Skip to content
/ das Public

Decentralized end-to-end encrypted (E2EE) email communication

2 stars 1 fork Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

JoelStansbury/das

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

105 Commits

das

das

 
 

.gitignore

.gitignore

 
 

README.md

README.md

 
 

environment.yml

environment.yml

 
 

setup.cfg

setup.cfg

 
 

setup.py

setup.py

 
 

Repository files navigation

das (Deem, Aryee, Stansbury)

das ist gut

Desktop application for decentralized secure email communication

Demo: https://kennesawedu-my.sharepoint.com/:v:/g/personal/jstansb2_students_kennesaw_edu/EXI_zIlCD-RDqhRzZ2CzpuMBCbb1oP80meyQdEGYiWq_NA?e=raocch

System Requirements

Windows 10
Microsoft Outlook

Python Requirements

flask application host
sympy large prime number generation
pypiwin32 OS level communication between python and MS Outlook

These are installed with pip install -e . from the root of the repo.

Usage

python -m das.app

and navigate to http://localhost:5000 to see the website

Data Stewardship

  • Utilizing Outlook to handle email sending/recieving means that the users do not need to enter their email account passwords into our application.
  • We believe that the best form of data stewardship is not requesting the data in the first place. While direct access would eliminate the dependence on 3rd party email clients, we understand that this code does not have the same level of trust as MS Outlook and do not wish to compel users to relinquish that trust to us. This may change in the future once that trust has been established.
  • We do however require the ability to read emails. The code currently reads the past 2 days worth of emails outlook.py#L42. This is unavoidable
  • Similarly we require the ability to send emails on behalf of the user (using MS Outlook as a proxy) outlook.py#L81. This is also an unavoidable requirement.
  • We do not, however store any email data to any local files. The unencrypted text exists in memory for the duration of the session until the application is stopped.
  • There is no internal communication except what is required between MS Outlook and the javascript application
  • There is no external communication except what performed by MS Outlook for sending emails outlook.py#L81, and javascript for obtaining dependencies index.html#L5

DISCLAIMER 1: Keys shared between users are stored in an unencrypted file das/key_manager/keys.csv. If an encrypted conversation is to be rendered practically un-decryptable, it is required that both users delete the line corresponding to the other user in their keys.csv. It is also not read-write protected, so this is something that must be fixed before the tool is to be used in a critical setting.

DISCLAIMER 2: This is still vulnerable to Man-in-the middle attacks carried out by either MS Outlook or the email service providers. Mitigating or eliminating this threat is a topic for future work.

Running the App (debug mode)

This allows automatic reloading of the application whenever a python script is edited.

flask --app das/app.py --debug run

and navigate to http://localhost:5000 to see the website

About

Decentralized end-to-end encrypted (E2EE) email communication

Resources

Readme
Activity

Stars

2 stars

Watchers

2 watching

Forks

1 fork
Report repository

Releases

No releases published

Packages

No packages published

Contributors 3

  •  
  •  
  •  

Languages