Encrypted Email and Online File Storage - Cryptoheaven

← Back to Stories (view on slashdot.org)

Encrypted Email and Online File Storage - Cryptoheaven

Posted by michael on Tuesday November 27, 2001 @12:47AM from the /var/crypt/spool/mail dept.

Adam: Kurzawa writes: "CryptoHeaven is a new online service offering secure services: secure free mail, secure file sharing, distribution and storage secure instant messaging, secure discussion lists, automatic key and contact management, no third party key holder, all services integrated into one user interface, accessible anywhere, anytime CryptoHeaven uses the AES symmetric cipher Rijndael with 256 bit symmetric key, public-key cryptography with 2048-4096 bit asymmetric keys (user selectable) and SHA-256 message digest function. Free and premium accounts are available. Source code is available for download free of charge."

33 comments

Min score:

Reason:

Sort:

Hmm, but who would use it? by pwagland · 2001-11-27 01:05 · Score: 3, Insightful

I am not sure at what market this is aimed.
It has all of the facilities to do "access from anywhere" computing, except to do that, you have to store your private key on the server (or at least be able to get access to it from anywhere).
If the private key is on the server, then the system is potentially compromisable, and it would appear to lose the it's main selling point.
OK, fine, then don't store your private key on the server. But that means that you are restricted as to where you view the data from, or you must have some means of transporting the private key. But if you are going to restrict yourself to this, then why not just store the secure data on this secure machine? So that appears to be another class of people eliminated...
OK, so then, who is left. I can see how people would like to use this as an anomyous service, but to do that, you have to leave the private keys on the server, otherwise they can pin the account to you. But, this seems inherently dangerous, since one can sniff the password from the server, decrypt your private key, and use/abus your account.
So again I ask, what are the target demographics here? As far as I can tell it is not the security conscious, and it is not the truly paranoid. So who?
1. Re:Hmm, but who would use it? by imrdkl · 2001-11-27 02:40 · Score: 1
  
  It has all of the facilities to do "access from anywhere" computing, except to do that, you have to store your private key on the server (or at least be able to get access to it from anywhere).
  I dont think so. The key is created on the client side using Java crypto. Uploading the private key to the server is optional. The only thing you need to access the service thereafter is the jarfiles which make the UI, and a JDK 1.3 RT. You can carry your key around with you on a self-destructable (10 seconds, Jim...) floppy, if you're really concerned about access from anywhere.
2. Re: Hmm, but who would use it? by Anonymous Coward · 2001-11-27 04:48 · Score: 0
  
  If you want to use CryptoHeaven as a mobile user with a laptop, you do not need to store the encrypted private key on the server. This option is necessary for people that will be accessing their accounts from some one elses computer where the private key is not available.
  Even when the key resides on the server, it is well encrypted using Rijndael(256) with a hash of your passphrase. When the strength of your passphrase is high, the risk is low.
  You could take your key file (encrypted) with you on a floppy, and access your account from another location. The key file is small, but the account may hold many megabytes of data in it.
  Server does not store your passphrase, or its hash, your passphrase is not stored or sent anywhere. It is only used to encrypt/decrypt your private key on your local computer. If you forget your passphrase, CryptoHeaven cannot recover your data.
3. Re:Hmm, but who would use it? by DaveHowe · 2001-11-27 04:53 · Score: 2, Insightful
  
  The base model seems to be the same as Hushmails (with the one exception of an option to store the key locally; hushmail doesn't have that)
  at least at first glance, it looks good - actual encryption model is very pgplike, with public keys protecting session keys protecting messages via symmetric encryption; however, even Hushmail has realised that OpenPGP compatability is the way to go, and has set up a site to allow PGP users to import their DH public keys to Hushmail (for use by hushmail users) and export their hushmail keys for upload to keyservers.
  With the inclusion of file storage into the pot, it looks like an attempt to take the Hushmail business model and run with it - but unless they move towards OpenPGP compatiability, they will almost certainly lose the interoperability war, and with it a lot of potential users.
  
  --
  -=DaveHowe=-
4. Re:Hmm, but who would use it? by BitterOak · 2001-11-27 07:27 · Score: 1
  
  Can't the private key be encrypted with a passphrase before storing it on the server?
  Then, when you wish to log in, the encrypted private key is downloaded into the client and decrypted with the passphrase. Thus the folks that run the server never see the private key.
  I'm not sure if that's the way Cryptohaven works, but many other services use this model.
  
  --
  If I can be modded down for being a troll, can I be modded up for being an orc, or a balrog?
5. Re:Hmm, but who would use it? by Anonymous Coward · 2001-11-27 08:05 · Score: 0
  
  I had a brief look at the code, and indeed that's how it works. The private key is encrypted locally and then send to the server.
  
