14 Aug 2013

How RPost Encryption is Secure and Different from Lavabit and Silent Circle, in Light of NSA Whisleblower Revelations

On Thursday, August 8th, rather than allegedly allowing the U.S. government access to their users’ messages, two secure email services, Lavabit and Silent Circle’s Silent Mail, suddenly and voluntarily closed their doors. The publicity surrounding the shutdowns have once again led to questions about “how RPost encryption is different?”

Store and forward systems, those systems that store messages and forward them as links, copies, or access are susceptible to the type of man-in-the-middle data leak exposures brought to light by the NSA revelations. Because Lavabit and Silent Mail used a store and forward encryption method (the key being “store”), they were targeted by the government because in essence, the encrypted emails could be retrieved as they were being stored somewhere on a server.

By contrast, RPost does not store messages. RPost service provides direct delivery to the recipient desktop. As mentioned in our July blog, there are generally three types of systems commercially available to encrypt email today:

1. Public Key Exchange – Secure but Complex for Many.
This involves exchanging public encryption keys among your contacts (PKI Digital Certificates) and using Microsoft Outlook on your desktop computer. This “strong crypto system” has proven to be too cumbersome for most to use. One has to purchase and install these certificates, manage the expiration, ensure your recipients have a copy of your public key, and you theirs, and make sure all are using a compatible email program such as Microsoft Outlook desktop software.

2. Secure Store and Forward – “Man in the Middle” Problems.”
Systems that store your message content in the middle, and send a link to the recipients to download the content, are often used by consumers (and some companies) not understanding their most sensitive information is being stored on a third party server with unknown data security and message purge practices (which may differ from their stated policies). Further, there is no protection from unknown recipient endpoint security or lack thereof. So store and forward systems are not considered “strong crypto systems.”
Note, some systems that wrap your email in an encrypted HTML file before sending, often purport themselves to be “direct delivery,” but leave out the important point that the process of decrypting, is often sending the data back to the server in the middle. That server storing the decrypted message and displaying it in a web browser still has the same Man in the Middle storage purge concerns. Further, there is no protection from unknown recipient endpoint security or lack thereof. So it’s better than simple Secure Store and Forward, but still retains the Man in the Middle issues, and not considered a “strong crypto system.”

3. True Direct Delivery – RPost Method and the Best Method.
Systems that wrap the message in an encrypted PDF file are “strong crypto systems” as (a) the message content is not stored in the middle, (b) content is truly delivered to the recipients’ desktops encrypted, AND (c) the content remains encrypted at the recipient endpoint to prevent potential disclosure regardless of the recipient endpoint security. This is the RPost encryption method, and we’ve made it easy to use and implement for both the sender and recipient (for both compliance and personal privacy).

RPost has been offering secure electronic messaging services for more than 10 years and is a winner of the World Mail Award for best in security.