The exit last week of Lavabit and Silent Circle from the secure email realmÃ'Â has left some secret sharers looking for alternatives. Mega, the "privacy company" of online rogue Kim Dotcom, is one firm preparing to fill the void.
The service, founded by Dotcom after his previous online storage endeavor, Megaupload, was shutdown for fostering online piracy, is reported to be preparing some "hugely cutting edge stuff" in cryptography that it hopes to incorporate to secure email.
That won't be an easy task. Providing functionality that people expect and need, such as searching, fully on the client side could be a major challenge if the mail server can only see encrypted files, said Mega CEO Vikram Kumar.
Another challenge: "Dealing with other email providers which don't support Mega's encryption system," Kumar said in an email.
Key management can also be a snag for someone building a secure email service, said Agari's Vice President of Engineering, Ingrum Putz.
"It's a huge issue," Putz said in an interview. "You have to make sure users have the keys to encrypt messages to other people and decrypt your own messages."
Where the keys are stored can be an issue, too. Some systems -- like the now defunct Lavabit used by whistleblower Edward Snowden -- store keys on their servers and allow users to access them via password. The actual decryption took place on Lavabit's servers.
"The big concern is that if the government goes to a company like Lavabits and wants to look at the email on its servers, it can do so because all the information needed to decrypt that information is on its servers," said Matthew Green, a professor specializing in cryptography at Johns Hopkins University.
That host model of securing data requires trust from a user. "Since the host is doing the actual securing, customers have to trust the host to do it right, and do it consistently, and not to 'break their word' by turning over unencrypted data to third parties, like the NSA," said a source from Cryptocloud Secure Networking who wished to remain anonymous to "minimize extra-legal harassment."
[Also see: After 40 years, email security still elusive]
"Since trust is always imperfect, the idea is that host-based security is a Bad Idea," the source said by email.
Currently, Mega is designed to store only encrypted data. All data is encrypted at the user's computer. That way, Mega doesn't know what's in the files and can't find out what's in them because the encryption keys remain on the user's machine.
"I would assume that's how Mega wants to build its email system," Green said. "Getting that to work right is really hard. There's a lot of challenges there. A lot can go wrong."
For example, Mega uses Javascript to encrypt and decrypt data. That can be problematic with email. In 2007, for instance, Hushmail, which was supposed to be a secure email system, at the behest of law enforcement, used javascript to scrape their customers' password so plaintext versions of their email could scrutinized.
"That essentially turned an assumed endpoint-security service model into a host-based model, which was then exploited by law enforcement organizations to break the system," the source from Cryptocloud said.
"So everyone is very leery of served javascript because it can be intentionally poisoned, or even intercepted mid-stream via BEAST toolkits and whatnot," the source said.
Even if encryption problems are solved, there's always the problem of metadata, which can't be encrypted and can be very useful for any kind of snoop. It includes the subject of a message, who the email is addressed to, who sent it and when it was sent.
"That information is extremely valuable," Green noted. "When the NSA was collecting data from Verizon, all it wanted was metadata. It didn't care about the phone calls themselves."
Read more about data privacy in CSOonline's Data Privacy section.