webmin / usermin

Usermin source code
http://www.usermin.com/
Other
126 stars 47 forks source link

Feature Request: Enable end to end email encryption using OpenPGP. #82

Open chris001 opened 2 years ago

chris001 commented 2 years ago

Secure private email, using the same free open source encryption package as web mail service Protonmail. OpenPGP encrypts the body of the email, making it unreadable by "men in the middle" (mail server admins, ISPs, three letter agencies), the only readable content in transit would be the email Subject line. Sender and receiver can only read or send encrypted emails inside their OpenPGP enabled mail apps. Usermin should be one such mail app. Would be very nice to have this option to increase value of email and reduce or remove necessity of using third party encrypted messaging apps.

jcameron commented 2 years ago

Is this an improvement over using TLS email transport though?

swelljoe commented 2 years ago

TLS only protects against intermediaries, it doesn't prevent the server owner from snooping (or anyone who exploits the server).

But, implementation of client-side encryption in the browser was very challenging last time I looked at the problem. The then current implementation of GPG in JavaScript was considered unsafe for reasons I could not possibly remember/understand/explain. But, I'm sure browsers provide primitives to JavaScript now that would make it more feasible for someone who understands how to safely implement encryption. I just don't think we have anyone on the team that knows enough to do it safely; I wouldn't want to give the illusion of that kind of end-to-end security if we can't really deliver it.

If you were to dig up one or more well-vetted and well-maintained implementations of client-side JavaScript GPG in the browser with examples of use, maybe we can put something on the todo list for mail client improvements.

chris001 commented 2 years ago

https://github.com/ProtonMail/openpgpjs

chris001 commented 2 years ago

https://www.openpgp.org/software/

All email applications on this page support the OpenPGP standard either directly or with additional software. (The authors of this webpage are not actively participating in the development of each of these third-party apps. No security audits have been done by us and, thus, we cannot provide any security guarantees.)

On This Page

Windows
Mac OS
Android
iOS
Linux
Browser Plugins
Webmail Provider with Browser Plugins
Webmail Provider with In-Browser Cryptography
chris001 commented 2 years ago

About

OpenPGP is a non-proprietary format for authenticating or encrypting data, using public key cryptography.

It is based on the original PGP (Pretty Good Privacy) software.

Beginning in 1997, the OpenPGP Working Group was formed in the Internet Engineering Task Force (IETF) to define this standard that had formerly been a proprietary product since 1991.

Over the past decade, PGP, and later OpenPGP, has become the standard for nearly all of the world’s signed or encrypted email.

OpenPGP also defines a standard format for certificates which, unlike most other certificate formats, enables webs of trust.

OpenPGP formats and uses are specified in many IETF RFCs and drafts1, so these standards can be implemented by any company without paying any licensing fees to anyone.

RFC 3156 MIME Security with OpenPGP, RFC 4880 OpenPGP Message Format (the main one), RFC 5581 The Camellia Cipher in OpenPGP, RFC 6091 Using OpenPGP Keys for Transport Layer Security (TLS) Authentication, RFC 6637 Elliptic Curve Cryptography (ECC) in OpenPGP, and more. RFCs

iliajie commented 2 years ago

Did I miss something? We already have GPG encryption for emails?

image image image

RAW:

Return-Path: <debian11-pro@debian11-pro.local>
X-Original-To: debian11-pro@debian11-pro.local
Delivered-To: debian11-pro@debian11-pro.local
Received: from debian11-pro.local (localhost [127.0.0.1])
    by debian11-pro.local (Postfix) with SMTP id A121344C3E
    for <debian11-pro@debian11-pro.local>; Thu, 14 Jul 2022 12:23:29 -0400 (EDT)
From: "Host default domain" <debian11-pro@debian11-pro.local>
Subject: debian11-pro@debian11-pro.local
To: debian11-pro@debian11-pro.local
Message-Id: <1657815809.108572@debian11-pro.local>
X-Mailer: Usermin 1.840
Date: Thu, 14 Jul 2022 12:23:29 -0400 (EDT)
MIME-Version: 1.0
Content-Type: multipart/encrypted; boundary="bound1657815809"

This is a multi-part message in MIME format.

