Send in your ideas. Deadline October 1, 2024
Vendor stores
Nix Flake
Theme fund: NGI0 PET
Start: 2019-04
End: 2019-04

A proof of concept of identity-based encryption

Make encryption simpler

The project aims to extend the existing attribute-based identity platform IRMA with easy-to-use encryption. The kind of encryption is called Identity-Based. Its main advantage is that key management is simple, so that encryption becomes easy to use, via a plugin to an email client (only Thunderbird in this proof of concept project). The plugin computes the public key of the recipient of a message, from some uniquely identifying attribute of the recipient (typically an email address, but phone number, or citizen registration number could work as well). The receiver of the message will have to prove, via IRMA, possession of the uniquely identifying attribute to some Trusted Third Party (TTP), which will then provide the corresponding private key. Within this project a working set-up will be built. Turning it into a widely usable product will require more work, in follow-up projects.

Why does this actually matter to end users?

Email was designed without privacy or security in mind, which is amazing for such a popular service. When you send an email, anyone that can gain access to your mail server or the mail server of the recipient can read your mail, from top to bottom. And copy it, for later usage. Or modify it. It is often compared to sending a post card, and of course in many cases there may be little harm in others reading what the weather is like in Athens. But what if you want to use email to send something confidential, something you do not want to share with others? Like a love letter, a political rant or an important contract? And what if you can't actually trust the mail man, for instance because the other party is using a free email service known to search through everything? Or what if you don' t like the fact that your writings are stored in a country you have never been, with different laws that may not be compatible with your thoughts about the world? Or what if you live in a country that has an unhealthy interest in bringing down certain political voices, or are part of a cultural minority that is at risk?

Computer specialists have been protecting their email with encryption for decades. This is the equivalent of putting your message very carefully in the blender, pressing the button before anyone else has read your mesage, shredding it up and sending a packet of shreds over to the other end. The amazing thing about cryptography is that you can magically (or rather mathematically) make it possible for your secret love - and not anyone else - to recreate the message from the shreds, and know it was you - and not anyone else - that sent it. For the rest of the world, the message would be meaningless garble pretty much forever.

However, the rather technical solution computer scientists came up with is far from easy for normal people to work with. In particular, both the person sending an email but also the recipient need to carefully prepare themselves upfront in order to even be able to securely exchange messages. As a sender you need to somehow obtain a digital "key" from the intended recipient. Without it, it is not possible to use classical email encryption. To make it even more cumbersome for all parties involved, the exchange cannot in most cases take place using email. Otherwise an peeping tom that would be able to intercept these emails, could easily figure everything out and still intercept messages or prior to that swap keys out - after all, someone having unapproved access to your email was the very problem statement we started with.

Certainly, this rather fundamentally unpractical requirement rules out many different use cases. People tend to send lots of email to people they have never had contact with before. So you cannot just turn on encrypted email and let the software handle the rest: a new key will need to be obtained for every new person you have contact with. This results in rather unpractical arrangements, which is the main reason there is still so little adoption of something as useful as encrypted email.

The Identity-Based Encryption project by professor Jacobs is going to explore an interesting alternative to this traditional way of doing things. Not because the current technology isn't secure, but because the user experience promises be so much better. Learning from recent advances in academic research, the project aims to resolve the need to manually retrieve keys across the internet for every contact - as a eager sender you can just generate that key yourself for every recipient. That means you can start sending encrypted email to anyone with a mail address straightaway, without all the impracticalities of the outback. All they need to do when your encrypted email arrives in their mailbox, is go and pick up the corresponding secret key somewhere. And this is a one time task for them, after someone has actually sent them an encrypted email which they will want to be able to read. This is perhaps the equivalent of showing your passport or driver license when you go to the post office to pick up a package. A working solution in this space would be a fundamental building block for the next generation internet. The proposed scheme requires less patience and far less technical skill from the users, and less margin for error. That would signficantly help democratising the encryption of email. We need to make safe email available to anyone, and the sooner we are able to do this the better.

Run by Privacy by Design

Logo NLnet: abstract logo of four people seen from above Logo NGI Zero: letterlogo shaped like a tag

This project was funded through the NGI0 PET Fund, a fund established by NLnet with financial support from the European Commission's Next Generation Internet programme, under the aegis of DG Communications Networks, Content and Technology under grant agreement No 825310.