Conversation

Notices

1. Embed this notice
   ejim (ejim@muenster.im)'s status on Tuesday, 26-Nov-2024 06:16:16 JST ejim

   • Solène :flan_hacker:

   @solene on your blogpost https://dataswamp.org/~solene/2024-09-12-email-selfhost-to-protonmail.html
   You said "when making your account, Proton Mail generates an encryption key on their server"
   Do you know the reason why they are doing it this way instead of generating the key on the client? And then just storing the public key?

   You also said "the server requires a lot of CPU" regarding dovecot using a lot of cpu encrypting incoming emails with GPG. Can you give a little more detail, how much of which CPU? :)

   • Embed this notice
     Solène :flan_hacker: (solene@bsd.network)'s status on Tuesday, 26-Nov-2024 06:16:14 JST Solène :flan_hacker:

     in reply to

     @ejim they do it this way as it make it easier for most users as they just have to remember a password

     as for dovecot and GPG, just try to run GPG on 20 MB files and see how much CPU is used ;)

   • Embed this notice
     Solène :flan_hacker: (solene@bsd.network)'s status on Tuesday, 26-Nov-2024 16:06:16 JST Solène :flan_hacker:

     in reply to

     @ejim if you have to send the private key this does not change anything

   • Embed this notice
     ejim (ejim@muenster.im)'s status on Tuesday, 26-Nov-2024 16:06:18 JST ejim

     in reply to

     • Solène :flan_hacker:

     @solene
     I thought it could be implemented like this:
     Client:
     [Public, Private]=GenerateKeys()
     Encprivate=encrypt(Private,Hash(Userpassword))
     Post("/storeKeys", {Public, Encprivate})

     And for decryption we send the encrypted Private Key and decrypt it with the user password.

     🤔Hm, how does Password reset work?

   • Embed this notice
     ejim (ejim@muenster.im)'s status on Tuesday, 26-Nov-2024 21:43:17 JST ejim

     in reply to

     • Solène :flan_hacker:

     @solene the private key could be encrypted with a derivation of the user password