Encrypted Email and Online File Storage - Cryptoheaven 33
Adam: Kurzawa writes: "CryptoHeaven is a new online service offering secure services: secure free mail, secure file sharing, distribution and storage secure instant messaging, secure discussion lists, automatic key and contact management, no third party key holder, all services integrated into one user interface, accessible anywhere, anytime CryptoHeaven uses the AES symmetric cipher Rijndael with 256 bit symmetric key, public-key cryptography with 2048-4096 bit asymmetric keys (user selectable) and SHA-256 message digest function. Free and premium accounts are available. Source code is available for download free of charge."
Hmm, but who would use it? (Score:3, Insightful)
It has all of the facilities to do "access from anywhere" computing, except to do that, you have to store your private key on the server (or at least be able to get access to it from anywhere).
If the private key is on the server, then the system is potentially compromisable, and it would appear to lose the it's main selling point.
OK, fine, then don't store your private key on the server. But that means that you are restricted as to where you view the data from, or you must have some means of transporting the private key. But if you are going to restrict yourself to this, then why not just store the secure data on this secure machine? So that appears to be another class of people eliminated...
OK, so then, who is left. I can see how people would like to use this as an anomyous service, but to do that, you have to leave the private keys on the server, otherwise they can pin the account to you. But, this seems inherently dangerous, since one can sniff the password from the server, decrypt your private key, and use/abus your account.
So again I ask, what are the target demographics here? As far as I can tell it is not the security conscious, and it is not the truly paranoid. So who?
Re:Hmm, but who would use it? (Score:1)
I dont think so. The key is created on the client side using Java crypto. Uploading the private key to the server is optional. The only thing you need to access the service thereafter is the jarfiles which make the UI, and a JDK 1.3 RT. You can carry your key around with you on a self-destructable (10 seconds, Jim...) floppy, if you're really concerned about access from anywhere.
Re:Hmm, but who would use it? (Score:2, Insightful)
at least at first glance, it looks good - actual encryption model is very pgplike, with public keys protecting session keys protecting messages via symmetric encryption; however, even Hushmail has realised that OpenPGP compatability is the way to go, and has set up a site [hushtools.com] to allow PGP users to import their DH public keys to Hushmail (for use by hushmail users) and export their hushmail keys for upload to keyservers.
With the inclusion of file storage into the pot, it looks like an attempt to take the Hushmail business model and run with it - but unless they move towards OpenPGP compatiability, they will almost certainly lose the interoperability war, and with it a lot of potential users.
Re:Hmm, but who would use it? (Score:1)
Then, when you wish to log in, the encrypted private key is downloaded into the client and decrypted with the passphrase. Thus the folks that run the server never see the private key.
I'm not sure if that's the way Cryptohaven works, but many other services use this model.
Re:Hmm, but who would use it? (Score:1)
Re:Hmm, but who would use it? (Score:2)
Wait, this can't be.. (Score:1)
Third Party Key Holder (Score:2, Informative)
Actually, according to the web page, they do offer to act as the third party keyholder:
"The private portion of the key is encrypted with user's pass-code and stored on the local computer or sent to the server at user's choice."
If the private key is not sent to the server, then what is the benefit over any other service that allows remote email & storage (assuming others actually send emcrypted email and the user stores encrypted files)?
Now, because their service agreement requires users not to store any illegal material, users cannot really store anything that is dangerous to governments. I don't know the details of Canadian law enough, but I would suspect that the RCMP (or other appropriate agency) would be able to collect
the secret key and therefore decrypted data if they really wanted. Can someone tell me otherwise?
Canadian Crypto service (Score:3, Informative)
Perhaps this is worth further investigation...
The user interface is written in Java, and requires a 1.3 or higher runtime installed. The Windows installer has an optional 1.3 runtime included. By virtue of the Java client-side implementation, your private key is never sent, or seen by the server unless you choose to upload it in encrypted form. If you do decide to upload your private key, thereafter you rely only on SSL, presumably, to protect the password for your encrypted private key stored remotely.
