Mailfence high-level security analysis

All crypto operations relating to private key, and the bodies of emails are performed after user unlocks the key with the respective passphrase.

Following table will provide a high-level security analysis overview with respect to the type of information and the level of protection that it holds.

Type of Information

Level of Protection

Source of random data when creating new PGP keys Entropy collected via the client device
Password encrypted in transmission from browser to web server SSL/TLS
Password securely stored on web server SHA256 (iterated and hashed)
Passphrase exposure Passphrase check for all crypto-activty always occurs on the client side – and never gets exposed to the server.
Private key encrypted in transmission between browser and web server Two-layers of encryption:
1- With user passphrase (via AES)
2- TLS/SSL
Private key encrypted in storage With user passphrase (via AES)
Private key decrypted on web server Does not apply to Mailfence – as all the private key en(de)cryption occurs on the client side with the user passphrase.
End-to-end encrypted messages during transmission from client browser to Mailfence servers Two layers of encryption:
1 – SSL/TLS
2 – PGP
End-to-end encrypted messages body and attachments during transmission between web server and recipient email account PGP (plus TLS if supported by recipient)
End-to-end encrypted messages body & attachments encrypted in storage on web server PGP
End-to-end encrypted messages body & attachments known to web server Never – as all the crypto-operations concerning end-to-end occurs purely on the client side.
Message headers encrypted during transmission from browser to web server SSL/TLS
Message headers encrypted during transmission between web server and recipient email account TLS (if supported by recipient)
Message headers in storage on web server Not encrypted

Vulnerability Analysis

The following points apply to emails sent using end-to-end encryption:

Attack Level of Protection
Attacker is listening to your Internet connection Protected
Attacker gets access to email stored on the server Protected
Attacker gets access to the server’s databases Protected
Attacker compromises webserver after you have accessed your email Protected
High-level MiTM attack – where an adversary sends you a false code for all the crypto-related operations to check Not protected
Attacker has access to your account Protected (but the sent end-to-end encrypted messages will be viewable in clear text)
*this is planned to be mitigated
Attacker has access to your computer before you access your email (and can install programs such as key logger/malware…) Not protected

Don’t hesitate to contact us in case you have more questions about High-level security analysis of our service.

Reclaim your email privacy!

Follow us on twitter/reddit and keep yourself posted at all times.

 

– Mailfence Team


Spread the word !

M Salman Nadeem

Information Security Analyst - Security Team | Mailfence

You may also like...

Leave a Reply

Your email address will not be published. Required fields are marked *