Proton Mail, the leading privacy-focused email service, is making its first foray into blockchain technology with Key Transparency, which will allow users to verify email addresses. From a report: In an interview with Fortune, CEO and founder Andy Yen made clear that although the new feature uses blockchain, the key technology behind crypto, Key Transparency isn’t “some sketchy cryptocurrency” linked to an “exit scam.” A student of cryptography, Yen added that the new feature is “blockchain in a very pure form,” and it allows the platform to solve the thorny issue of ensuring that every email address actually belongs to the person who’s claiming it.

Proton Mail uses end-to-end encryption, a secure form of communication that ensures only the intended recipient can read the information. Senders encrypt an email using their intended recipient’s public key – a long string of letters and numbers – which the recipient can then decrypt with their own private key. The issue, Yen said, is ensuring that the public key actually belongs to the intended recipient. “Maybe it’s the NSA that has created a fake public key linked to you, and I’m somehow tricked into encrypting data with that public key,” he told Fortune. In the security space, the tactic is known as a “man-in-the-middle attack,” like a postal worker opening your bank statement to get your social security number and then resealing the envelope.

Blockchains are an immutable ledger, meaning any data initially entered onto them can’t be altered. Yen realized that putting users’ public keys on a blockchain would create a record ensuring those keys actually belonged to them – and would be cross-referenced whenever other users send emails. “In order for the verification to be trusted, it needs to be public, and it needs to be unchanging,” Yen said.

Curious if anyone here would use a feature like this? It sounds neat but I don’t think I’m going to be needing a feature like this on a day-to-day basis, though I could see use cases for folks handling sensitive information.

  • @[email protected]
    link
    fedilink
    English
    61
    edit-2
    1 year ago

    I’d absolutely use this. I’m glad to see people using this incredibly powerful concept to solve problems that would literally be impossible to solve without it. It is especially encouraging that they used Monero since it has an extra layer of untraceability built-in. Blockchain is experiencing kind of a backlash in public perception, but like tech closely related to it like NFT’s, it is a VERY viable idea that just so happens to be tainted by greed and disinformation.


    Voting is another concept that would become unhackable overnight…but would also probably:

    A. enable the creation of a CBDC (which would also allow the state to REVOKE ownership of your own money)

    B. force a state to pick a technology/crypto of choice (and tip the scales toward that crypto)

    both of which I somehow am vehemently against yet moderate a (ghosty) community on blockchain voting. 😅

    [email protected]

    • Atemu
      link
      fedilink
      321 year ago

      Voting is another concept that would become unhackable overnight

      No. Voting on the blockchain is an even worse idea than money on the blockchain.

      In many cases, there are good reasons why these things are done they way they are. I have yet to see a software system that is better at preventing voter fraud than humans looking at your government-issued ID at a poll site and humans overseeing other humans manually counting votes.

      A single actor might be able to commit voter fraud in the order of dozes or hundreds of votes perhaps but with a digital voting system based on blockchain, they could do so on the order of thousands or even millions by compromising end-user devices used for voting or buy enough work/stake/whatever to perform a 51% attack.

      Same goes for money btw. Our current system is by far not a perfect one but removing the ability for governments to i.e. freeze accounts of bad actors is not a boon.

      • @[email protected]
        link
        fedilink
        English
        61 year ago

        I have yet to see a software system that is better at preventing voter fraud than humans looking at your government-issued ID at a poll site and humans overseeing other humans manually counting votes.

        have you seen any of the research that the US government did on it? Homomorphic encryption enables votes to be both public and obfuscated at the same time. I don’t want to write an essay right now but are you truly up to date on this?

        Our current system is by far not a perfect one but removing the ability for governments to i.e. freeze accounts of bad actors is not a boon.

        I COMPLETELY DISAGREE. It should be exactly as hard as it is to freeze the cash of bad actors. That’s the point of it. I, of course, happen to be a libertarian socialist/anarcho syndicalist. You happen to be a capitalist. You seem to want be in the camp of “you will own nothing and you will like it” but I just so happen to not trust governments and their decisions. I believe in socialism but have seen it co-opted and destroyed by corruption. Anyway, I don’t think that those same clearly corrupted governments should have the unilateral right to prevent me from attemtpting to claw enough back from their corruption and greed to feed my family.

