############## CONTINUED ###################

STEP 6) Select a strong password for a new user account

# passgen --bytes 33

Write this down in a passbook and add a few random numbers and letters from your mind in here as well.
Alternatively store your keys in a gpg encrypted file on an airgapped computer with a memorizable password to open the file.

STEP 7) Create a new user with your anonymous handle /name

# useradd anon12345foo -m -s /bin/bash
# password:
# verify password:

STEP 8) Restart the services
You might have to postmap the file recipient access

# cd /etc/postfix
# echo "anon12345foo permit" >> recipient_access
# postmap recipient_access
# echo "127.0.0.1 permit" >> client_access
# echo "192.168.1.32 permit" >> client_access
# postmap client_access
# postmap aliases
# postmap access
# echo "[email protected] anon12345foo" >> virtual
# postmap virtual
# echo "[email protected] anon12345foo" >> virtusertable
# postmap virtusertable

or use a different username for logon than the anonymous name used for communication

// i think virtual is required I'll check my endfix.cf

# systemctl restart postfix
# systemctl restart dovecot

# systemctl status postfix
# systemctl status dovecot

STEP 9) Setup imap retrieval with clawsmail
etc. using the name and paswsword for the anon user account,
or don't use dovecot just read it from the maildir directly or use Mutt.

Go into claws-mail options and add a new account ...

STEP 8) create a pgp public key using RSA 4096

sign in as anon12345foo

$ gpg --generate-key

$ save the public key or export it to armored ASCII

$ gpg --list-keys -u anon12345foo
$ gpg --export -a -u anon12345foo

STEP 9) Distribute the hidden service name, your handle, and the public key to your intended recipient.

STEP 10) Check your mail using claws-mail or use mlogz.sh to look at activity on your mail server for new incoming mail.

# mlogz

STEP 11) Send mail to other tor hidden service mail servers using endmail.sh

# gpg --import anon_523cachu_pgp.asc
# pgp --encrypt -r anon_523cachu -a -o encrpted.asc message.txt
# endmail --help
# endmail [email protected] "Re: from anon12345foo" encrypted.asc
or
# endmail [email protected] "-" encrypted.asc

And place the return address and user info in the encrypted message body thus eliminating meta data in the headers except for the recipient.

STEP 12) Get burned ?
# rm -rf /srv/tor/mail/hostname
# rm -rf /srv/tor/mail/privatekey

and restart tor to start over

# userdel -rf anon12345foo
# useradd anon142boo -m -s /bin/bash

and edit /etc/postfix/main.cf and /etc/dovecot/dovecot.conf to reflect the new hidden service name.

edit /etc/postfix/recipient_access and change the recipient name to anon142boo
# postmap recipient_access
# systemctl reload postfix
# systemctl restart postfix

There might be errors or omissions in the above but I think that's the general process. Now you have a tor hidden service mail server, that uses a selfsigned certificate and you have a gpg public key. you use tor and ssl and gpg to secure your email communications, and you are known by your handle and hidden service .onion address.

################# END OF GUIDE ####################################

STEP 13) Air Gapping It

To add an extra layer of security we will be using A:\ drive floppy disks to shuttle the encrypted.asc messages to and from a dedicated airgapped encryption station preferably running openBSD on a non-intel architechture, SPARC, PowerPC, Alpha, etc. Do not use USB as a substitute for this step (STUXNET).

