<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<meta content="text/html; charset=ISO-8859-1"
http-equiv="Content-Type">
</head>
<body text="#000000" bgcolor="#ffffff">
Hello!<br>
<br>
<div align="justify">Is there a way to encrypt all of the Cyrus'
user-specific files on the disk? So that somebody breaking in -- or
stealing the server -- has no access to the messages (and other data)
unless a user's password is also available?<br>
<br>
This is how I'd envision it:<br>
<ul>
<li>A somewhat secret "salt" and the location of a (memory-backed)
cyrus-only directory, such as <tt>/tmp/cyruspw</tt>, are set in a
config-file.<br>
</li>
<li>A user logs in using a pam-module, which creates a symlink such
as <tt>/tmp/cyruspw/</tt><i>user</i> -> <tt>somehash(</tt><i>salt</i>+<i>password+user</i><tt>).</tt></li>
<li>Subsequent access to the user's files uses the above hash as the
key for user's messages, attachments, etc.<br>
</li>
<li>New messages are stored unencrypted (or on a shared encrypted
partition) until the next time this user logs in. When he does, his
user-specific encryption begins in background.</li>
<li>When the user disconnects, and all unencrypted messages are
encrypted, the user's entry is removed from <tt>/tmp/cyruspw</tt>
until his next login.<br>
</li>
<li>A (rare) password-change will require all unencrypted messages to
be re-encrypted with the new hash -- until the re-encryption is
completed, the server will keep the old hash around (in a different
location, that would survive a system restart, such as <tt>/var/cyrus/oldpw/</tt><i>user
</i>-><i> oldhash</i>) to provide access to the not-yet-re-encrypted
messages.<br>
</li>
</ul>
</div>
<div align="justify">A fancier system could also provide for a "master
password" to allow message-recovery in case of the user forgetting
their password (or a law-enforcement subpoena). Some people may choose
to not use this feature in their setup...<br>
</div>
<div align="justify"><br>
</div>
<div align="justify">I think, this ensures reasonable protection for
the stored messages without any cooperation from the MUA -- a stolen
server (or a decommissioned hard-drive) will not reveal user's e-mails.
Also, each user is assured, that their old emails are not accessible to
anyone, <i>when he isn't accessing them himself</i>.<br>
</div>
<div align="justify"><br>
</div>
<div align="justify">This may be possible to do right now -- without
changing the Cyrus' code at all -- by using encrypted filesystems.
Unfortunately, it means, each user's files would have to reside on
their own filesystem... The proposed mechanism would provide a better
way without <i>too much</i> trouble. What do you think?<br>
</div>
<blockquote>-mi<br>
</blockquote>
</body>
</html>