--bound1657815809
Content-Transfer-Encoding: 7bit
Content-Type: application/pgp-encrypted

Version: 1

--bound1657815809
Content-Transfer-Encoding: 7bit
Content-Type: application/octet-stream

-----BEGIN PGP MESSAGE-----

hQIMAz1YWgN9LRxKARAApUZKSWmsk9Py5qb3F4x4cxbkWbZaz8PZ5PKKhmkQZ6hi
gbCkkUQJ3Ya+j2rWeHRjR0Wycqm5SKNuaxdDHtQjL2nzDusLtqArZbRvB9X3RRZ/
J2roK/cC/mv93iPjoV3Zns2ZjQ5213H/Ed5N/Yqqm1YIzyRjOKcPV4BvZ2YZqZPH
q4eoDKYuADBoPTSrDfdd72bBFwdxqvVVrYqLAsnIMqFDDBocHKna57zupgdeb3jC
grnZ23P3yqNS0km4aEq1bwoHvb8p1dhcv7T7j8IoYxmrBVl1IyZcm8qj6j9+L+eN
LU5s7FbktWyLvc/oG357a3+PxFMMAUSY5P68E0tEHlOYjRMcRQyU+Ijii18kYAEC
3UNYH3Cwq9bKzQDrifZntJFfpdQZ43y8IKO99epjErrFWo6c52z0tY665AQ8QtNr
JcPFaYGFd1I7DUUmGVDbqsW6CfiBClLZFEy1SVGm+vKKs7sSzY8R8Ls57nZTceR+
swECr9OZXjUAIAE0jK5cQZ+WYPMcop/iXOwWskmx+v5smjJntP11PnyzmP5wosEX
WJPoZR7Q6MTp/EkpPJpeF3A2c7G1rnhkQwlbToCCmRBP+g5W2ryQyBFR2FSvzI44
bfsaeCPiTm06FNDnGfSTmft8vw7q+LjNzZTfZ9hfK51lrQa9TsMcC+wglopXvYvS
6gH7Li0fvrNHcAOaInMqj+L3ikEZ0sd5U7N3K2P364Zo40HkdBjKfAXAUISOUPK6
T8i0u8LTBP9B1fPi3lvYaYqpziCrmgn7iGNQzsTZp3Sc284DvKqwttaWwmNMXx7b
L6mr6JHEUBOgVQZ7Lqcg1+awpfdK8zZuF70hRanvfx+bG5iTGFBlB+1H9oYDOYiw
qVexJkVNIsmSO+dt2aH9HzC1ZQc4hrKXVYdwfXFzGb9Wr9KGgYFyhYialFU4maUR
dvDRpK3AwSSXoOJOJpdKJ4AeBQtWe0/73mXuoIDupNn2KCDtQnfg1KJhW4jd2Q2h
icCq6WJPMPUCHJsYgn3FDr7d23weByR0Jm4MOkX1QVNniQjsjB8QZPi3yYvHM9aX
qFSiPl8F5D0Hd/NJ86mykMjPqGCbffjm+Os47DOCqbmsxbd3aXstGaPC6YJmJk9p
HgKVtOwcl9O6lmhRg2TfbukhGeR/r74ZwTVxEJFRP+WsoMDqFLiRgRG8y74Njx1j
Z+HfiLMNR1UTDIkvsL/sSiV/7LPqGaIDL9zEpGcXCNaIZ+hh04+5q/Dvo7gqlg1w
eVL3d8gkGCUgenSbLuPz8vvVDW8rEH1AOdWe2b2TIVBu2I9abDV0I2PCugOYVHNz
rfVRaKjf54Vd9KAWPsfG5YMGzskkm6lUg3DnNEmDsI4fnvKMF35bZ7qXH1Ph3BB9
ghQn9qfE4WUv9H+VnLCc1NdBbKuRBDwwgZ8qZXQudUekm6P2w4FuSzE8JVNi4iOs
L7UNFMpNM9OAmEhj4+WtpItAPbRj1r2cQbWSMEauk2Um8MgF9Fq+FbIeofh7ZF0o
J0Tr4DqEqh/amfzGvuuJNCNQ6rNW4VNlTg+npuwvSbWTxfT9B3v1W2rq6igLbLbY
hXoi8xP9TuqWx13qu9vY4ITLtWwg6PAaBGGn1YH0/X6HuIQ22VXRACbcvZxUtgj4
O7IAtsKf05PpLX35fYcIfO7e/px0/vdzNhrtuUhKew7F5AUlAKB+PS86xfi+x8dg
rUmeJUkZNx6gY11HTbKAWD3vqPoB3g6OuroijGd4Ato8nWqe7oAfBeJn7Fb1U67g
tVqdgiuKTA2B13ZW2I6zrC+dmbFrUffDE+WmiQEuBZFdy1JpDZC92KU3HxIvWkF9
sTus4UH7sltwPRjmwbxdK5eVqNGzfVV/N2blNmzqxaQ0eqMa610zkovSzLQP7m1X
UuV74ly7lR6zk/THKWgW93uFdLEpjVLR7Oy/hXUZp130QBNr31LwZLZfWVHuvvO0
MVhNBLDLWLtmWr+D/oBI8EE82IH9JgMkBfClGIDhfeSHEPk7QL25vc9nBZqOA24q
bWBNf+spvE7NNQrvLV8V9ixB9GqV/ECb5zcxKRkz188sRENpnDZPrOeanog+fwj1
EpVknIuAK4ZjsZYzrI5htSKW+J2ZW6NyErGBQHbi3hfc5ns=
=Ti8d
-----END PGP MESSAGE-----