        • Atemu
          link
          fedilink
          51 year ago

          Homomorphic encryption enables votes to be both public and obfuscated at the same time.

          That’s nice but has nothing to do with voter fraud prevention.

          I will not reply to the stupid ad hominem. You have made it exceptionally clear that you have no idea what my political views are.

          • @[email protected]
            link
            fedilink
            English
            51 year ago

            If you dislike corruption and capitalists, then why do you like cryptocurrency?

            Because properly-implemented cryptocurrencies make corruption impossible. Even the shitty, scammy FTX project had a decentralized ledger, allowing the FTC to quickly and easily forensically untangle SBF’s tangled web of lies and fraud. Even Do Kwan’s TerraLuna hack would have been possible to detect had the project been open source (like any viable crypto project) but regardless of that, it will still now be quite trivial for the regulators prosecuting him and his co-conspirators with fraud.

            More learning for those listening in that haven’t already made up their mind like you have: https://youtu.be/J5xegDJphvc?si=x3tJw9s1c1WL_WNy

              • @[email protected]
                link
                fedilink
                English
                81 year ago

                It’s interesting that you can identify cherry-picking on my part but fail to identify it on your own. I merely mentioned situations where fraud (which I didn’t fall for because I follow certain principles about transparency and auditability of the crypto technologies that I prefer) was easily detected because the nature of the technology puts all transactions on an immutable ledger.

                What valid criticisms of THE TECH have you offered so far? You’ve simply pointed to situations where stupid people failed to protect themselves from clear frauds then went and used that brush to paint the entire crypto space. You’re not really the intellectual heavyweight you seem to think you are.

          • @[email protected]
            link
            fedilink
            English
            7
            edit-2
            1 year ago

            “You drink water and breathe air. Peter Thiel drinks water and breathes air too. Therefore you are just like Peter Thiel!”

            You’re a troll. I literally hate Peter Thiel. He is invested in so many technologies that it’s VERY likely that we’re invested in the same tech somewhere. Pretty sure he doesn’t give a shit about Cardano which is the project I develop applications for.

            Spreading your investments out is kind of how investing works when someone is a billionaire, dipshit.

            Anyway, that’s enough feeding the trolls for today. Have a good night, intellectually dishonest hiveminder.

    • @cheese_greater
      link
      English
      13
      edit-2
      1 year ago

      What does Monero do? Why don’t they emulate whatever it is that Monero achieves its reputation and functionality with?

      • @[email protected]
        link
        fedilink
        English
        21
        edit-2
        1 year ago

        What does Monera do?

        it is a crypto currency that:

        Monero uses three different privacy technologies: ring signatures, ring confidential transactions (RingCT), and stealth addresses. These hide the sender, amount, and receiver in the transaction, respectively. All transactions on the network are private by mandate; there is no way to accidentally send a transparent transaction. This feature is exclusive to Monero. You do not need to trust anyone else with your privacy.

        IMO, as a software engineer, leveraging the network effect of Monero was a wise choice. In decentralized systems, the network effect (the amount of unique, separate nodes on a network) is directly correlated to the security of that network. If I were to transact with you in a public place (like a mall food court), you could correlate the presence of other parties in the food court as unique nodes in a network. The more eyes you have witnessing you transaction, the more intrinsic security that transaction has.

        Another concept that actually comes into play in cryptocurrency-based systems is that the intrinsic value of that token directly relates to the security of the data in its network. That could be another reason that they chose Monero. Since it already has stable value, it offers a pre-existing and stable security solution.

        • @cheese_greater
          link
          English
          21 year ago

          How does it address the issues with like money laundering, KYC, etc? Wouldn’t you, in practice, basically need a lawyer to help make sure you “use” it correctly and legally?

          • @[email protected]
            link
            fedilink
            English
            13
            edit-2
            1 year ago

            I could be wrong (since article is paywalled) but as a DApp dev, Proton probably has a wallet with enough Monero to run this smart contract without anyone needing to add any money at all. So you wouldn’t be getting a Monero wallet in it. It would simply mint an NFT that you could then refer back to for verification that this is the same address that I say it is. It would simply leverage the monero chain every time an account was created and mint that as a unique ID (NFT!).

