Silent Circle, Lavabit to take back email privacy with Dark Mail Alliance

[Jos]

Silent Circle and Lavabit may have abruptly shut down in August amid growing pressure from the National Security Agency to hand over user information, but that doesn’t mean they’ve given up on secure email services. Rather, the two are teaming up under the newly formed Dark Mail Alliance to develop a unique end-to-end encrypted protocol and architecture, which will be released as open source for anyone to implement.

Announced yesterday at at the Inbox Love email conference in California, the new system will be based on the XMPP messaging protocol instead of the old and widely used SMTP, while adding an extra layer of protection by wrapping up all the SSL-encrypted data with Silent Circle's own SCIMP algorithm.

Encryption will apply to an email’s content, attachments and metadata such as the ‘to’ and ‘from’ fields as well as IP addresses and headers. The service will use ephemeral keys, meaning keys are created on-device so only the owner has access to them, and they are deleted after each exchange of messages.

As founding partners of The Dark Mail Alliance, both Silent Circle and Lavabit will work to bring other members into the alliance, assist them in implementing the new protocol and help proliferate what they call “the worlds first end-to-end encrypted 'Email 3.0' throughout the world's email providers.” The official launch is slated for the second quarter of 2014 and a Kickstarter campaign to raise funds will begin soon.

Dark Mail would be available free of cost as an add-on or an option to existing e-mail providers -- so Gmail could use it if Google chose to participate -- in a way that is transparent to end users. The goal is to have “100 Lavabit-like services” around the world and take back email privacy.

Image via ArsTechnica

Permalink to story.

https://www.techspot.com/news/54530-silent-circle-lavabit-to-take-back-email-privacy-with-dark-mail-alliance.html

 

[Khanonate]

What's going to stop the government from asking for the key to their SCIMP algorithm and using Quantum
computers to break the XMPP messaging protocol? And if you think there's no working quantum computers out there, you'll be in for a big surprised...if only I can have one so I can play BF4 while crunching the age of the universe and pi to the exabytes.

 

[wastedkill]

What's going to stop the government from asking for the key to their SCIMP algorithm and using Quantum
computers to break the XMPP messaging protocol? And if you think there's no working quantum computers out there, you'll be in for a big surprised...if only I can have one so I can play BF4 while crunching the age of the universe and pi to the exabytes.

Oh they exist just not worth the extra cost for yr 1980-2000 performance, Whats stopping them from handing over the key? probably a few things including one which is to say no to the government.

If I was the US government I would be peeing my pants right now I doubt they even care about this right now specially as they are basically on hot water as they are very close to being enemies with ooh I don't know 35 world leaders.

I dont see why companies feel pressured by the government specially when its a tech company they NEED the cash from them by taxes etc. if they moved then the US just lost a massive amount of valuable income, if they keep pushing companies WILL move and it will make other companies extremely angry.