i2p / i2p.i2p-bote

I2P-Bote is a serverless, encrypted e-mail application.
https://i2pbote.xyz
Other
147 stars 39 forks source link

Synchronize sent messages across multiple devices (Trac #1443) #33

Open str4d opened 7 years ago

str4d commented 7 years ago

It would be nice if one could retrieve the sent messages from the DHT. That way the PC and Android client could sync their Sent folders.

This would require them to be encrypted with both the sender's and receiver's keys (as in PGP).

Migrated from https://trac.i2p2.de/ticket/1443

{
    "status": "assigned", 
    "changetime": "2016-12-22T11:13:10", 
    "description": "It would be nice if one could retrieve the sent messages from the DHT. That way the PC and Android client could sync their Sent folders.\n\nThis would require them to be encrypted with both the sender's and receiver's keys (as in PGP).\n", 
    "reporter": "dllud", 
    "cc": "", 
    "resolution": "", 
    "_ts": "1482405190699888", 
    "component": "apps/plugins", 
    "summary": "I2P-Bote: Synchronize sent messages across multiple devices", 
    "priority": "minor", 
    "keywords": "I2P-Bote usability", 
    "version": "0.9.17", 
    "parents": "", 
    "time": "2015-01-23T19:23:22", 
    "milestone": "undecided", 
    "owner": "str4d", 
    "type": "enhancement"
}
str4d commented 7 years ago

Trac update at 20150217T23:14:05: user commented:

this would double the load on the network. I'm against it. syncing incoming messages might prove more interesting.

str4d commented 7 years ago

Trac update at 20150218T00:09:43: dllud commented:

Incoming messages are already synced. They are left on the DHT for 100 days. During that period you can download them from any device containing your keys.

Syncing sent messages would not double the load. The message you as sender store on the DHT, for later retrieval by the recipient, is exactly the same message you would need to download into your Sent folder on a different device. The only modification needed is encrypting messages with both sender's and receiver's keys as detailed above.

str4d commented 7 years ago

Trac update at 20150218T01:29:48: user commented:

firstly, no, if you encrypt with your public key the receiver canot decrypt it. you need to double the amount of data stored on dht. secondly, no, incoming mails are not synced. they are deleted from dht once received.

str4d commented 7 years ago

Trac update at 20150218T17:04:12: user commented:

it would in theory be doable if the entire addressing scheme is changed. This would be a lot of work, and definitely way to much work if it were justified only by this ticket. It might however be justified for other reasons, then this issue could be revisited...

str4d commented 7 years ago

Trac update at 20150218T18:20:51:

Asymmetric keys are not commonly used to encrypt an entire message. They are used to encrypt just an header which contains a symmetric key for the body of the message. Apparently that's what HungryHobo did in Bote. According to the FAQ he used AES-256 in CBC mode for symmetric encryption. With this scheme it is possible to add more entries in the header with the body symmetric key encrypted under different public keys, thus you get a message with multiple recipients a la PGP.

On the other hand, I know nothing about the addressing scheme and there is no documentation about it. Through the web-interface it is possible to send a message to multiple recipients but I don't know how it is implemented (duplication?).

  1. Nowhere is it said that messages are deleted upon encryption. According to the FAQ they are deleted after 100 days. Also I tried it, and was able to receive the same message on my desktop and smartphone at different times.

http://i2pbote.i2p.us/faq.html

to:

1424283681177286

Asymmetric keys are not commonly used to encrypt an entire message. They are used to encrypt just an header which contains a symmetric key for the body of the message. Apparently that's what HungryHobo did in Bote. According to the FAQ he used AES-256 in CBC mode for symmetric encryption. With this scheme it is possible to add more entries in the header with the body symmetric key encrypted under different public keys, thus you get a message with multiple recipients a la PGP.

On the other hand, I know nothing about the addressing scheme and there is no documentation about it. Through the web-interface it is possible to send a message to multiple recipients but I don't know how it is implemented (duplication?).

Nowhere is it said that messages are deleted upon encryption. According to the FAQ they are deleted after 100 days. Also I tried it, and was able to receive the same message on my desktop and smartphone at different times.

http://i2pbote.i2p.us/faq.html

to:

1424284639901502

Asymmetric keys are not commonly used to encrypt an entire message. They are used to encrypt just an header which contains a symmetric key for the body of the message. Apparently that's what HungryHobo did in Bote. According to the FAQ he used AES-256 in CBC mode for symmetric encryption. With this scheme it is possible to add more entries in the header with the body symmetric key encrypted under different public keys, thus you get a message with multiple recipients a la PGP.

On the other hand, I know nothing about the addressing scheme and there is no documentation about it. Through the web-interface it is possible to send a message to multiple recipients but I don't know how it is implemented (duplication?).

Nowhere is it said that messages are deleted upon the first retrieval. According to the FAQ they are deleted after 100 days. Also I tried it, and was able to receive the same message on my desktop and smartphone at different times.

http://i2pbote.i2p.us/faq.html

str4d commented 7 years ago

Trac update at 20150218T18:34:18: user commented:

ok, if the actual mail is already encrypted symmetrically, then this could indeed be done. The question is then only, when to delete the message. I had some grace time in mind for the sync of incoming mails. This could then also be used for sync of sent mails.

The deletion message contains a time stamp and actual deletion is only performed after the grace period. Maybe 3 days?

str4d commented 7 years ago

Trac update at 20161127T02:48:00:

str4d commented 7 years ago

Trac update at 20161222T11:13:10: