual institution and add the email key of
a friend to your node. In case your friend adds the magnet link (which
contains name and address of the virtual institution, aka AES key and Hash
key) for the institution as well to his node, the institution will save all
emails for him (as well from senders, which are not registered at the
virtual institution).

A Magnet Link allows to share the virtual institution easily. The magnet
Uri would look like:
*magnet:?in=Gmail&ct=aes256&pa=dotcom&ht=sha512&xt=urn:institution*

With this method an email provider can be build without data retention and
with the advantage of detached email encrpytion keys from nodeĀ“s IP
addresses. Next to TCP, you can use as well UDP and SCTP as protocol.

Virtual Institutions (VI) have been - due to the homepage - introduced by
the lib-version 0.9.04 of http://goldbug.sf.net email and chat application.

If we understand this right, now everyone can create an email provider
without data retention just as a service for friends. In case in a network
of connected nodes everyone uses "gmail" as VI-name and "dotcom" as
VI-address, everyone will host everyone for email, while all remains
encrypted..  could be a nice net or p2p model in a testing.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://cpunks.org/pipermail/cypherpunks/attachments/20140422/bb6bf1cb/attachment.html>


More information about the cypherpunks mailing list