Wired reports that Ladar Levison (of Lavabit fame) hired the convicted ex-hacker Stephen Watt to create DarkMail — a set of protocols and servers which apply a similar approach as onion routing to the email metadata (sender and recipients) and would still enable the existing email clients go "dark".
The internet is littered with burgeoning email encryption schemes aimed at thwarting NSA spying. Many of them are focused on solving the usability issues that have plagued complicated encryption schemes like PGP for years. But a new project called Dark Mail plans to go further: to hide your metadata.
The project has made for an interesting pairing between Texas technologist Ladar Levison and convicted hacker Stephen Watt, whom he's hired to help develop the code. Both have had previous battles with the government in very different ways.
The project is composed of several parts: an email client called Volcano; server software called Magma Classic and Magma Dark; and the Dark Mail, or Dmail, protocol, which they're designing to replace existing protocols for sending and retrieving email that don't hide metadata.
"If you trust your server, you can use Outlook and the server will handle everything for you," Levison says. "The preference would be that you use the Dark Mail client, but I understand that this is not even a possibility for some organizations."
Dark Mail is modeled loosely on TOR — The Onion Router... With Dark Mail, there are primarily two main servers involved in an email transaction: the sender's domain and the recipient's. And although the sender's server can identify the source from which the email was sent, it doesn't know the recipient, just the recipient's domain. The server at the recipient's domain decrypts the "to:" field to deliver the correspondence to the right account, but doesn't know who sent the email — just the domain from which it came.