As most of you know, email is very insecure. Even when connecting to SSL protection between the client and the server that sends the email, the message itself will be in clear text, while it will iterate through the Internet, leaving it vulnerable to eavesdropping.
Another consideration is that the sender may not want the message to be readable - even by the intended recipient - after some time or after it has been read once. There are a number of reasons for this; for example, a message may contain confidential information that may be requested upon subpoena.
The solution (the most common, I think) is to send a message to a trusted third party and a link to this message to the recipient, who then reads this message from a third party. Or, the sender can send an encrypted message (using symmetric encryption) to the recipient and send the key to a third party.
In any case, there is a fundamental problem with this approach: if this third party is compromised, all your efforts will be futile. For a real example of such an incident, refer to Crypto AG errors in collusion with the NSA.
Another solution I saw was Vanish , which encrypts the message, breaks the key into pieces, and stores the fragments in DHT (namely, Vuze DHT). These values can be easily and fairly reliably obtained simply by looking at the hashes (hashes are sent with a message). After 8 hours, these values are lost, and even the intended recipient will not be able to read the message. With millions of nodes, there is no single point of failure. But this was also violated by the installation of a Sybil attack on DHT (see the Vanish Web page for more information).
Anyone have any ideas on how to do this?
EDIT: I guess I didn't understand myself. The main problem is not that the recipient intentionally holds the message (I know that it is impossible to control), but the message is available somewhere.
, Enron . , , .