[cryptography] The next gen P2P secure email solution

Cathal Garvey cathalgarvey at cathalgarvey.me
Thu May 15 08:39:51 PDT 2014 

>>>>> Little proprietary walled gardens are absolutely not the answer
>>>>> for this problem.

>>> How could we make a secure solution that plays nicely with the
>>> current tools without disturbing too much what is already
>>> established?

>> By writing a gateway (i.e. between RetroShare and e-mail)?

> The gateway idea is interesting, but it has to be efficient enough
> and low cost enough for people to switch over. Something like
> bitmessage is not.

I actually think, having used it for some time and liking it on the
whole, that Retroshare isn't suited to this.

The primary reason is RS only receives mail if the sender and recipient
are online at the same time. There's no store-and-forward, even though
all messages are PGP encrypted to recipients.

RS also has a lot of feature-bloat; it's better thought of as P2P
Facebook than a simple communication system.

Finally, RS is engineered to a simple and admirable purpose which makes
it unsuited to email replacement; it's Friend to Friend. That's great in
its use-case, but I think email should be:

1) Rapid and censorship-resilient routing
2) Single canonical addresses for each participant, which are
human-readable.
3) Churn-tolerant
4) Expensive to send, to deter spam otherwise facilitated by to (1)
5) Practical for payloads between 10M and 20M, no greater.

I do *not* think the core of a replacement email should guarantee
anonymity, but the protocol should make allowances for that if possible.

I think the above could be satisfied using a pseudo-blockchain for
name->key mappings, and a key-routed DHT for creating routes for mail
delivery. Credit is earned by routing other people's mail in
store-and-forward fashion, like email. Credit can be spent to
register new mail address:key mappings and to pay for routing of larger
messages, or to prolong retention of messages before they bounce (if
your intended recipient does not run a high-uptime mailserver and may
need a day or two to log in).

That resembles Twister, the coupling of DHT:Blockchain, but may be
better suited to the model than twister is (because twister hit problems
with scaling DHT use to many followers, I think), because email is
slower and stabler than microstatus systems; more amenable to
P2P-isation, whereas rapid updates coupled with mass-queries to other
feeds is a setup better suited to a client:server interaction. The
blockchain would need tweaking, because Twister is using scrypt, which
is now apparently ASIC-able, e.g. useless. I think a password encrypting
function whose parameters are set dynamically by the value of the prior
block might help fix matters; the goal is for the ideal "ASIC" for the
function to be a consumer CPU, not a GPU or dedicated ASIC.

Anyway, sorry for the wall of text. Killing/replacing email is often on
my mind.

On 15/05/14 13:36, tpb-crypto at laposte.net wrote:
>> Message du 13/05/14 05:55 De : "grarpamp" A : 
>> cypherpunks at cpunks.org Copie à : p2p-hackers at lists.zooko.com, 
>> cryptography at randombit.net Objet : Re: [cryptography] The next gen 
>> P2P secure email solution
>> 
> 
>> On Fri, May 9, 2014 at 11:49 AM, rysiek  wrote:
>>> Dnia wtorek, 22 kwietnia 2014 20:58:50 tpb-crypto at laposte.net 
>>> pisze:
>>>> Although technical solutions are feasible
>> 
>> Then do it and see what happens.
>> 
>>>> we ought to consider some things: - Email is older than the
>>>> web itself;
>> 
>> So is TCP/IP and the transistor. Irrelevant.
>> 
> 
> You clearly did not get the point, but let's move along your 
> argument.
> 
>>>> - Email has three times as many users as all social networks 
>>>> combined;
>> 
>> And how did those nets get any users when 'email' was supposedly 
>> working just fine?
>> 
> 
> E-mail not allowing one to make his ego appreciated and envied in a 
> structured nicely formatted page maybe?
> 
>>>> - Email is entrenched in the offices, many a business is 
>>>> powered by it;
>> 
>> They are powered by authorized access to and useful end use of 
>> message content, not by email. That's not going anywhere, only the 
>> intermediate transport is being redesigned.
>> 
> 
> Can you recode outlook, eudora and other closed source stuff people 
> use(d) for e-mail handling for business? No? Well, that answers why 
> it is hard to remove.
> 
>>>> Given the enormous energy necessary to remove such an
>>>> appliance and replace
>> 
>> Removal is different from introducing competitive alternatives.
>> 
> 
> Little proprietary walled gardens are absolutely not the answer for 
> this problem.
> 
>>>> it with something better. How could we make a secure solution 
>>>> that plays nicely with the current tools without disturbing
>>>> too much what is already established?
>>> 
>>> By writing a gateway (i.e. between RetroShare and e-mail)?
>> 
> 
> The gateway idea is interesting, but it has to be efficient enough 
> and low cost enough for people to switch over. Something like 
> bitmessage is not.
> 
>> MUA's become file readers and composers. They hand off to a 
>> localhost daemon that recognizes different address formats of the 
>> network[s] and does the right thing. Perhaps they compile against 
>> additional necessary network/crypto libs. Whatever it is, those
>> are not a big change. Ditching centralized SMTP transport in the
>> clear is... and for the better.
>> 
> 
> http://arstechnica.com/security/2014/05/good-news-for-privacy-fewer-servers-sending-e-mail-naked-facebook-finds/
>
>
> 
> I think that answers your concern about SMTP transport in the clear,
> in less than one year the darkest bar in that chart will be close to 
> 100%. If 80% of hosts demand strict encrypted transport, it will 
> force the other 20% to change. Considering the snowden revelations 
> and the fact that one year ago we barely used encrypted transport, 
> having 1/4 already and accelerating is a good prospect.
> 
>> Reread the threads, forget about that old SMTP box, think new.
> 
> Fixing the problem is better than overhauling all offices in the 
> world, you clearly haven't been in may offices in your life.
> 
>> _______________________________________________ cryptography 
>> mailing list cryptography at randombit.net 
>> http://lists.randombit.net/mailman/listinfo/cryptography
>> 
> 

-- 
T: @onetruecathal, @IndieBBDNA
P: +353876363185
W: http://indiebiotech.com
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0x988B9099.asc
Type: application/pgp-keys
Size: 6176 bytes
Desc: not available
URL: <http://lists.cpunks.org/pipermail/cypherpunks/attachments/20140515/cec0f960/attachment-0001.key>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 901 bytes
Desc: OpenPGP digital signature
URL: <http://lists.cpunks.org/pipermail/cypherpunks/attachments/20140515/cec0f960/attachment-0001.sig>

More information about the cypherpunks mailing list