[PLUG] Encrypting email...
plug_0 at robinson-west.com
plug_0 at robinson-west.com
Tue Mar 8 09:44:13 UTC 2005
I've had a problem with unauthorized access of a
Horde IMP accessible email account. I'm curious
about encrypting the messages in the account so
that an individual who intercepts them is far
less likely to know their content. In essence,
I want someone who figures out the password
to only get garbage if they don't know the
decryption secret.
Lately, this person and I have agreed to cease
communicating for a decent length of time hoping
to discourage the thief.
I've learned that the password was known by
the thief. The old password, pocahontas,
was too simple. Then again, it wasn't like
anyone was supposed to know this email
account existed for her and I didn't expect
anyone to guess the password. I didn't
notice any failed logins, so I don't think
this person ever had to guess.
At this point, I've limited remote
logins by ip and I changed the
password. Unfortunately, this
person has said that he/she can
figure out the password regardless
of what it's set to.
I have a feeling her ISP based email
accounts will be hacked or via
some clever dishonesty gotten into.
Oh well. I suppose she can give
email up completely except for safe
messages that she has to send.
I realize encryption isn't a solution,
but it could at least slow the thief.
If it slows the thief enough,
maybe my friend and I can
communicate again in this way.
There's a telephone, but when it is
used there is an easily obtained
record of the call. If I had known
the password was going to leak, I
might have declared a communication
blackout months ago.
For starters, I'm thinking I can encrypt
messages by mapping the alphabet to a
different set of 26 symbols. I figure
I can start with a mixture of numbers
and letters. I would be nice if I had
a program I can email to that will
encrypt the message and then forward
it on to her account. I figure if I
have five different mappings and
a random one is used for each paragraph
in an email, that that should be
reasonably hard to crack. Maybe some
letters should be replaced with two
symbols so that a cracker doesn't
know the length of the original
word. If I have say nine symbols
to replace spaces with and I use
them randomly, it should be very
hard to decipher the message.
More information about the PLUG
mailing list