0. Your decryption station will have full disk encryption and be powered off when not in use
1. Generate your keys on the air gap
2. Export your public key,change the file permisions to read only and save it onto a floppy disk A:\
3. Take the floppy disk and sneaker net it to your transmision computer which has the hidden service and postfix on it.
4. Publish your anonymous user name and public key as well as the hidden service onion name using tor and icecat, links, or endcurl or however on your tor hidden service website or on a message board forum like endchan.xyz.
5. Recieve the hidden service onion name and public key of your correspondent ( by reading a published name,address and public key on a forum or other communication method or by recieving it in your inbox by postfix after publishing yours)
6. Save the public key of your correspondent onto a floppy disk A:\ change permisions to read only write a sha256sum checksum for the file and shuttle it to the decryption/encryption station.
7. check the file againts the checksum, and then gpg import the public key to your key ring
8. Type a message for your recipient in plain text on the air gapped encryption station and encrypt it to encrypted.asc. Delete the plain text file if unnecessary to archive especially if it is incriminating.
9. Write the encrypted message encrypted.asc to the floppy disk and change permisions to read only also write the sha256 sum of the file to the floppy if you have space.
10. Shuttle the message by floppy disk A:\ to the transmission computer and send to your recipient using endmail
11. You can also write the sha256 sum of the file or sha512sum of the file onto the disk before sneaker netting it.
12. You can include this sha256 checksum as another attachment to transmit to the recipient or as a second followup email
13. Recieve an encrypted message response from postfix, change its file permissions to read only ( chmod ugo-xw encrypted.asc ) and copy it onto a floppy disk A:\
14. take the sha256sum of the file and also write it onto the floppy disk with ( sha256sum encrypted.asc >> sha256sum.txt ; chmod ugo-xw sha256sum.txt ; cp sha256sum.txt /dev/fd0 or however that is mounted like /mnt/floppy)
13. Shuttle this by sneaker net to the decryption station check the sha256 sum against the file value and decrypt wtih gpg, delete the plaintext response, and either write a response and repeat or reboot the computer.
14. Power off the decryption station airgap after communications have ended to protect your station.

This step protects against keylogging or other malware revealling your message during compositon before encryption.

This protocol is now named:

Super Mega Maximum Communication Security Protocol (SMMCSP)

Maximum Security Electronic Mail Communications Protocol (MSEMCP)

Brought to you by the Endware Development Team (c) 2017.

Game On NSA.

>>995

This name is juvenile

I'm renaming it to:

Maximum Security Electronic Mail Communications Protocol (MSEMCP)

That's more descriptive of what it is. Its a standard now. Email me with endmail.sh if you set up a server after you test it.

The great thing about this system is that it is opensource, distributed, anonymous, transport layer encrypted, and the message is RSA 4096 encrypted by gpg. Currently you do not have to have a working server to submit mail to a server. So if you were part of a 10 man spy ring with a central node the field agents only need to learn how to use gpg to encrypt and to install swaks, tor, torsocks and use a variant of endmail.sh to report back to central command. Of course it can be used for server to server anonymous communications as well. Since it uses gpg several recipients can be addressed to one [email protected] and then central command can distribute the messages to their intended recipients after the first decryption. So you could encrypt with a general wrapper that contains the meta data (to: field ) that central command uses to distribute the message to the person it is intended for, and then put the from: and subject: in the targeted encryption for that person that central command/dispatch can't read. So you'd have two gpg keys one public key for central command and then a public key for the intended recipient. The field agent would perform 2 encryptions the first for the recipient with the subject: and from: field in the plain text, and then the second encryption with the to: field in the plain text of of the encrypted file.

Anyways I'm now calling it the:

Maximum Security Electronic Mail Communications Protocol (MSEMCP)

Maximum Security Electronic Mail Communications Protocol (MSEMCP)

or

Maximum Security Encrypted Message Communication Protocol(MSEMCP)

Maximum Security Encrypted Message Communication Protocol (MSEMCP)

Author: Endwall from the Endware Development Team
Creation Date: August 8, 2017
Copyright: The Endware Development Team (c) 2017
License: You are Free to Study, Reproduce, Copy, Modify, Implement, Test, and Use this protocol as described below, in the spirit of the Endware End User License Version 1.15.

Description:

This protocol MSEMCP provides:
1. Message security through physical isolation of the encryption station by a read only Floppy Disk Message Sneaker Net (FDMSN)
2. Strong Public Key Cryptography using RSA 4096 bit.
3. Transmission and reception anonymity through Tor with 12 hops.
4. Trust and Verification through TLS 1.2 with RSA 4096 bit, and Self Signed Server Certificates to compare repeated server connections.

All of which can be implimented with 4 tools:
1) A Base install of a *nix BSD or GNU operating system in text mode.
2) GNU privacy guard (gpg) on the airgapped encryption decryption system.
3) TLS 1.2 using RSA 4096 certificates from OpenSSL used in a Postfix Mail server to allow for certificate comparison to build trust and continuity.
4) Anonymity durring message transmission and recption using the Tor network with 12 hops,(and weak encryption SHA1 RSA 1024).

