New, improved version of Hive-Mail, with browser-based GUI
Dear Friends, I'd like to make public a new, much improved version of my Hive-Mail. In case you missed it, here's the original post here on Hive.
In addition to a lot of operational flexibility and considerable cryptographic muscle added, this version also has a simple and intuitive browser-based GUI. Enjoy!
So What's New in This New Version?
Glad you asked! In addition to the GUI, this new version of Hive-Mail (which I'm calling "Version 1") comes with a lot of novelties and improvements, such as:
🚗✈️⛵🛸 Send Messages Any Way You Want!
The only Hive operation required now to use Hive-Mail is that of registering your Hive-Mail Public Key to your account's metadata. That's it, absolutely no other onchain operations are required! This can be done very easily using the new GUI:
Once you and the person you want to communicate with both have a Hive account with a Hive-Mail Public Key registered, you can use Hive-Mail to encrypt and decrypt messages, and encrypted messages can be sent any way you like! No need to send the messages onchain anymore, which had the disadvantages of consuming a lot of Resource Credits and remaining onchain (arguably unnecessary and undesirable for personal communication).
So, once a message is encrypted, you can send it to your recipient via e-mail, WhatsApp, Signal, or any other way you want. Theoretically you could also send those messages onchain via Hive, but this option makes little sense and thus is not included in the new Hive-Mail GUI.
This means Hive-Mail now uses the Hive blockchain solely to anchor and expose Public Keys, which are harboured securely (so long the Hive account itself is kept secure) and made available for everyone to consult in an uncensorable way. This allows for secure and uncensorable communication available anywhere, requiring only internet access.
My personal recommendation is to use a dedicated Hive account for Hive-Mail communication; such Hive account can be named after your main public Hive account, with a ".msg" or "-msg" suffix added to it, just like in the example I gave above. But that's just a suggestion, you can just as fine use your main Hive account if you like.
🛡️💪🏻🗝️ Reinforced Cryptography
The new version of Hive-Mail uses the following cryptographic algorithms:
Hashing Algorithms:
• SHA3-512
• SHA512 (SHA2)
• Blake2b
• Whirlpool
All of these algorithms give 64-byte outputs, and they are used in a custom KDF-like pipeline with 512-byte intermediates. Why all that? Future-proofing, really. The hashing costs are negligible compared to the time cost of interacting with Hive nodes e.g. to fetch public keys onchain.
Symmetric Encryption Algorithms:
• XChaCha20-Poly1305
• XSalsa-Poly1305
• AES-GCM-SIV
These are used in cascade mode to perform data encryption, each with a distinct key and nonce.
Asymmetric Encryption Algorithms:
• X25519 (elliptic curve-based, not quantum-resistant)
• ML-KEM-1024 (Module-Lattice-based Key Encapsulation Mechanism, based on CRYSTALS-Kyber)
• HQC-256 (Hamming Quasi-Cyclic)
This is a diverse and very robust combination of public key cryptographic algorithms, including two quantum-resistant ones. Hive-Mail Keys (both private and public) are composed of elements from these three algorithms.
Important: Hive keys (owner, active, posting, memo), private or public, are not used anywhere by Hive-Mail, with the sole exception of the Private Active Key which is used exclusively to save the Hive-Mail Public Key to the account's metadata. This means only the special Hive-Mail keys, and not any of the regular Hive keys, are used in the cryptographic pipelines for message encryption and decryption.
Post-Quantum Cryptography is now Optional
One of the additions to this new version of Hive-Mail is that the user can now choose whether or not to use quantum-resistant asymmetric cryptography:
Nota bene: Choosing to use post-quantum cryptography entails in an additional increase of ca. 19 KiB to the final size of the encrypted message. Yes, reinforced security comes with a price.
Private Key Management
As expressly stated in the UI, the security of Hive-Mail is completely dependent on the user's capacity to keep his Hive-Mail Private Key safe. The use of a password manager is very strongly recommended. My personal recommendation is KeePassXC for Linux or KeePass for Windows. If you prefer an online manager, Proton Pass is likely the best option as of today.
That's it, I hope you guys like this new version of Hive-Mail. Make sure to test it! My plan is to keep maintaining and improving it. Stay tuned for updates!
🙏🏻 Also I genuinely hope this new tool will make it harder for oppressors worldwide to suppress communication and freedom of speech
Congratulations @hassemer! You have completed the following achievement on the Hive blockchain And have been rewarded with New badge(s)
Your next target is to reach 20 posts.
You can view your badges on your board and compare yourself to others in the Ranking
If you no longer want to receive notifications, reply to this comment with the word
STOPI was unaware of this tool. It is another step towards communicating outside traditional channels with privacy. It is important that Hive continues to build for the future. Thank you for your work!
Thanks! Please help spread the word.
Thank you for making it - it's an awesome tool !
If I could make a suggestion, it would be to look at how the person at the other end gets the keys to decrypt a message. Currently, it's fine between two people who are already signed up and familiar with Hive.
Perhaps what is needed is a "standard text" that can be pasted into a (separate) email or (in an ideal case) printed out and passed over by hand beforehand explaining in idiot-proof layman's terms how to sign up and get set up to decrypt. But I can also see the risk that doing that means a bad actor might intercept the instructions as it would have to be sent unencrypted. Is there any kind of receiver verification, so that the encrypted email includes data for the system to recognise behind the scenes whether the user name and keys match those of the expected recipient ?
Thanks for the feedback!
Regarding your suggestion: To be frank not sure I get what you mean. In order to send a message using Hive-Mail the sender needs 1) the recipient account name, and 2) the message to be encrypted. The recipient in turn needs three things to perform decryption: 1) his account name, 2) the encrypted message received from the sender, and 3) his own Hive-Mail Private Key. So the sender does not need to have a Hive account, but the addressee does. This is due to the public key system used by Hive-Mail.
So even if such instructions were to be added somehow, you still wouldn't be able to send encrypted messages to a recipient who up to that moment still doesn't have a Hive account.
That said, I think I'll add to the Hive-Mail website a link to the Ecency app so people who still don't have a Hive account can get set up.