  This is a secure way of doing things, you just have to make sure your password is long and impossible to guess.
6. Re:Hmm, but who would use it? by Kris_J · 2001-11-27 11:12 · Score: 2
  
  or you must have some means of transporting the private key.
  I keep a copy of my PGP key rings on the MMC card that I use in my portable MP3 player. Alternatively I could store it on my Palm/TRGpro. For a while the Swatch Access watches with their RF contactless smartcard technology looked promising, but I don't think the reader/writer mousepad was ever released. There are many ways to transport tiny amounts of digital data.
7. Re:Hmm, but who would use it? by MrFredBloggs · 2001-11-27 23:29 · Score: 1
  
  Cracking a passphrase is trivial.
Wait, this can't be.. by redhotchil · 2001-11-27 01:14 · Score: 1

A subscription service, so, you mean, an opensource company... making money? Blasphemy!
Third Party Key Holder by ehikory · 2001-11-27 01:55 · Score: 2, Informative

"...no third party key holder..."

Actually, according to the web page, they do offer to act as the third party keyholder:

"The private portion of the key is encrypted with user's pass-code and stored on the local computer or sent to the server at user's choice."

If the private key is not sent to the server, then what is the benefit over any other service that allows remote email & storage (assuming others actually send emcrypted email and the user stores encrypted files)?

Now, because their service agreement requires users not to store any illegal material, users cannot really store anything that is dangerous to governments. I don't know the details of Canadian law enough, but I would suspect that the RCMP (or other appropriate agency) would be able to collect
the secret key and therefore decrypted data if they really wanted. Can someone tell me otherwise?
1. Re:Third Party Key Holder by Anonymous Coward · 2001-11-27 04:57 · Score: 0
  
  Since the private key is not stored anywhere in its plain form, and neither is the passphrase, there is no way to recover the access codes to someones account except to ask the account owner or record his key strokes in some way. The passphrase never leaves your computer. CryptoHeaven does not act as a key holder in the sense that your key is not legible because it is encrypted with a hash of your passphrase.
  If you are concerned about the strength of your passphrase, store your key locally.
Canadian Crypto service by imrdkl · 2001-11-27 02:08 · Score: 3, Informative

The service and the product seem to be located and developed in Canada. I note that Canada is not a party to the CyberCrime Treaty which was discussed earlier.
Perhaps this is worth further investigation...
The user interface is written in Java, and requires a 1.3 or higher runtime installed. The Windows installer has an optional 1.3 runtime included. By virtue of the Java client-side implementation, your private key is never sent, or seen by the server unless you choose to upload it in encrypted form. If you do decide to upload your private key, thereafter you rely only on SSL, presumably, to protect the password for your encrypted private key stored remotely.
It's been awhile since I looked at Java's crypto. The 1.2 stuff was pretty lame, especially the keystore. But this implementation does at least seem to use RSA keys for Java, which means that the container may be better too.
I dunno if I'd ever advise anyone to allow their keys to be stored on the server, no matter how many reassurances they get. However, for someone who simply wishes to share private mail with someone else, it might be nice.
Things that remain unclear to me are:
1. Can encrypted mail be sent to someone who does not have an account, using a ordinary PGP public key, for example?
2. What protocol does the service use? Is it standard SMTP? (possibly with verification)
3. Where does the encryption/signing of the delivered email actually occur? Presumably always on the client. 4. The Service Agreement seems pretty, uh, tight. If you displease them in any way, all your rights, including access to your existing mail, is cutoff.
Anyone actually using this service?
1. Re:Canadian Crypto service by DaveHowe · 2001-11-27 04:56 · Score: 2
  
  I dunno if I'd ever advise anyone to allow their keys to be stored on the server, no matter how many reassurances they get. However, for someone who simply wishes to share private mail with someone else, it might be nice.
  not entirely a bad thing - the security of the PGP secret keyring does not require secrecy of the file - if you really want it, I will mail you a copy - but *does* require that the key be encrypted and that a good, unguessable passphrase be used.
  
  --
  -=DaveHowe=-
2. Re:Canadian Crypto service by leto · 2001-11-27 04:59 · Score: 3, Informative
  
  Wrong: reread the cybercrime URL you posted:
  
  Canada, Japan, South Africa and the United States, who took part in the drafting, also signed the treaty today.
  
