Author Topic: Improvement for group mail  (Read 2229 times)

0 Members and 1 Guest are viewing this topic.

Offline logxing

1,The original way can  suppress spam in a certain degree.Sending mass e-mail must do POW.
The new way,the The mail sender's Calculation is less.

2,The new way ,attacker can attack N Ciphertext at the same time.Once one of the them were cracked,
attacker can see the Plaintext.The original way has no this problem.

3,The new way will leak the number N.

That's all for the moment.
BTS Account:logxing

Offline alt

  • Hero Member
  • *****
  • Posts: 2821
    • View Profile
  • BitShares: baozi
When I send a mail to many peaple, client will send too many mails to the network, each one for a person. When the mail is large, with an attachment, It's very Inefficient。I think we should broadcast only one mail to the network。

1. generate a random key: aes_key
2. encrypt mail with this key:
    em.data = aes_encrypt( aes_key, fc::raw::pack(*this) );
3. encrypt this aes_key to the vector for all receive
    for(n=0, n++, n<sizeof( reiceivelists))
{
    auto priv_dh_key = fc::ecc::private_key::generate();
    em.dh_key_list[n]        = priv_dh_key.get_public_key();
    auto aes_key2      = priv_dh_key.get_shared_secret( reiceivelists[n] );
    em.aes_key_list[n] = aes_encrypt( aes_key2, fc::raw::pack(aes_key) );
    em.check[n] = ......
}

every receiver can decrypt the aes_key correct with their own public key. then decrypt the mail with the shared aes_key.
The problem is: this will change the data struct of encrypted_message, the old client can not receive mail which send from new client  ....
I think there is a good chance to do it before the real release at the end of Jan.
« Last Edit: January 10, 2014, 05:07:03 am by alt »