FAQ: Technical Questions & Answers
How does GoodCrypto protect metadata?
This overview is for IT administrators. If you prefer security details see Security focus: How does mail metadata protection work?
GoodCrypto uses Ed Snowden's design from HOPE X to protect email metadata. Very quickly, GoodCrypto :
- Uses GPG to encrypt from individual to individual.
- Periodically mixes all messages to a domain into the body of a single message.
- Pads and uses GPG to encrypt the mixed group message. This encrypts all end user metadata.
When GoodCrypto first boots it prepares an email address and key for your domain. This is separate from the keys for individuals. Keys are automatically exchanged the first time that two GoodCrypto mail domains connect.
On a regular schedule GoodCrypto:
- Signs and encrypts messages going to a domain with each individual's key.
- Attaches all the messages for that domain to one new message.
- Pads the mixed group message to a fixed size.
- Encrypts the group message.
When a message arrives at the destination, GoodCrypto reverses the process and delivers individual messages
Usually both the sender and recipient have personal keys. Then their individual messages are encrypted in layers, first with the individual key and then with the metadata key.
GoodCrypto automatically exchanges keys. The administrator receives email whenever a new metadata key arrives so so it can be verified.
As both systems generate and exchange keys, GoodCrypto continuously makes your mail more secure. If you need to be sure that your first contact is safe, check that your GoodCrypto private server has a metadata key for the other domain.
Of course, until other packages implement this open source protocol for metadata protection, you will need GoodCrypto on both ends.