Dark mail. It sounds like dark matter. And the analogy isn’t entirely unfounded. Like dark matter, dark mail exists, but its content is elusive.
What is dark mail? According to Dark Mail co-creator Ladar Levison, Dark Mail is as close to truly private email communication as you can get. With Dark Mail protocols, email is encrypted before it leaves your computer, and it isn’t decrypted until it arrives at the recipient’s computer.
Dark Mail is built around asymmetric cryptography. Two keys – a public and a private key – are generated. Anyone can send you a message encrypted with the public key. But only someone with the corresponding private key can unlock the message. Of course, the only person with access to the private key is you. Unlike currently available encryption software, Dark Mail hides the metadata as well as the content. It’s like mailing an envelope addressed only from one post office to another. You can’t tell who sent or who receives it.
This kind of encryption wasn’t always legal. Waaaay back In the 1990s, Phil Zimmermann, another founding member of the Dark Mail Alliance, faced a prison sentence for writing PGP (Pretty Good Privacy), a data encryption and decryption computer program. In 1991, any form of encryption that was strong enough to be considered unbreakable by the federal government was classified as a weapon, and thus subject to legal controls. The three-year battle over Zimmermann’s case lead to a repeal of those laws and greater cyber freedom.
Dark Mail may owe its genesis to the Mark Snowden case. Snowden was using an email encryption service known as Levabit, also created by Ladar Levison. NSA approached Levison, demanding that he hand over the encryption keys. Levison balked when federal investigators looking into Edward Snowden’s account wanted full access to everyone’s email on the site, not just Snowden’s. So rather than comply, Levison shut down Levabit and began working on Dark Mail. With Dark Mail, Levison noted, only the individual user holds the keys, so there’s nothing for him to turn over to the government.
Dark Mail will not completely circumvent sophisticated surveillance programs, but it will seriously complicate them. Monitoring encrypted Dark Mail would require Trojan spyware on a targeted individual’s computer. Levison believes that if every email provider in the world adopted Dark Mail for all their users, dragnet interception of email messages and email metadata would become virtually impossible.
Along with Zimmermann, Levison is working with Jon Callas and Mike Janke in the Dark Mail Technical Alliance. The group is planning to make the Dark Mail source code publicly available for scrutiny and analysis.
We suggest you encrypt your comments.