In April, we announced that the DAPSI initiative accepted the proposal for our Secure-by-Design Communication Protocols (SCoP) project. Today, we are thrilled to announce that SCoP has passed the initiative’s Phase 1, and we are now on our way to Phase 2!

SCoP is an open, secure, and resource-efficient infrastructure to engineer a modern basis for open messaging (for existing and emerging protocols) using type-safe languages and unikernels—to ensure your private information remains secure. After all, you wouldn’t like your postal carrier reading your snail mail, so why should emails be any different?

Challenges

To operate an email service requires many technical skills and reliable infrastructure. As a result, only a few large companies can handle emails with the proper security levels. Unfortunately, the core business model of these companies is to mine your personal data.

The number of emails exchanged every day is expected to reach 333 billion in 2022. That’s a considerable amount of data, much of it private or sensitive, sent across Cyberspace through portals with questionable security. The ‘memory unsafe’ languages used in most communication services leave far too much room for mistakes that have serious ramifications, like security flaws that turn into security breaches, leaving your personal or business information vulnerable to malicious hackers.

Due to this global challenge, we set out to build a simple, secure, easily deployable solution to preserve users' privacy, and we’re making great strides toward accomplishing that goal. We base our systems on scientific foundations to last for decades and drive positive change for the world. Our robust understanding of both theory and practice enables us to solve these security problems, so we explore ideas where research and engineering meet at the intersection of the domains of operating systems, distributed systems, and programming languages.

Every component of SCoP is carefully designed as independent libraries, using modern development techniques to avoid the common reported threats and flaws. For instance, the implementation of protocol parsers and serializers are written in a type-safe language and tested using fuzzing. Combining these techniques will increase users' trust to migrate their personal data to these new, more secure services.

Architecture

The architecture of the SCoP communication service is composed of an Email Service based on a secure extension of the SMTP protocol, and a decentralised real-time communication system based on Matrix.

The SMTP and Matrix protocols implemented in SCoP follow the separation of concerns design principle, meaning that the SMTP Sender and SMTP Receiver are designed as two distinct units. They’re implemented as isolated micro-services which run as unikernels. The SMTP Sender, Receiver, and Matrix are all configurable, and each configuration comes with a security risk analysis report to understand possible privacy risks

Progress

Not only are we on our way to Phase 2 in the DAPSI Initiative, but we’re also proud to report that we’re on track with our planned milestones!

Our first milestone was to generate a corpus of emails to test our parser implementation against existing projects in order to detect differences between the descriptions specified in the RFCs. We now have 1 million emails that have been parsed/encoded without any issues! Our email corpus keeps isomorphism between the encoder and decoder, and you can find it in this GitHub Repo, as we encourage implementors of other languages to use it to improve their trust in their own implementation.

We set out to implement an SMTP extension mechanism and support for SPF as well as implement DMARC, a security framework, on top of DKIM and SPF for our second milestone, and we are right on target. To date, we’ve completed four components:

• SPF
• DKIM
• SMTP can send and verify emails
• MrMIME can generate the email, then SMTP sends the email (signed by a DKIM private key). We can correctly sign an email, generate a signature, and the DKIM field containing the signature. When the email is received, we check the DKIM signature and the SPF metadata.

For our third milestone, we set out to implement DNSSEC, a set of security extensions over DNS. This security layer verifies the identity of an email sender through DKIM/SPF/DMARC, but it also needs security extensions in the DNS protocol. We completed our initial investigation of a DNSSEC implementation prototype, and we discovered several issues, like some of the elliptic curve cryptography was missing. Those necessary cryptographic primitives are now available, so we should complete this milestone by the end of the month.

Finally, our fourth milestone was to implement the Matrix protocol (client and server). We completed the protocol’s client library, which sends a notification from OCaml CI. Plus, we have a PoC, and Matrix’s server-side, which received the notification, is also complete.

Although we still have much work ahead of us, we’re quite pleased with the progress thus far, and so is the DAPSI Initiative! Follow our progress by subscribing to this blog and our Twitter feed (@tarides_) for the latest updates.