          • @[email protected]
            link
            fedilink
            1
            edit-2
            1 year ago

            Wouldn’t you, in practice, basically need a lawyer to help make sure you “use” it correctly and legally?

            Using private cryptocurrency is not illegal, at least in the United States, nor should it be. This is like worrying if it is legal to pay for things with cash.

    • @sturlabragason
      link
      81 year ago

      Yeah my most downvoted comments mention Blockchain 🤣 Capitalism turns everything to shit 💩

      • @[email protected]
        link
        fedilink
        English
        6
        edit-2
        1 year ago

        Thanks for lazily puking a couple of reductive, bankster-funded, cherry-picked, neolib rage-bait videos at me. Did you want to discuss this issue or do you want to lazily let the videos do it for you while forcing me to write essays that will be brigaded by the hivemind?

      • @[email protected]
        link
        fedilink
        English
        1
        edit-2
        1 year ago

        Moxie Marlinspike’s My first impressions of web3 is also a very relevant thing to share.

        As a sampler of the points made, web3 is already re-centralizing around gatekeepers because the average person doesn’t want to run their own server (or, in the blockchain case, host their own full copy of the blockchain) and, if the supermajority of users can’t see you because the gatekeepers block you, then it doesn’t really matter that you’re technically still up.

        The takeaway on that particular point is that pushing for more and easier data portability is probably the best route in the face of how real-world users behave. (eg. anything stored in a git repository, including GitHub project wiki contents, is a great example of that. You’ve got your data locally with a simple git clone and you can upload it to a competing service with a simple git push.)

      • @[email protected]
        link
        fedilink
        01 year ago

        I like Dan Olson’s video but I don’t think it’s truly unassailable. There is some real use cases for block chains in low trust networks. One of those being global monetary policy. Another critic is that web3 applications (like Mastadon and Lemmy …) I think is moving forward even more so as the age of easy money comes to a full close.

          • @[email protected]
            link
            fedilink
            11 year ago

            It’s the coordinated decentralization that really defines web from web2 and 1. Cooperative vs competitive coordination is just a sub strategy within that, but I don’t think either strategy is always best for all problems.

    • @[email protected]
      link
      fedilink
      191 year ago

      Key servers can be dishonest, so you need to have another way of verifying that the key you receive is correct.

    • @[email protected]
      link
      fedilink
      101 year ago

      Blockchains are an immutable ledger, meaning any data initially entered onto them can’t be altered. Yen realized that putting users’ public keys on a blockchain would create a record ensuring those keys actually belonged to them – and would be cross-referenced whenever other users send emails. “In order for the verification to be trusted, it needs to be public, and it needs to be unchanging,” Yen said.

      • @Pipoca
        link
        81 year ago

        How do you ensure the accuracy of the data going into the block chain in the first place?

        • @[email protected]
          link
          fedilink
          31 year ago

          That I don’t know the answer too. And i would like more information about how it works. I am mostly familiar with Crypto in block chains work and I still wouldn’t say i fully understand that either.

          I am also a little confused when they say unchanging. Sure block chain are unchanging but I am assuming you can add new data that would take priority of old data. I don’t think you would want a system that you could never change your key once you add it. Because that is stupid keys can and will get compromised eventually.

        • @[email protected]
          link
          fedilink
          11 year ago

          You query the blockchain after you submit your data to confirm that it is what you intended it to be.

  • @voracitude
    link
    251 year ago

    This is basically like Domain Keys-Identified Mail (DKIM) but for a specific email address, without needing to own a domain to set it up. I’m gonna call it “P(ersonal)KIM” for short.

    If this is implemented correctly it’ll be a few clicks to set up and then just work in the background to make it harder to impersonate you via email, even if you have a free email address.

  • 0x0F
    link
    fedilink
    English
    20
    edit-2
    1 year ago

    It sounds overcomplicated, is there really a need for the blockchain aspect? Could the same security be provided by a simpler method (like how keybase has their identity proofs?) but better to have it and not need it than need it and not have it ig

    • @[email protected]
      link
      fedilink
      211 year ago

      PGP solved this a long time ago, but it is difficult to make it user friendly enough for non-technical people to understand and adopt it.

