LEAP Encryption Access Project

Bring back the 1990s!

What is Federation?

  • user → provider → provider → user
  • eg: SMTP, XMPP

Better federation

  • The users should be protected from the provider.
  • The provider should be protected from users.

is not dead

What does
LEAP do?

  1. LEAP Platform:
    a toolkit to make it easy for you to run a service provider.
  2. New protocols:
    so that users don't need to trust the provider.
  3. Bitmask client:
    a client that works smoothly with any compatible provider.

LEAP Platform

sudo gem install leap_cli
leap new example --domain example.org
cd example
leap add-user --self
leap cert ca
leap cert dh
leap cert csr
leap node add blueberry services:openvpn \
     ip_address: openvpn.gateway_address:
leap node add raspberry services:couchdb,webapp \
leap init node
leap deploy

New Protocols

  • Soledad: searchable client-encrypted synchronized database.
  • Bonafide: secure user registration, authentication, password change, etc.
  • Key management: precise rules for OpenPGP best practices, automated.

Bitmask client

Example service: Email

We want all the features

  • Easy to use.
  • Backwards compatible with email and current OpenPGP usage.
  • End-to-end encryption.
  • Service provider has no access to user data.
  • Automatic key discovery and validation.
  • Strong protection for metadata, when supported.
  • Cloud synchronized for high availability on multiple devices.
  • No cleartext is ever written to disk.
  • Fully searchable email.
  • Work while offline, sync when network is available.


Soledad: client-encrypted storage of content and metadata, searchable, offline support, backed up, sync'ed to multiple devices.

Invisible keys: let the robot manage keys; simple federated provider validation to start; forward compatibility with better validation as new protocols come online.

Tor: relay SMTP over hidden service when available (not in stable platform yet, but working live for two email providers).

Secure Remote Password: A login/password user experience, but the provider never has access to the password cleartext.

Infrastructure approaches:

  • LEAP - SMTP & OpenPGP
  • DIME - New protocols

Client approaches:

  • Whiteout - Javascript client
  • Mailpile - Python client
  • e2e - Browser extension, from Google and Yahoo (maybe some infrastructure key validation in the future)
  • Mailvelope - Browser extension

Our goals:

  • increase the cost of dragnet surveillance
  • mass adoption

Web Interface

  • Potentially hosted by third party.
  • Think "Bitmask client" but hosted in the cloud.
  • Good looking.
  • Search and tagging.
  • Keys on the server, no browser crypto.