das ist gut
Desktop application for decentralized secure email communication
Windows 10
Microsoft Outlook
flask application host
sympy large prime number generation
pypiwin32 OS level communication between python and MS Outlook
These are installed with pip install -e .
from the root of the repo.
python -m das.app
and navigate to http://localhost:5000 to see the website
- Utilizing Outlook to handle email sending/recieving means that the users do not need to enter their email account passwords into our application.
- We believe that the best form of data stewardship is not requesting the data in the first place. While direct access would eliminate the dependence on 3rd party email clients, we understand that this code does not have the same level of trust as MS Outlook and do not wish to compel users to relinquish that trust to us. This may change in the future once that trust has been established.
- We do however require the ability to read emails. The code currently reads the past 2 days worth of emails outlook.py#L42. This is unavoidable
- Similarly we require the ability to send emails on behalf of the user (using MS Outlook as a proxy) outlook.py#L81. This is also an unavoidable requirement.
- We do not, however store any email data to any local files. The unencrypted text exists in memory for the duration of the session until the application is stopped.
- There is no internal communication except what is required between MS Outlook and the javascript application
- There is no external communication except what performed by MS Outlook for sending emails outlook.py#L81, and javascript for obtaining dependencies index.html#L5
DISCLAIMER 1: Keys shared between users are stored in an unencrypted file
das/key_manager/keys.csv
. If an encrypted conversation is to be rendered practically un-decryptable, it is required that both users delete the line corresponding to the other user in theirkeys.csv
. It is also not read-write protected, so this is something that must be fixed before the tool is to be used in a critical setting.
DISCLAIMER 2: This is still vulnerable to Man-in-the middle attacks carried out by either MS Outlook or the email service providers. Mitigating or eliminating this threat is a topic for future work.
This allows automatic reloading of the application whenever a python script is edited.
flask --app das/app.py --debug run
and navigate to http://localhost:5000 to see the website