It looks like you're using an Ad Blocker.

Please white-list or disable AboveTopSecret.com in your ad-blocking tool.

Thank you.

 

Some features of ATS will be disabled while you continue to use an ad-blocker.

 

Encrypted Email Development

page: 1
0

log in

join
share:

posted on May, 20 2014 @ 08:31 PM
link   
I haven't posted here in years, but I heard something today that prompted me to come here and share it with all of you.

I work in IT, managing the software and processes for a non-profit agency. We work with an outside vendor who manages most of our hardware.

During an off-the-cuff conversation today with one of their guys, he mentioned to me that one of his friends is working on a project for the Government of the USA.

The plan is to create an encrypted email protocol that doesn't work on Port 25. It's apparently for an internal system, though I don't know for what agency. I'm not even sure he knows. I won't claim to know enough about email protocols to understand how something like this would work, but I trust the source implicitly.

I figured I would bring this to the ATS crowd to see if anyone here had any ideas or thoughts on how a system like this would work and what it would be for. Maybe it's a lot less significant than he made it sound, but stuff like this is outside my area of expertise.



posted on May, 20 2014 @ 08:40 PM
link   
Something other than simple mail transfer protocol?
Most email encryption schemes don't do much more than authenticate, so why is a new protocol needed?



posted on May, 20 2014 @ 08:46 PM
link   
Perhaps they want the key exchange to be handled automatically by the new system as well. Or server authentication in an attempt to avoid Man-in-the-middle attacks.

Custom end-to-end communication encryption service running on a non-standard port, sounds good for any 3-letter agency.



posted on May, 20 2014 @ 10:22 PM
link   
Email can use any port it wants to be honest as long as that port has the rules of SMTP/POP its probably some custom job which uses the ports out of the standard ICANN range < 1000.

TBH there are quite a lot of different email systems about there isn't just one. it would be quite cool to invent your own, infact i might do that if i get bored enough on day.

I can imagine some sort of Blowfish encryption or asynchronous style encryption (Like PGP) actually if it was encrypted it would be a terrible choice to be on SMTP since that protocol is not encrypted, authenticated but not encrypted.

Maybe some sort of SSH style authentication tunnel with PGP style encrypted messages in it, it really depends how encrypted it is, would the meta data be accessible?

Kinda cool if you ask me



posted on May, 21 2014 @ 03:13 AM
link   
If its completely in house then they can do what the hell they want, its when you have to talk to 'outside' people you have to use the relevant standards or all you get is a phone call saying "WTF is this thing?", most of this will be serverserver transfers done over an encrypted transmission rather than plain text as it would be in normal life



posted on May, 21 2014 @ 03:16 AM
link   
a reply to: Maxatoria

....except of course, we'll all hear about this 10 years from now for how it'll cost twice as much to replace a non-standard system that won't interface with anything else than it would have to just use a standard one now.

Ahh..Government...Isn't it fun watching people spend money they get like Mana from Heaven and no one even makes them account for? All kinds of weird stuff gets made. lol...




 
0

log in

join