Closed Bug 17623 Opened 25 years ago Closed 22 years ago

Symmetric key email encryption

Categories

(MailNews Core :: Security, enhancement, P3)

Product:
MailNews Core
Component:
Security
Type:
enhancement

Tracking

(Not tracked)

Status:
VERIFIED WONTFIX

People

(Reporter: ron.ralston, Assigned: KaiE)

Details

(Keywords: helpwanted) 

The current email encryption mechanism and the proposed 5.0 mechanism are too
complex for most people to use.  Using public key encryption, digital
signatures, and whatnot is gross overkill for the security concerns of most of
us.  This high level security requires too much up-front preparation and
coordination between the mail sender, recipient, and even third parties.  I
don't need unbreakable encryption, I just need something that makes it difficult
for a casual sneak to read my email.

I propose that selecting the security option in a composition window (or in
email preferences) present "normal security" and "high security" options.  The
high security option is the current and proposed security.  The normal security
option is something very simple to use: prompt for a key (maybe 5 to 16 or so
characters) and then use that key to cipher/scramble/encrypt the message and
attachments.

The outgoing message would be tagged (maybe also in the "subject" line) to
indicate that it's in code.  Upon receipt of such a message, the email package
in the browser might detect the tag and prompt the reader to enter the key.
When the correct key is entered, the body of the message is presented in
readable form.  It should remain stored in encrypted form.  Selecting the "save
to disk" option after clicking on an attachment should have the added option of
being saved encrypted or decrypted.

If my friend replies to this message, it should default to being encrypted (no
action need be taken to encrypt) using the same key.

Security should be simple to use.  I want to be able to call my friend on the
phone and tell him that the key is his oldest childs first name (or something
equally memorble).  I don't want to have to go through the key holder and
digital signature hassle -- and neither do most people who send email.

Fancy encryption is not the issue here, most users don't intend to keep the FBI
or NSA from reading their mail.  They want to keep some snoop who has access to
their server or their PC from reading their mail.
Status: NEW → ASSIGNED
Target Milestone: M18
Assignee: jefft → nobody
Status: ASSIGNED → NEW
Summary: simpler email encryption → [HELP WANTED] Simpler email encryption
Whiteboard: [HELP WANTED]
Add to [help wanted] list
Keywords: helpwanted
Summary: [HELP WANTED] Simpler email encryption → Simpler email encryption
Whiteboard: [HELP WANTED]
Target Milestone: M18
Bulk moving all MailNews Security bugs to new Security: General component.  The 
previous Security component for MailNews will be deleted.
Component: Security → Security: General
Summary: Simpler email encryption → Symmetric key email encryption
Ron: are you aware how easy to break such encryption scheme is?

The moment it is widely used, you'll get dedicated Mozilla mail descramblers
that would break 8 characters key in a matter of hours on old (Cel 300 MHz)
equipment.

I think that such feature would give a false sense of security and would do more
harm that good.
However, I agree that such feature would be useful, If users chose adequate
length passwords (the passwords should be hashed before being used as a
symmetric key by PSM).

BTW, maybe it's safe to mark this bug as a dupe of bug 35308?
I vote for a wontfix resolution.
Assignee: nobody → kaie
QA Contact: lchiang → junruh
Wontfix.
Status: NEW → RESOLVED
Closed: 22 years ago
Resolution: --- → WONTFIX
Verified.
Status: RESOLVED → VERIFIED
Depends on: 9942
No longer depends on: 9942
Product: MailNews → Core
Product: Core → MailNews Core
You need to log in before you can comment on or make changes to this bug.