It's been awhile since I looked at Java's crypto. The 1.2 stuff was pretty lame, especially the keystore. But this implementation does at least seem to use RSA keys for Java, which means that the container may be better too.
I dunno if I'd ever advise anyone to allow their keys to be stored on the server, no matter how many reassurances they get. However, for someone who simply wishes to share private mail with someone else, it might be nice.
Things that remain unclear to me are:
1. Can encrypted mail be sent to someone who does not have an account, using a ordinary PGP public key, for example?
2. What protocol does the service use? Is it standard SMTP? (possibly with verification)
3. Where does the encryption/signing of the delivered email actually occur? Presumably always on the client. 4. The Service Agreement [cryptoheaven.com] seems pretty, uh, tight. If you displease them in any way, all your rights, including access to your existing mail, is cutoff.
Anyone actually using this service?
Re:Canadian Crypto service (Score:2)
not entirely a bad thing - the security of the PGP secret keyring does not require secrecy of the file - if you really want it, I will mail you a copy - but *does* require that the key be encrypted and that a good, unguessable passphrase be used.
Re:Canadian Crypto service (Score:3, Informative)
Canada, Japan, South Africa and the United States, who took part in the drafting, also signed the treaty today.
So, this means they (or at least their goverment) promises to help do key escrow etc. So the government will ask the key from cryptoheaven if they have it. There is no point in giving them they key at all. They cannot secure it. In fact, they should refuse all keys for this very reason.
Re:Canadian Crypto service (Score:1)
I shoulda used grep(1). Funny thing is, there was a thread in the discussion about the treaty, which give me the impression that Canada wasn't going along with it (the treaty). Something about pirating DirectTV signal, if I remember. Anyways, a good point was also made that, as long as the private key is encrypted, it's maybe ok to upload. But then you gotta trust SSL and the server-side actions. Better to keep your keys in your pocket, imho.
Re:Canadian Crypto service (Score:1)
Perhaps the encrypted key is given to the client again for each session? Does enc/dec only occur on the client? This was one of my questions. Perhaps you can grok that from the source?
Re:Canadian Crypto service (Score:1)
Neal Stephenson day? (Score:1)
Encrypted email? Use PGP. (Score:1)
Register your address on a keyserver, get a good email client, and off you go!
Re:Encrypted email? Use PGP. (Score:2)
Re:Encrypted email? Use PGP. (Score:1)
how would they know what I'm using the service 4? (Score:1)
"You hereby agree to not use the Service to:
1. transmit or store any Content that is unlawful, harmful, threatening, abusive, harassing, tortious, defamatory, vulgar, obscene, libelous, invasive of another's privacy, hateful, or racially, ethnically or otherwise objectionable
2. defame, abuse, harass, stalk, threaten or otherwise violate the legal rights of others;
3. harm minors in any way;
4. impersonate any person or entity, or falsely state or otherwise misrepresent your affiliation with a person or entity;
5. email or otherwise transmit any Content that you do not have a right to transmit under any applicable law or under contractual or fiduciary relationships (such as inside information, proprietary and confidential information learned or disclosed as part of employment relationships or under nondisclosure agreements);
6. post, email or otherwise transmit any Content that infringes any patent, trademark, trade secret, copyright or other proprietary rights of any party;
7. upload, post, email or otherwise transmit any unsolicited or unauthorized advertising, promotional materials, "junk mail," "spam," "chain letters," "pyramid schemes," or any other form of solicitation;
8. upload, post, email or otherwise transmit any material that contains software viruses, trojan horses, worms, time bombs, or any other computer code, files or programs designed to interrupt, destroy or limit the functionality of any computer software or hardware or telecommunications equipment;
9. interfere with or disrupt the Service or servers or networks connected to the Service, or disobey any requirements, procedures, policies or regulations of networks connected to the Service;
10. intentionally or unintentionally violate any applicable local, state, national or international law;
11. harvest or otherwise collect information about others, including email addresses, without their consent"
...how would they know what I'm sending, if it's encrypted? Or was that just for law purposes?
not my cup of tea (Score:1)
ZipLip [ziplip.com] meets my needs quite well for now.