Security Analysis
Technical explanation
Sensitive operations using your passphrase, private key, and the bodies of emails are performed by the Encryption Engine component. When you access your email, the Encryption Engine is activated on the web server. Your web browser will communicate over an encrypted SSL connection to the web server instructing the Encryption Engine to perform encryption, decryption, and signature functions using your private key and passphrase.
Details on what is protected
| Type of Information | Level of Protection |
| Source of random data when creating new PGP keys | Entropy collected on the server |
| Passphrase encrypted in transmission from browser to web server | SSL |
| Passphrase encrypted in storage on web server | SHA256 |
| Passphrase decrypted on web server | The passphrase is used in decrypted form on the web server to decrypt the private key |
| Private key encrypted in transmission between browser to web server | Private key not transmitted |
| Private key encrypted in storage | PGP |
| Private key decrypted on web server | Private key decrypted and used on server for decrypting and signing messages (for the duration of your session) |
| The following examples apply to emails sent using public key encryption: | |
| Message body encrypted during transmission from browser to web server | SSL |
| Message body encrypted during transmission between web server and recipient email account | PGP (plus SSL if supported by recipient) |
| Message body encrypted in storage on web server | PGP |
| Message body known to web server | Yes, after the message emerges from SSL encryption, the body is temporarily exposed to the server before the PGP encryption takes effect |
| Message headers encrypted during transmission from browser to web server | SSL |
| Message headers encrypted during transmission between web server and recipient email account | SSL (if supported by recipient) |
| Message headers in storage on web server | Not encrypted |
Vulnerabilities analysis for webmail
| Attack | Level of Protection |
| The following examples apply to emails sent using public key encryption: | |
| Attacker is listening to your Internet connection | Protected |
| Attacker gets access to email stored on the server | Protected |
| Attacker gets access to the server's databases | Protected |
| Attacker compromises webserver after you have accessed your email | Mostly protected (there is a chance some sensitive data could remain in memory) |
| Attacker fully controls webserver while you are accessing your email | Not protected |
| Attacker fully controls webserver while you are first signing up for Hushmail | Not protected |
| Attacker has access to your computer after you have accessed your email | Mostly protected (there is a chance some sensitive data could remain in memory) |
| Attacker has access to your computer before you access your email (and can install programs such as key loggers) | Not protected |
Vulnerabilities analysis for Hushmail for iPhone app
| Attack | Level of Protection |
| The following examples apply to emails sent using public key encryption: | |
| Attacker is listening to your Internet connection | Protected |
| Attacker gets access to email stored on the server | Protected |
| Attacker gets access to the server's databases | Protected |
| Attacker compromises server after you have accessed your email | Protected |
| Attacker fully controls server while you are accessing your email | Protected |
| Attacker fully controls server while you are first signing up for Hushmail | Not protected |
| Attacker has access to your device after you have accessed your email and locked the application | Protected |
| Attacker has total access to your iPhone before you access your email and your device is jailbroken | Not protected |
Access to web traffic by third parties
As a general rule we do not allow any third party access to the unencrypted content transmitted from users' web browsers to our servers.
For more information, please see: https://www.hushmail.com/privacy/