      • JackbyDev
        link
        fedilink
        English
        131 year ago

        How many people have verified how many people’s identity with PGP signatures? Also I’m willing to bet a horribly shocking amount of people would just accept a new key from someone (not necessarily sign it) and trust them regardless.

        • @[email protected]
          link
          fedilink
          31 year ago

          Yeah these issues are definitely not new, but replacing “I trust the people who sign/verify my keys” versus “I trust the blockchain” is not too far off. What rules are going to be in place for peers to validate entries to the blockchain and independently reach enough concensus to achieve true decentralization?

          • JackbyDev
            link
            fedilink
            English
            41 year ago

            To be clear, I’m not saying this solution is better or worse than PGP, I just don’t believe PGP works well for creating a web of trust.

    • Nougat
      link
      fedilink
      91 year ago

      Right here:

      Blockchains are an immutable ledger, meaning any data initially entered onto them can’t be altered. Yen realized that putting users’ public keys on a blockchain would create a record ensuring those keys actually belonged to them – and would be cross-referenced whenever other users send emails. “In order for the verification to be trusted, it needs to be public, and it needs to be unchanging,” Yen said.

      The benefit of doing this with a blockchain instead of a privately held and maintained database is that the latter can be compromised, and you just have to trust “whoever” is maintaining that private database. Blockchain means that the ledger is distributed to many nodes, and any post-entry modification to that chain would be instantly recognized, and marked invalid by the other nodes operating the chain. Besides that, when you’re looking up a public key for a recipient on such a blockchain, you would be looking it up at a number of nodes large enough that in order for a malicious entry to come through, they would all have to be modified in the same way, at the same time, and you would have to be asking before the change got flagged. Poisoning blockchain data like this is simply not possible; that’s what makes this an especially secure option.

      • @[email protected]
        link
        fedilink
        71 year ago

        But it’s not public. It’s a private blockchain. The immutable ledger aspect only matters if everyone can see the ledger. Otherwise we take at face value all of the things you said. Assume they run one node and that one node is compromised by a malicious actor. The system fails. Extend it to a limited number of nodes all controlled by SREs and assume an SRE is compromised (this kind of spearphishing is very common). The system fails again.

        Sure, you can creatively figure out a way to manage the risks I’ve mentioned and others I haven’t thought of. The core issue, that it’s not public, still remains. If I’m supposed to trust Proton telling me the person I’m emailing is not the NSA pretending to be that person (as the Proton CEO suggested), I need to trust their verification system.

        • Nougat
          link
          fedilink
          11 year ago

          It’s. In. Beta. Of course it’s not being offered to the general public yet. It’s likely that there are very many beta nodes, in order to test scalability. When it’s out of beta, you drop the beta chain and start a new one.

          • @[email protected]
            link
            fedilink
            31 year ago

            Did we read the same article? Emphasis mine.

            Yen said Proton might move the feature to a public blockchain

            I’m not interested until it’s public. Additionally, building out the chain then dropping it to rebuild a new public one is rewriting history, which violates the whole “immutable” part of “immutable ledger.”

            • Nougat
              link
              fedilink
              51 year ago

              Context matters:

              Proton rolled out the beta version of Key Transparency on their own private blockchain, meaning it’s not run by a decentralized series of validators, as with Bitcoin or Ethereum. Yen said Proton might move the feature to a public blockchain after the current version serves as a proof of concept.

              It’s not rewriting history. We’re talking about validation of public keys. The exact same information can be added to a public non-beta chain, to satisfy the concerns about security that would come from maintaining a previously private beta chain into production.

              • @[email protected]
                link
                fedilink
                11 year ago

                … which gives a timing attack and the ability for bad actors to impersonate someone. I agree with you that, once public, this is a good idea. You cannot convince me that this is a good idea if done privately because there is no way to trust but verify, especially in the highly sensitive contexts they want trust in.

                If it’s not public, I won’t trust it. You trust it blindly because it’s in beta. We’re not going to come to an agreement over these mutually exclusive positions.

                • Nougat
                  link
                  fedilink
                  61 year ago

                  I don’t “trust it blindly” because it’s in beta - I understand that it’s a work in progress because it’s in beta. Jesus christ you people and your fucking tinfoil hats.

