Home » Articles » The Darkmail Alliance
Click Here To Hide Tor

The Darkmail Alliance

After being forced to shut down his service in order to not hand over user data, Lavabit founder Ladar Levison teamed up with Mike Janke and Jon Callas, the CEO and CTO of Silent Circle. They also shut down their email service out of fear of being forced to hand over user data to authorities. They together have formed ‘The Darkmail Technical Alliance’ along with Phil Zimmerman, the man who brought PGP encryption to the masses.

The mission aim is to create a Darkmail Protocol. A new email protocol that’s end-to-end encrypted and all that an outside observer can see is the size of the email.

The Darkmail Whitepaper can be found here (WhitePaper) the project is known collectively as Dark Internet Mail Environment (DIME). The Source code for DIME-Integrated Lavabit: Lavabit SourceCode

The way DIME works is that it applies multiple layers of encryption to an e-mail to make sure each actor in each stage of the email’s journey to sender to receiver can only see the information about the email as they need to see.

Anyone monitoring the email would be able to see the size of the message but that’s about it
– Iain Thomson

When an author sends an email they can see where it’s bound, the email server can’t the email server only can only decrypt the part of the message that contains the recipients email server. The Recipient e-mail server knows the destination server and the recipient but doesn’t know the sender so each actor can see only one hop before it and after it.

This relies on a federated key management system to handle the encryption layers as every actor in the DIME chain has to have its own Key pairs (a set of public and private keys) to encrypt and decrypt the required email portions it needs. Ladar Levison sees this to work in a DNS-like system with each organization that uses DIME being the authoritative source of the encryption keys for its servers and email addresses. Though specifically Levison settled for DNSSEC as the preferred method for holding a domain’s email trust anchor. This though runs into the problem of poor adoption which means that a Certificate authority signed TLS certificate would be required to validate the keys.

There’s an optional mode available wherein email servers transparently do the client’s email encryption for them in what’s called “trustful mode” and can either be a bridge for users to use until they have a client program that fully supports DIME. This gives email-hosting companies the potential to deploy DIME for hosted accounts without having to have mail client issues.

Levison plans on releasing Lavabit’s source code under an open source license after incorporating in the dark mail protocol into the Lavabit source code.

Issue with Darkmail would be backwards compatibility since it’s a completely new email protocol it will be incompatible with current email system. This will have to be bridged by darkmail gateways. Some darkmail providers would offer an email gateway to facilitate for a darkmail email to be sent out into the normal e-mail system using SMTP etc.

Darkmail offers flexible user-security with a basic level of encryption and security built into the protocol. Administrators setting up DIME can specify additional ciphers and encryption methods to deploy in order to secure the email and the DIME protocol would wrap it all in the baseline encryption that’s known to be secure.

4 comments

  1. Why not just use Mixmaster:

    quicksilvermail.net/qslite/

    Been around a lot longer and you can use Tor as your “first hop”.

  2. Crazyness, this is awesome.

  3. it is still traceble via tcp/ip, it users DNS, hence let us stick with gnupg.

  4. Here and there we can hear about NSA and email spying, then we hear about companies that offer us private communication software. One of them is Silent Circle. So, I decided to check is it really private and who is behind this software. My conclusion is: They are not people whom you can trust. It is possible to make presumption that Ladar Levison from Lavabit email service is not a snitch because, at least publicly, he refused to give keys to FBI for email of Snowden. At other side he is strange person when he believes in America and he doesn’t want to move business to another country. Ladar Levison doesn’t understand how secret service is working, maybe he didn’t have so much experience with them. Their job is “befriend and betray“, so, Ladar makes new project together with the U.S. based company (Silent Circle) and military personal (Mike Janke and Vic Hyder)… it is hard to believe.
    Ladar remember me on Julian Assange who believed in Sweden, Switzerland, etc, until Snowden came with true information about Sweden/NSA and others.
    In any case, spies are like small criminals, cheaters (befriend and betray), but in the case of Silent Circle, their cheating brought them good profit: When Snowden published information about NSA, Silent Circle monthly revenue has increased more than 400% month-on-month since June 6, 2013. 40% of Silent Circle’s revenue is made by enterprise customers. Abolishing email service maybe was even planned, but they made good marketing and cheating when they said they abolished email for the same reason like Levison/Lavabit, it was clear cheating to get customers and nothing else. Who believes to spies? Ladar believes in America, Ladar believes in military spies, Snowden didn’t make anything clear to Ladar.
    So, first of all Silent Circle is the U.S. based company and beside it they have military personal inside of company.
    I would say, one time in military, forever loyal to military, crowd of military personnel are working for military intelligence and American military serves interest of American corporations.
    Mike Janke – CEO & Co-Founder. Former Navy SEAL sniper, best-selling author, Special Operations communications expert, and founder/past CEO of SOC, a global defense & logistics firm.
    Vic Hyder – Chief Operations Officer. Combat-decorated career Navy SEAL Commander and past founder/CEO of a maritime security firm. Recipient of the Silver Star with a master’s degree in strategic thinking and campaign planning, he has led and coordinated highly classified missions worldwide. This is public proof that he is a spy.
    Phil Zimmermann – President & Co-Founder. Philip R. “Phil” Zimmermann, Jr. (born February 12, 1954, right on the photo) is the creator of Pretty Good Privacy (PGP) in 1991, also known for his work in VoIP encryption protocols, notably ZRTP and Zfone. After a report from RSA Data Security, Inc., who were in a licensing dispute with regard to use of the RSA algorithm in PGP, the United States Customs Service started a criminal investigation of Zimmermann, for allegedly violating the Arms Export Control Act. The United States Government had long regarded cryptographic software as a munition, and thus subject to arms trafficking export controls. They misused it to hunt him and dropped this case without indictment in early 1996 (possibly he accepted to work for them, typical blackmail with making court process against target). Zimmermann founded PGP Inc. and sold it next years to Network Associates (NAI) where he worked for next 3 years. NAI was again sold in 2002 to PGP Corporation, until Symantec acquired PGP Corporation in 2010.
    I believe that they stopped to hunt him when he decided to collaborate and work for the gov but possibly made a deal with them to sell them his product so he makes some money and later he continued to work for them until they got idea to make Silent Circle in 2013. Microsoft, Symantec, and McAfee whitelist NSA, state-sponsored, malware.

Leave a Reply

Your email address will not be published. Required fields are marked *

*

Captcha: *