Lavabit developer has a new encrypted, end-to-end email protocol
The developer behind Lavabit, an email service that noted leaker Edward Snowden used, is releasing source code for an open-source, end-to-end encrypted email standard that promises surveillance-proof messaging.
The code for the Dark Internet Mail Environment (DIME) standard will become available on Github, along with an associated mail server program, said its developer, Ladar Levison, on Friday.
DIME will work across different service providers and perhaps crucially will be “flexible enough to allow users to continue using their email without a Ph.D. in cryptology,” said Levison.
[To comment on this story, visit Computerworld’s Facebook page.]
To coincide with its launch, Levison is also reviving Lavabit. The encrypted email service shut down in 2013 when federal agents investigating Snowden demanded access to email messages of his 410,000 customers, including their private encryption keys.
Levison decided to shut it down rather than help the U.S. government violate his customers’ privacy, he wrote on Friday.
“I chose Freedom,” he said. “Much has changed since my decision, but unfortunately much has not in our post-Snowden world.”
Levison said he is relaunching the service, citing “recent jaw-dropping headlines” over how email remains insecure.
“Today, we start a new freedom journey and inaugurate the next-generation of email privacy and security,” he wrote on Lavabit’s site.
The revived Lavabit is also built with DIME, which Levison started with a Kickstarter fund in 2014. It is designed to encrypt the email and its transmission, including the metadata such as the message’s subject line, sender and recipient.
The new Lavabit will operate in three encryption modes that range from Trustful, Cautious to Paranoid. Each mode handles message encryption and private key storage differently at the expense of ease of use.
For instance, Paranoid mode means Lavabit’s servers will never store a user’s private keys.
Initially, however, Lavabit will only be accessible to existing users of the service and only in Trustful mode. New users must pre-register and wait for the eventual rollout.
Lavabit is a subscription-based service. On Friday, it was offering a discount deal. For $15 annually, a user can have access to 5GB of email storage. For $30, a user can have access to 20 GB of space.