Help Topics/Hushmail/Security & privacy

Security Analysis

Hushmail
posted this on August 23, 2010 15:28

Technical explanation

Sensitive operations using your passphrase, private key, and the bodies of emails are performed by the Encryption Engine component.  When you access your email, the Encryption Engine is activated on the web server. Your web browser will communicate over an encrypted SSL connection to the web server instructing the Encryption Engine to perform encryption, decryption, and signature functions using your private key and passphrase.

 

Details on What is Protected

Type of InformationLevel of Protection
Source of random data when creating new PGP keys Entropy collected on the server
Passphrase encrypted in transmission from browser to web server SSL
Passphrase encrypted in storage on web server SHA256
Passphrase decrypted on web server The passphrase is used in decrypted form on the web server to decrypt the private key
Private key encrypted in transmission between browser to web server Private key not transmitted
Private key encrypted in storage PGP
Private key decrypted on web server Private key decrypted and used on server for decrypting and signing messages (for the duration of your session)
The following examples apply to emails sent using public key encryption:
Message body encrypted during transmission from browser to web server SSL
Message body encrypted during transmission between web server and recipient email account PGP (plus SSL if supported by recipient)
Message body encrypted in storage on web server PGP
Message body known to web server Yes, after the message emerges from SSL encryption, the body is temporarily exposed to the server before the PGP encryption takes effect
Message headers encrypted during transmission from browser to web server SSL
Message headers encrypted during transmission between web server and recipient email account SSL (if supported by recipient)
Message headers in storage on web server Not encrypted

Vulnerabilities Analysis

 AttackLevel of Protection
The following examples apply to emails sent using public key encryption:
Attacker is listening to your Internet connection Protected
Attacker gets access to email stored on the server Protected
Attacker gets access to the server's databases Protected
Attacker compromises webserver after you have accessed your email Mostly protected (there is a chance some sensitive data could remain in memory)
Attacker fully controls webserver while you are accessing your email Not protected
Attacker has access to your computer after you have accessed your email Protected
Attacker has access to your computer before you access your email (and can install programs such as key loggers) Not protected
 
Topic is closed for comments