The format of your mail storage encryption is an orthoganl issue. (If
you prefer it there is nothing stopping you protecting your mailbox as
a whole, or mails within it with pgp formats). Just decrypt with the
communications private key and re-encrypt with the storage public key,
or symmetric key (it is after all a message to your self where public
key is not necessarily needed).
In this way you have separated the key management of storage keys vs
communications keys vs signing keys. Storage keys and signing keys it
is usually convenient to have long lived. Encryption keys it is more
secure to have short lived. (Think forward secrecy.)
The fact that your storage key is necesarrily long lived presents a
much leser risk: to make use of storage decryption keys, the attacker
first has to seize your machine (or in your case ask the university /
ISP for the encrypted mailbox). Encrypted emails on the other hand
can be eavesdropped by the ISP, hackers and law-enforcement. There
are many people who use their PGP keys only on systems they control.
There are at least 3 different ways to achieve storage encryption:
store the mailbox in an encrypted filesystem (convenient on linux,
windows etc); decrypt and re-encrypt (with a storage key) each mail as
you read it storing the modified re-encrypted mail back in the
mailbox; find or patch a mail client to automatically work from PGP
(or otherwise) storage key encrypted mail box.
If on the other hand you rely on message encryption to protect your
mail, you have to retain the corresponding private key esentially
indefinately which is a long term security risk. Were the key you
have since 2.0 days compromised and someone were out to get you,
they'd get every mail you ever received since 91 or 92. I'd argue
that this is a bad idea, but I guess it depends on your perceived
threats. For me at least I intentionally revoked and deleted the
private key of my older key to achieve forward secrecy. (First I had
to re-encrypt a few things encrypted with it).
On Mon, Jun 16, 2003 at 10:21:57AM -0400, Derek Atkins wrote:
Ian Brown <I(_dot_)Brown(_at_)cs(_dot_)ucl(_dot_)ac(_dot_)uk> writes:
You clearly don't archive your encrypted email...
Indeed -- I decrypt messages before saving them (and use separate
storage encryption to protect the mail store.) Nor do I save every
message sent and received (which I know some people do).
I've still got messages encrypted with PGP 2.0 sitting in my
mail storage. The pgp encryption is better than any disk
encryption I could get -- especially considering that I dont
maintain my disk storage or backups myself. ;)
The wonders of "distributed computing"...