Former Head of Lavabit Revives Dream of Secure Email
A year after being forced to shut his Lavabit service down, Ladar Levison details new plan to secure email communications for everyone.In August 2013, Ladar Levison, the owner of operator of encrypted email service Lavabit, decided to shut down his service after the U.S. government requested information from him that would put his clients at risk. A year later, Levison is now building out a new technology platform that aims to provide email security and privacy that won't be violated by anyone. Levison discussed his Lavabit experiences and his new plan for email in a standing-room-only session Aug. 8 at the Defcon security conference. Levison had originally intended to call the new secure email system Dark Mail, but instead, he is calling it DIME—the Dark Internet Mail Environment. The goal behind DIME is to achieve message confidentially, author validation and deployment flexibility. The DIME system is comprised of two protocols as a well as a management and configuration system. The Dark Mail protocol provides inter-domain message transfer and secure key lookups. There is also the Dark Mail access protocol, which handles persistent access to messages, synchronization of cache and key information. DIME will use a format he referred to as Signet, Levison said. "The Signet is a signing and encryption key along with a collection of attributes in the signature," he said.
There is also a Dark Mail message format, which breaks up the traditional MIME (or Multipurpose Internet Mail Extensions) message format into independent chunks that are encrypted with different cryptographic keys. Magma is the name of the server implementation of DIME, while Volcano is the client. Volcano will have a thick client implementation that is a fork of the open-source Mozilla Thunderbird email project.