--bound1657815809--
chris001 commented 2 years ago

OK looks nice! Is it decrypting/encrypting transparently in Usermin Mail in the browser endpoint to endpoint?

iliajie commented 2 years ago

Chris, why are you talking about decrypting/encrypting in the browser? This is what is done and must be done on the server side (I assume, and if I implemented it at the first place, I would have done it that way, and only that way - no browser should be involved, right?).

Please check how encryption/decryption is implemented in File Manager already, for emails it must be no different.

I have added gnupg to be enabled for a regular user upon Virtualmin installation (config). Joe, are you okay with that?

swelljoe commented 2 years ago

That is server-side. I assumed the initial ticket was about client-side, since Usermin has had encryption on the server forever.

But, that means anyone with server access can read all email. At this point there probably is no technical reason it cannot be done in the browser (again, encryption primitives are available to JavaScript now where they were not in the past). But, I don't know that we are the people to implement it (that Ilia can't imagine it could be done at all should be evidence of that!). Again, I wouldn't want to make mistakes that would lead to a false sense of security...if we can't do it right, doing it at all would be a disservice to users, in this case more than just about any other.

iliajie commented 2 years ago

That is server-side. I assumed the initial ticket was about client-side, since Usermin has had encryption on the server forever.

👌🏻

don't know that we are the people to implement it (that Ilia can't imagine it could be done at all should be evidence of that!).

Actually, I can imagine how it could be do for better security (probably) using the browser. For starters, thinking off hand, as we have a SPA UI, we can load mail page once, and then we can ask a user that has GPG for mail enabled, to provide either a decryption key or a passphrase for existing private key. This decryption key or a passphrase would be stored in a browser memory and used to decrypt mail and would be lost upon page reload. As well, technically it could be stored on a browser's side too (probably not safe). We would have to make sure that we send it to the server securely and ran decryption also securely.

Also, doing it in the browser itself -- hm .. never thought of it but I don't see why not. But again, where do you store your private key for decryption? The safest way that seems to me at the moment (without investigating on the subject) is to store it in browser's memory and have it flushed when page is reloaded or browser's page is closed.

But again .. who the heck is going to use all of this? Folks from Langley? Meeting secretly in the park, sharing private keys and then also somehow sharing a passphrase to unlock the key .. umm .. what? All of this seems like a great waste of time.

But, that means anyone with server access can read all email.