  So, this means they (or at least their goverment) promises to help do key escrow etc. So the government will ask the key from cryptoheaven if they have it. There is no point in giving them they key at all. They cannot secure it. In fact, they should refuse all keys for this very reason.
3. Re:Canadian Crypto service by imrdkl · 2001-11-27 05:18 · Score: 1
  
  Thanks for pointing that out.
  I shoulda used grep(1). Funny thing is, there was a thread in the discussion about the treaty, which give me the impression that Canada wasn't going along with it (the treaty). Something about pirating DirectTV signal, if I remember. Anyways, a good point was also made that, as long as the private key is encrypted, it's maybe ok to upload. But then you gotta trust SSL and the server-side actions. Better to keep your keys in your pocket, imho.
4. Re:Canadian Crypto service by Anonymous Coward · 2001-11-27 05:42 · Score: 0
  
  From the review of the source code, it appears that the key is first encrypted using your passpharase, and then sent to the server (if you choose to do so). So, even if the goverment somehow got a hold of the key, they would still have to crack the encryption protecting it.
  
  So, just like any passwords, you better make sure you choose an unguessabe passphrase. Cryptoheaven enforces the use of strong - at least 12 characters long passwords with some numbers and punctuation marks. To me, this is pretty secure. But hey, if you are really concerned, don't store your keys on the server, just carry it with you on a floppy, or any one of the new (very cool) USB flash storage devices. Either way, the key is still encrypted and you need your passphrase.
5. Re:Canadian Crypto service by Anonymous Coward · 2001-11-27 05:48 · Score: 0
  
  The system does not allow sending encrypted mail to anyone outside the CryptoHeaven network. All users participating must have CryptoHeaven accounts, maybe this will change in the future, we'll see.
  
  The client software performs all the encryption and decryption. Server acts as a place holder and remote storage for encrypted data. As long as you trust your own platform and you have a strong enough passphrase you need not worry about anyone decrypting your communications.
  
  The private key (if optionally stored on the server) is also encrypted (Rijndael-256) with an SHA256 hash of your passphrase (plus salt) so it should be illegible to anyone should someone manage to steel it.
  
  The Service Agreement is their legal disclaimer. One cannot operate a crypto remote storage service without one.
6. Re:Canadian Crypto service by imrdkl · 2001-11-27 05:54 · Score: 1
  
  But, if the key is saved on the server, doesn't this imply that the server also offers the encryption and decryption functionality? If so, then the password has to be sent to the server to decrypt the key.
  Perhaps the encrypted key is given to the client again for each session? Does enc/dec only occur on the client? This was one of my questions. Perhaps you can grok that from the source?
7. Re:Canadian Crypto service by imrdkl · 2001-11-27 05:57 · Score: 1
  
  ah. ok. Forget my previous question then. thanks, mr. C!
8. Re:Canadian Crypto service by Anonymous Coward · 2001-11-27 06:45 · Score: 0
  
  Your personal passphrase never leaves your computer, it is not stored or sent anywhere.
  
  When the client connects to the server, server sends the encrypted private key to the client (or not if it is stored locally) and the decryption of the key takes place on the client. It is decrypted using the hash of the password which no one else knows but you.
  
  On top of this, the entire session between the client and server is additionally encrypted with short term session keys.
Neal Stephenson day? by spood · 2001-11-27 06:32 · Score: 1

What's going on? Did the ./ editors just pick up a copy of Cryptonomicon today? First a story on Van Eck Phreaking, now the Crypt?

--
---- Just another spud server.
CryptoHeaven looks solid by Anonymous Coward · 2001-11-27 07:13 · Score: 0

This is a client-server application with the server running at the Secure Data Center. A direct connection to the Internet is required.

From what i gather, the product targets individuals in need of security and privacy working together in small groups. Software includes features like instant messaging, chat, and file sharing. Unique feature is an ability to securely share data folders between groups of people combined with remote storage.

The source code is freely downloadable for anyone that cares to verify the claims. Asymmetric crypto is based on RSA and for a symmetric cipher, it uses Rijndael. Freely available source is very reassuring, it looks like it was released in hope that it would be put to the test by the cryptographic community. The crypto looks very strong and has multiple levels of encryption and hierarchies. I suppose when enough people review it, the software should gain broader popularity.

It does have some features over and above a person-to-person pgp email (or hushmail, or ziplip). It is meant to be a much more user friendly environment for data exchange within trusted groups, without sacrificing security.
Encrypted email? Use PGP. by sketerpot · 2001-11-27 07:47 · Score: 1

Why are these people offering encrypted email? You can easily do it yourself with PGP. Just get PGP For windows or unix here or look for the C-KT build for windows only (but with a nice GUI).
Register your address on a keyserver, get a good email client, and off you go!
1. Re:Encrypted email? Use PGP. by Kris_J · 2001-11-27 11:15 · Score: 2
  
