[HacktionLab] "secure email list services"

Martin charlychemnitz at yahoo.de
Fri May 4 14:44:06 UTC 2012 

Hi there,

On Friday 04 May 2012, Garcon du Monde wrote:
> On Fri, May 04, 2012 at 12:51:36PM +0200, Martin wrote:
> > In any case, if SELS is user friendly enough it would be the preferable
> > choice as it rules out one attack vector.
> 
> i haven't looked extensively at SELS but i would disagree fairly
> strongly with this statement for the following reasons:
> 
>  1) it does not appear to have been maintained for >= 3 years

Yep, that's an issue. That's why I brought it up partly: perhaps some of us 
could get interested (if it's any good) and take over maintaining.

>  2) if the server is not encrypting to recipients (i.e. individuals are
>     encrypting to all the other individuals) then it would rely on
>     people keeping their keyrings up to date as well as remembering to
>     include everyone who is on the list - and i can easily imagine
>     someone changing their key, or perhaps a new member being added (or
>     removed!) without everyone realising and remembering to
>     update. hence, it becomes very user UNfriendly.

SELS is designed to solve *exactly* the problem you are describing *without* 
introducing a (potential) security hole like schleuder2 does. It is built on a 
technique called "proxy re-encryption". This allows the following: Say Alice 
wants to encrypt to Bob and Charley. She would encrypt for a special re-
encryption key, say, Dave and send an e-mail to Dave. Dave then re-encrypts 
the message for Bob and Charley and forwards. So in this sense it is just like 
schleuder2. However, what sets it apart is that Dave can *re-encrypt* but not 
*decrypt*. So the server cannot see the plaintext but still is able able to 
take care of that public-key management nightmare you describe above.

cf. https://en.wikipedia.org/wiki/Proxy_re-encryption

> having used schleuder2 in a number of different situations, i think it
> is a good software that serves the purpose. i agree there are issues
> with trusting the server, but it's slightly different when you run the
> server ;-) but that is an issue that people have with almost all of the
> tools that we discuss (e.g. good ol' plain boring email, web hosting,
> etc)

Cheers,
Martin

More information about the HacktionLab mailing list