Yes, the best improvement that I wouldn't mind implementing is sending a passphrase to unlock existing private key to decrypt emails.

chris001 commented 2 years ago

Yes, the reason they do the openpgp encryption/decryption in the browser endpoint, is so that server admins cannot snoop the email contents, and cannot reply to a legal request to share clear unencrypted emails with three letter agencies, and the server cannot "leak" clear contents to nation state adversaries (e.g. US TikTok claims they maintain user privacy however have admitted in recorded meetings they "leak" all US user data to ByteDance china and its resident in house system admins employed by the chinese communist party for upload to storage in their mainland database profiling all users for future use in conflict, commercial espionage, locating wanted people thru your social web of contacts and tracking down and kidnapping political dissidents anywhere on earth, etc).

chris001 commented 2 years ago

If you look at protonmail, this openpgp encryption is fully transparent and effortless for the user, you never even realize it's encrypted email, all you enter is your email address and password like a normal webmail service, and the browser can do all the work, generate keys, remember it, or the app can remember it. I believe it's "asymmetric encryption" for making it easier on the users.

swelljoe commented 2 years ago

So, this is my concern. Nobody here knows how it has to be done, for it to be safe. It cannot have mistakes, and it can't be a "I think this is how it could be done, let's try it" kind of implementation. Something is much worse than nothing when it comes to leading users to believing they are secure when in fact there are holes in that security.

It can be done, but again, I don't think we are the people to do it. At least not without a lot of reading and research; like months of it.

iliajie commented 2 years ago

Even though it can be done right - what is the percentage of users will actually use it?

chris001 commented 2 years ago

It's become very mainstream, all major browsers support it, you have these well supported javascript libraries that do the work, protonmail is a massive success, and it would become a selling point for virtualmin. Agreed, it would have to be done right, however, the libraries already exist, so the research and development is already done, it's basically a job of connecting it into the Usermin UI so the experience would be effortless for the user, same as it's effortless on protonmail. People want privacy thru end to end encryption, so they can speak freely and not lose their conversation to their adversaries, if they can get it effortlessly, and they should be able to get it effortlessly because these libraries are battle tested and standardized. For a sense of the demand, look at standalone apps such as signal, telegram, iMessage, all end to end encrypted, none of the middle servers can see your clear message. When you have openpgp end to end in Usermin, it's already in browsers and email apps, and can communicate with other openpgp users such as protonmail users, and other services, it's definitely going to draw attention from all over the internet, and add users to Virtualmin/Usermin. People want this because they're so highly aware of the huge negative consequences of communicating thru clear text email and they hate to have their conversations collected and archived forever and built up a profile on them and used against them or against anyone they communicate with, at any time by anyone, especially by adversaries known or unknown, now or in the future.

iliajie commented 2 years ago

All these are great points but Usermin is not commercial product. Although, I don't mind looking into adding it when the times comes to continue to work on mail.

I have checked on how Protonmail is doing it. It's nice! They say:

Your Proton Mail private key is generated in your browser. Before sending the private key to the server for storage, we encrypt it with your password (or mailbox password if you use two-password mode). This ensures that you and only you can use your private key.

The point is not to trust the server and trust the browser when generating a private key, then encrypt it with user password and store it on remove server? What is the goal for storing it on remove server anyway then if everything can and should be done in the browser? Does Proton stores it on their servers for recovery (multi sessions) purposes, perhaps but runs all decryption in the browser? Or decryption happens on their servers?

swelljoe commented 2 years ago

Or decryption happens on their servers?

Obviously not. If it did, it would completely remove any reason to do encryption in the browser.

The key is stored on their servers for convenience. You can open your account from any browser, and it downloads the key when you login...but the key can only be used to encrypt/decrypt if you know the password, so the server does not have any visibility into mail.

At least, that's the theory. There is some risk in this kind of implementation, but I'll give them the benefit of the doubt and assume that since they've been doing this for years, they know what they're doing.

protonmail is a massive success

No it isn't. It is a modest success, not even in the top ten list of email providers; I'm not even sure it's a sustainable business, though I guess they've been around for several years, so it must at least pay the bills and keep some developers employed. It is worth noting that privacy (and mail, in particular) is their specialty. They've been working on it for years. I don't know if we're equipped to try to compete with them (or that we want to try to compete with them). I have significant doubts about this being a feature that would move the needle on Virtualmin sales at all (Usermin is not even close to the most popular mail client among Virtualmin users, it's not a feature most care about at all), and the resources required to implement it are quite large. Among the biggest projects on our radar right now, actually.