        • Nougat
          link
          fedilink
          91 year ago

          As long as there is an appropriate method for adding a legitimate entry to the chain, incorrectly entered data can be handled by appending corrected data on to the chain, and marking the error as such. Sensitive data, in this case, would be along the lines of “I accidentally added my private key instead of my public key.” The action necessary here is the same as if I published my private key anywhere: stop using that key pair and generate a new one.

  • @herr
    link
    15
    edit-2
    1 year ago

    I would strongly assume Protonmail will be doing this automatically soon, there’s no manual day-to-day verification necessary.

    Writing to the Blockchain is difficult and takes processing power, reading from it is absolutely trivial though.

  • @[email protected]
    link
    fedilink
    111 year ago

    I’ll use it once they’ve sorted out CalDAV and CardDAV… it’s only been an open issue for eight fucking years.

      • @[email protected]
        link
        fedilink
        41 year ago

        There’s no way to sync contacts and calendars between an iPhone (and other mail clients) and protonmail. The app does one way sync from the phone to protonmail, but not the other way round.

        8 years ago a feature request was made to add support for CardDAV and CalDAV, but even with the release of bridge it’s not there.

        So iOS users have to resort to using other calendar services, or 3rd party bridges to enable it.

          • @[email protected]
            link
            fedilink
            2
            edit-2
            1 year ago

            As far as I know they use openPGP and that works automatically between proton users but can be set up to work from and to anyone. The other partner just needs to use a client that supports it (like the objectively best client, Thunderbird ;) ) unfortunately pretty much no one uses openPGP so emails will very seldom be E2E encrypted.

            Apparently the Proton clients support web key exchanges so you wouldn’t have to import the key of users that use OpenPGP (if they have imported the key to the exchange) so in theory that would make it better. I have yet to use that functionality in Thunderbird though, since again, pretty much no one uses openPGP.

            I have sent one legit openPGP email and that was to my country’s financial inspection asking for an internship. Unfortunately they replied unencrypted and included my email in the reply, lol. It’s fair enough though, since I used a feature that’s probably intended to report fraud and crime.

        • lastweakness
          link
          61 year ago

          They’re the maintainers of the most popular JS PGP library and they’re pushing for some major upgrades to the PGP standard. There’s no competing standard. Proton is pretty much the only popular encrypted mail provider that actually does interop well enough.

    • @[email protected]
      link
      fedilink
      81 year ago

      The public part of it would be the RSA pubkey, likely linked with an identifier such as the SHA-256 hash of the email. You could quite easily have that ledger public and it would take millennia to crack any of the emails, much easier to use fuzzing with common words and names than trying wasting computing power for a single email. The whole point of blockchain is that it’s an immutable public ledger which would actually suit this idea quite well.

        • StarDreamer
          link
          fedilink
          English
          21 year ago

          This is solving a problem we DO have, albeit in a different way. Email is ancient, the protocol allows you to self identify as whoever you want. Let’s say I send an email from the underworld (server ip address) claiming I’m Napoleon@france (user@domain), the only reason my email is rejected is because the recipient knows Napoleon resides on the server France, not underworld. This validation is mostly done via tricky DNS hacks and a huge part of it is built on top of Google’s infrastructure. If for some reason Google decides I’m not trustworthy, then it doesn’t matter if I’m actually sending Napoleon’s mail from France, it’s gonna be recognized as spam on most servers regardless.

          A decentralized chain of trust could potentially replace Google + all these DNS hacks we have in place. No central authority gets to control who is legitimate or not. Of all the bs use cases of block chain I think this one doesn’t seem that bad. It’s building a decentralized chain of trust for an existing decentralized system (email), which is exactly what “block chain” was originally designed for.

        • @[email protected]
          link
          fedilink
          11 year ago

          What do you think the problem even is? It sounds like you just don’t understand why someone would want to use public key cryptography to begin with.

            • @[email protected]
              link
              fedilink
              11 year ago

              I understand why you’d want one

              It’s an email that’s unrecoverable so not usable in many companies.

