Published on May 2nd, 2016 📆 | 1951 Views ⚑0
DIME — Dark Internet Mail Environment
Internet electronic mail (email) was designed in the early days of the Internet, and so lacks any mechanism to protect the privacy of the sender and addressee. Several techniques have been used in an attempt to increase the privacy of email. These techniques have provided either modest increases in privacy, or have proven to be very difficult to use for most people.
In addition to protection of content, truly private email must limit information disclosed to handling agents, only exposing information necessary for delivery (the metadata), and provide robust identity guarantees which prevent the impersonation of senders. The Dark Internet Mail Environment (DIME) achieves this level of privacy with core protocols using multiple layers of key management and multiple layers of message encryption. TheDIME Protocol Specifications contain the full technical details of the DIME. The libdime project holds the DIME libraries and related command line utilities.
The goal of DIME is to provide a messaging system capable of protecting user privacy. This definition is ambiguous. For clarity, privacy is more precisely defined as the ability to control access to confidential information. In the context of email, confidential information is synonymous with information about a message, in addition to the actual message.
The term security is frequently has also been frequently abused. In our context security is used to discuss the mechanisms a user has to ensure the privacy of a message, and limit the potential for leakage. More security is equivalent with less information exposure, and a greater degree, or increased level of effort, required to breach the protections guarding confidential information. Encryption is the primary mechanism used to secure information, and ensure the privacy of confidential information.
These definitions led to specific deficiencies within the current email infrastructure, and its ability to ensure the security of confidential information. End-to-end encryption appears to ensure the protection of user privacy, but to ensure its ubiquitous use, the following technical goals were identified:
- Automate key management, including the: creation, rotation, discovery and validation of keys.
- Transparently encrypt and sign email messages to ensure confidentiality and author non-repudiation.
- Resist manipulation by Advanced Persistent Threats (APTs).
- Link security to the complexity of a user’s password, and the strength of an endpoint’s defenses.
- Minimize the exposure of metadata to handling agents and service providers.
- Give control back to the user.
The core operational directives for DIME were developed to simplify the adoption of an email system protected by endto-end encryption, minimize the information exposed to the minimum required for the system to function, and generally provide a protocol framework which is capable of protecting user privacy. At a high level, these core operational directives are achieved through the following elements:
- A handling agent only sees information about its immediate neighbors – the agent from which the message came and the agent to which it goes next. This specifically means that while the a message transits the open Internet, it travels inside a TLS tunnel, and the only information visible to (origin, MTA/MSA) host and target (destination, MTA/MDA) host.
- Author and recipient mailbox addresses are encrypted and then embedded within the message object. The origin host only sees the author mailbox address and the destination host only sees the recipient mailbox address.
- The origin host does not see the recipient mailbox address and the destination host does not see the author mailbox address unless the author and recipient are controlled by the same organization.
- Only the author and recipient can decrypt an entire message. The origin host and destination host only have access to their portion of the encrypted envelope and to the overall message structure.
- Messages are tree structured and content encryption is per leaf with independent keys for each leaf, permitting access to individual parts of the message without having to process other parts. This is especially helpful for clients with limited resources and/or bandwidth when accessing messages in a remote message store. It also permits other handling actions, such as the validation of message signatures, without needing to download the entire message through the use of tree signatures.
- Validation of signet (keys) is accomplished without the use of a formal CA construct, and no single source of information is automatically trusted. The basic validation model is to obtain a signet from a credible primary source and then confirm it with another pre-authenticated source. The two pre-authenticated sources currently available are a management record signed using DNSSEC or a TLS certificate signed by a recognized Certificate Authority (CA). Both can be cryptographically traced by a signet resolver back to a trusted key that is shipped with the resolver.
- To the extent possible, layers of encryption have been used to mitigate the potential harm a nefarious actor can accomplish with the breach of a single piece of the DIME architecture.
- Public conveyance can be over a variety of transport services. This greatly lowers the barriers to DIME adoption.
- zlib zlib site
- CentOS 6 x86_64
- CentOS 7 x86_64
|libs/||The DIME libraries|
|libs/core/||Various string and other data manipulation functions taken from the magma core component.|
|libs/common/||Error handling, network and cryptographic functionality common to the remaining DIME libraries.|
|libs/signet/||Signet data format handler, including creation, signing, parsing and validating.|
|libs/signet-resolver/||Logic to retrieve management records then the signets for users or organizations, including the relevant validation logic.|
|tools/||The command line utilities.|
|tools/dime/||Generate a DIME message and send it.|
|tools/signet/||Generate, sign, view and verify a signet.|
|res/||Resource files used by the different components and utilities.|
|checks/||Unit tests (eventually).|
|include/||The header files provided by the library components.|
Compiling Dark Internet Mail Environment
First, produce the build files from the autotools files:
The specific make targets:
make signet make dime
Source && Download