  You're right -- the problem with encrypted email isn't about a lack of services, it's the fact that it's hard to convince anyone else to use it.
2. Re:Encrypted email? Use PGP. by Jennny · 2001-11-27 16:11 · Score: 1
  
  Well, I think the main functionality of this is not only encrypted email but ability to share folders with files with your contacts.
how would they know what I'm using the service 4? by kipple · 2001-11-27 22:29 · Score: 1

from the License Agreement:

"You hereby agree to not use the Service to:

1. transmit or store any Content that is unlawful, harmful, threatening, abusive, harassing, tortious, defamatory, vulgar, obscene, libelous, invasive of another's privacy, hateful, or racially, ethnically or otherwise objectionable
2. defame, abuse, harass, stalk, threaten or otherwise violate the legal rights of others;
3. harm minors in any way;
4. impersonate any person or entity, or falsely state or otherwise misrepresent your affiliation with a person or entity;
5. email or otherwise transmit any Content that you do not have a right to transmit under any applicable law or under contractual or fiduciary relationships (such as inside information, proprietary and confidential information learned or disclosed as part of employment relationships or under nondisclosure agreements);
6. post, email or otherwise transmit any Content that infringes any patent, trademark, trade secret, copyright or other proprietary rights of any party;
7. upload, post, email or otherwise transmit any unsolicited or unauthorized advertising, promotional materials, "junk mail," "spam," "chain letters," "pyramid schemes," or any other form of solicitation;
8. upload, post, email or otherwise transmit any material that contains software viruses, trojan horses, worms, time bombs, or any other computer code, files or programs designed to interrupt, destroy or limit the functionality of any computer software or hardware or telecommunications equipment;
9. interfere with or disrupt the Service or servers or networks connected to the Service, or disobey any requirements, procedures, policies or regulations of networks connected to the Service;
10. intentionally or unintentionally violate any applicable local, state, national or international law;
11. harvest or otherwise collect information about others, including email addresses, without their consent"

...how would they know what I'm sending, if it's encrypted? Or was that just for law purposes?

--
-- There are two kind of sysadmins: Paranoids and Losers. (adapted from D. Bach)
Re:Maybe it's like Hushmail by Anonymous Coward · 2001-11-28 01:06 · Score: 0

Hushmail stores the private key on the server, but always encrypted with the passphrase, so your security is as strong as the passphrase. When the private key is needed, it is sent encrypted (and over secure channel) to the Java client, which decrypts it with the passphrase and uses it to decrypt email. Neither the passphrase, nor the plaintext private key, ever travel over the network. (They have a neat trick to prevent attackers from getting your encrypted private key for the purpose of a dictionary attack on the passphrase: The server stores a hash of your passphrase, and will only send the key to the client if the client sends the correct hash. As far as preventing the server operator from running a dictionary attack on your passphrase, you'll either have to trust them, or pick a really good one.)

If I recall, Hushmail has patent pending for the system described above (portable client that computes all encryptions/decryptions, private key and email/etc. stored on server).
Re:how would they know what I'm using the service by Anonymous Coward · 2001-11-28 12:31 · Score: 0

They don't know and do not have any way of knowing what you are sending. This is just to cover their asses for the purpose of complying the the applicable laws.

If you read the service agreement you have with your ISP, I am sure you'll see it says something along the same lines.
Re:Maybe it's like Hushmail by Anonymous Coward · 2001-11-28 15:45 · Score: 0

The CryptoHeaven is unique in the sense that it does not send the encrypted private key with the hash of the passphrase during the account creating. It does so after the account is created and secure connection already established, but only at the users choice. The encrypted private key does not have to be stored on the server at all, it can be stored in a file on your local computer -- in that sense, CryptoHeaven offers much higher security.

There is a challenge where the user must send the partial hash for authentication, which also originates from the passphrase but is computed independently from the hash (and other sources) which is used to encrypt the private key, in order to retrieve his encrypted private key. This way the encrypted private key is not send to anyone who does not pass this challenge. That only applies if the private key resides on the server.

Ather distinctions to the Hushmail is the generation of the hash where the user name and additional salt plays a role. Certain data and user input are combined together and used to generate a pass-code which is more involved in the process of creating accounts and establishing secure connections later on than passphrase is. For more details regarding the process I would refer to the source code.
not my cup of tea by 8onal · 2001-11-29 00:53 · Score: 1

It would have been wise to mention "Windows only" in the piece.

ZipLip meets my needs quite well for now.
1. Re:not my cup of tea by Anonymous Coward · 2001-11-29 01:26 · Score: 0
  
  Actually, CryptoHeaven runs pretty much on any OS there is.
AES approved by Anonymous Coward · 2001-12-05 04:30 · Score: 0

These guy's main cipher was approved today as the next government standard. Inspires some confidence.