              It doesn’t sound like you understand why someone would want to do email with public key cryptography, it sounds like rather you do not like the idea of doing email with public key cryptography. Being unrecoverable is just the tradeoff there. Again, what do you think the problem described even is? For reference,

              The issue, Yen said, is ensuring that the public key actually belongs to the intended recipient. “Maybe it’s the NSA that has created a fake public key linked to you, and I’m somehow tricked into encrypting data with that public key,” he told Fortune. In the security space, the tactic is known as a “man-in-the-middle attack,” like a postal worker opening your bank statement to get your social security number and then resealing the envelope.

              I think if you actually acknowledge the problem of trust for propagating public keys as a real one that is worth being solved, it would be hard to argue that blockchain is a bad fit for that problem, because it is not. Trustless, verifiable propagation of data is one of the things it actually offers unique benefits for.

              I’m sure there are other reasons to not like the idea, but that’s what I can think off the top of my head.

              It might be useful to start by considering the idea itself and what it is saying, instead of looking for arguments to make against it.

                • @[email protected]
                  link
                  fedilink
                  11 year ago

                  What are the tradeoffs, assuming an email encryption scheme based on self custodied private keys and publicly published public keys? I don’t see any major disadvantages to using blockchain for this, and significant advantages. It’s a big deal if no one can selectively remove/conceal previously published info. If associating a key with an email, and someone is trying to impersonate you, you’ll know it, it’s not going to be hidden from you and specifically shown to someone else. It just makes sense to do it that way. Yes, you have to trust something at some point, but this is a way to minimize how much trust you have to give.

  • @dustyData
    link
    31 year ago

    Look, another solution without problem.

    • @[email protected]
      link
      fedilink
      121 year ago

      Key verification has been a real problem for decades, and AFAIK nobody’s made a solution that is simple and effective.

      • Atemu
        link
        fedilink
        21 year ago

        nobody’s made a solution that is simple and effective

        This one isn’t that either by the looks of it but it’s certainly a problem where something like blockchain could provide a solution.

  • Atemu
    link
    fedilink
    01 year ago

    So PM claims it has on the order of 10^8 users. Let’s assume each user has one email address with one public ed25519 key, both of which are likely false.

    Each key is 32Byte; 32B * 10^8 = 3.2GB.

    Could someone do the math how much fiat it’d take to store such an enormous amount of data on the Ethereum or monero blockchains?

  • Elias Griffin
    link
    English
    01 year ago

    So, every identity verification of your email address will be forever in the public domain? That’s counter to privacy. Your email address will be married to a block and chain? There is no thorny issue. That’s a solution to a problem that hardly anyone has. Ridiculous nonsense.

    If you are one of those people that thought CERN was looking out for your privacy, here is the rude awakening.

    • @DonkeyShot
      link
      31 year ago

      It is not counter privacy. It is (potentially) counter anonymity.

  • Possibly linux
    link
    fedilink
    English
    -61 year ago

    Don’t use proton…

    You can’t just give all of your data to one company and expect it to be private

    • @volleyballcrocodile
      link
      151 year ago

      Is your suggestion to self host your email or not use email? I’m not sure why you couldn’t find a company that you do trust, and proton seems to be one of the most likely candidates.

        • Possibly linux
          link
          fedilink
          English
          11 year ago

          Disroot uses proprietary JavaScript so I won’t consider it an option. I use posteo but I’m actually considering self hosting.

          The problem is that I probably would end up renting a VPS which would be much more expensive for little gain.

          In all reality email is pretty unprivate by design. Its better to focus on encrypted messaging.

          • psychhim
            link
            fedilink
            01 year ago

            @possiblylinux127 okay. But self hosting Posteo on a VPS ! The VPS company can still see your mails if it’s imap and maybe give them to the government as well.

        • @volleyballcrocodile
          link
          11 year ago

          I suppose that’s a fair point, although I thought they didn’t have access to your data in terms of email content. I agree with the point about not putting all your eggs in one basket but I’d seriously consider them for email only.

  • furzegulo1312
    link
    fedilink
    -91 year ago

    fuck this and blockchain in general so very, very much. time to look for another email provider.

    • @LufyCZ
      link
      111 year ago

      Sounds like you’re letting emotions cloud your judgement there mate