Minimal instalation:

Computer 1 (Transmision computer)
1. Base install of *Nix in TEXT MODE no GUI / or use a GUI (whatever)
2. Postfix (or OpenSMTPD ), Tor, Torsocks, Swaks, OpenSSL ( or LibreSSL or GnuTLS)
3. endget.sh, endmail.sh, endfix.cf (for postfix)
4. A 3.5" Floppy drive with 1.44MB HD IBM format Floppy Disks

Computer 2 (Decryption/Encryption Station)
1. Base install of *Nix + Full disk encryption in TEXT MODE no GUI
2. Gnu Privacy Guard gpg
3. Air Gap : Unplug the computer from internet permenantly post installation
4. A 3.5" floppy drive with 1.44MB HD IBM format Floppy Disks

Encrypt and Decrypt messages on Computer 2 with gpg and Send messages with endmail.sh and Receive messages with Postfix with endfix.cf on Computer 1
Move the keys and messages by read only 3.5" floppy disk files. Do not substitute USB for floppy disk read only files (STUXNET).

Also after writing the encrypted message onto the floppy disk, eject it and then flip the write protect tab on the floppy. So that you only read encrypted.asc and sha256sum.txt from the floppy on your transmission work station when sending the file.

In general you can improve this protocol by having 2 air-gaped computers, that share your private key. One for decrypting messages, the other for encrypting messages. That way information never flows back and forth between your air-gap stations and the transmission computer.


READ ONLY Floppy 1 computer 1
[TRANSMISSION STATION] <-------------- [ENCRYPT STATION]

computer 2
Floppy 2 READ ONLY
[TRANSMISSION STATION] --------------> [DECRYPT STATION]


The transmission station has the tor mail server (postfix) with tor and endmail. The Encrypt and Decrypt station are separate computers that share your private key for pgp (not necessary if you're not signing anything, since you encrypt with the counterparty's public key only) . Both are air gaped / full disk encrypted running OpenBSD, and floating on a battery backup (off the power grid). Basically unplug your UPS from the wall for 15-20 mins while you do this operation, shutdown the computer then plug the APC back in to recharge the batteries. If malware flows in to the decrypt station, it can't return to the transmission station or jump across to the encrypt station. Nothing ever flows in to the Encrypt station only out.

If malware flows in to the decrypt station, it can't return to the transmission station or jump to the encrypt station. Nothing ever flows in to the Encrypt station only out. Nothing flows out of the decrypt station only in.

If you don't need to sign anything you could encrypt messages for your recipients without your private key. That way the private key will only be on the decrypt station and information never flows out of it, only into the decrypt station, so there is no chance to steel the private key. READ only is enforced by the write protect tab on the floppy, and by not writing anything intentionally.

Nothing should flow into the encryption station, but I guess you have to get the public keys for your recipients onto the encryption station somehow, so you can make an exception for that, or do it during installation if you have a small consistent set of people that you communicate with. Or just risk bringing in a new public key by floppy disk. It's a very small attack surface.

The point is to assume that the transmission computer can or will get compromised by a keylogger, or by other malware, since it is internet connected, and to shield the messages by encrypting on the air gap.

You might need to jump new public keys onto the encryption station but aside from that nothing comes in, only messages go out on it. With the decryption station nothing comes out, only encrypted messages go in.

1.44MB is enough to have a book's worth of text. That should be enough for passing messages.
The King James bible is 4.3MB uncompressed 1.3MB compressed with gzip. So 2 floppy disks should be sufficient to shuttle messages back and forth for a couple of years.

If both message counter-parties did this protocol, it would be pretty secure. If your messages were leaked at that point and you discovered it by some means, you could safely assume that the person that you are communicating with is a rat,snitch,traitor, etc., who forwarded the decrypts along to your adversaries / enemies.

Its not unbeatable, for instance someone could install a camera in your room...and point it at your decrypt / encrypt station monitors,or keyboard, or have switched your keyboard for your encrypt station with a keyboard with RF signalling by physical access, which is why physical security is also important.

test