[jsilence]

Nice idea, but it breaks email search and thus is a no-go for me. I find myself seaching my mailbase quite often and if search does not work, i'd just as well delete them right after reading.

A possible solution could be to script my MUA using IMAP to decrypt incoming mail automatically and store them locally in a truecrypt container. No sure how well this would work.

Other solutions to the "search encrypted mails" problem?

[knotty66]

Maybe Fully Homomorphic Encryption will help here? http://en.wikipedia.org/wiki/Homomorphic_encryption

Not sure how practical this is at the moment, or will be in the future. Hopefully an expert can weigh in ?

[AnIrishDuck]

I don't consider myself an expert, but I see homomorphic encryption and secure multiparty communication trotted out as potential solutions to similar problems all the time. It (no offense) rarely seems like the speaker has more than superficial knowledge of HE and SMPC work.

I've looked into both in an extremely limited fashion, but am not an expert. And I've spent far more time looking into SMPC than HE. So take the rest of what I'm going to say with massive amounts of salt (I'd love to be corrected by an expert in any of my commentary).

Right now there are huge efficiency hurdles that must be overcome before these solutions are remotely tractable to general computation problems. All that HE and SMPC give you is an extremely expensive way to do addition and multiplication on fields. An intelligent observer may point out that's all you need to do computation. In GF(2), addition is the XOR operation and multiplication is the AND operation. Anyone that's taken a computational organization class knows these two gates are all you need to construct a general purpose computer.

The real show-stopper is the cost. SMPC requires communication between participants for all multiplication operations. This means every AND operation requires "mixing" to regain randomness and maintain secrecy. There are hundreds, if not thousands, of AND operations required for one cycle of even the most simplistic processor. That's not even touching the necessity for simulating RAM with GF(2) multiplication/addition, which would require AND operations for each multiplexing gate used.

A paper I found indicated that SMPC processor emulations are still struggling to run in the MHz range [1]. And that's without knowing what kind of communication is allowed between the participants (I'm guessing it's running on a local network).

Again, I know very little about HE. But I'm under the impression that there are still similar efficiency hurdles. I've also heard some troubling reports on patent grabs for FHE schemes [2].

1. http://u.cs.biu.ac.il/~orlandi/icassp-draft.pdf

2. http://blogs.teamb.com/craigstuntz/2012/04/04/38707/