This is a nice idea, but I continue to think we're not the right people to do it. We just don't have the spare developer cycles, especially for something that is unlikely to result in any increase in revenue.

chris001 commented 2 years ago

Only reason I requested this is because conversation privacy/email encryption is huge in demand these days, and the effort required to add this transparent email encryption to Virtualmin should be minimal, with the free open source libraries. You'd have to include the library in Usermin, call the functions in a few places, "auto detect encrypted message", "auto load private key", and "decrypt message in browser", "encrypt outgoing message before send out to server".

Originally, all websites http pages and DNS queries went over the network completely unencrypted and readable, for any evil admin "man in the middle" to snoop on. Today, all websites all https thanks to EFF's free Let's Encrypt, and users use either private encrypted DNS (DNS over TLS or DNS over HTTPS, see IETF RFC's ) or public DNS with no logging policy (Cloudflare, etc).

Same with email, it's evolving, from the original unencrypted easy to snoop on and build a profile on you and surveil you in every aspect, to effortless private encrypted email with OpenPGP. Same email address and password to login and check in any client browser or popular relatively recent mail app. You don't even notice you're using private email except when you see the padlock icon next to the message.

And since it's end-to-end, your private email works between all mail servers, with only the client mail app or browser needs to support the OpenPGP library, and all the best ones do!

chris001 commented 2 years ago

This would be great to play around with adding to a test server instance, "on a rainy day", when any, and all, issues blocking the current release being worked on, will have been solved, and the weather conditions are calm - no high priority open issues!

We could add end-to-end encrypted email to Pro, at least at the beginning! I predict many, many, many users would be willing to pay for email privacy.

Maybe step 2, release it to GPL, for only one mailbox per domain, with mailbox size limited to under 500 MB? As an incentive for users to upgrade to Pro. If this would be possible.

Same Freemium model as how Protonmail does it. 500 MB is free. Each step higher in mailbox size, obviously the user is more reliant on their encrypted mailbox, the user is consuming more hosted storage space, so this requires an increasing monthly subscription.

Alternately, a freemium hosting model, and this would require adding hosting partners, for a monthly subscription fee, fully host the users' MX record on a virtual mail server that handles all their SMTP and IMAP, is highly secure, stores their premium end-to-end encrypted mailboxes, no server admin or middle mad can possibly read any of their mail, the monthly fee would depend on total mailboxes storage size plan, starting with a free trial small mailbox e.g. 100MB, 1GB, 4GB, 8GB, 16GB ,50GB, 100GB, 500GB, 1TB, etc.

I predict, if and when Virtualmin adds this effortless end-to-end encryption for ultra private secure email messaging, and it will be equal in terms of the super easy user experience, ease of use, and privacy, to the mainstream offerings such as protonmail, and uses the same exact open source library, and is compatible with the many many browsers and mail apps that already are compatible with this open source tech...

...this Virtualmin version release event, with super easy, totally private email, would get talked about online by many, many, many cutting edge super users, and tech journalists, excited by this huge leap forward in user privacy, which eliminates the burden of managing your own private key! Finally the everyday non-power-user next door, the kid, the school, the library, the small business, all can have private encrypted email, and don't have to give it a second thought!

Naturally leading to a bump up in Pro subscriptions. Which would be a very good thing for the software, devs, and grow the size of the user community, and increase the number of contributors.

chris001 commented 2 years ago

Another approach, install the browser plugin "Mailvelope" for FF, Chrome, or Edge, which contains the OpenPGP encryption/decryption library and processes the webmail message in the page.

swelljoe commented 2 years ago

Oh, yeah, I'd used that in the past, or at least tested it so I could show others how to use it at cryptoparties. But, I hadn't ever tested it with Usermin.

chris001 commented 2 years ago

OK nice. It's pre configured for popular webmail like yahoo etc. I believe you just need to configure it to help it auto detect URL patterns or which HTML elements where it should look in the usermin webmail page to find the encrypted openPGP email message.