HushMail

HushMail is the first product from Hush Communications, which holds the patent on a unique technology for managing private keys as a part of a corporation’s Public Key Infrastructure (PKI). The patent (US Patent #6,154,543) titled “Public Key Cryptosystem with Roaming User Capability” details technology that enables a users to store their private key on a central server, without the central server having access to the private key; this is achieved by symmetrically encrypting the private key before sending it to the central key server. HushMail is the first proof-of-concept for this technology, providing end-to-end encrypted mail and digital signatures from any Java-enabled web browser.

The HushMail Secure Email Applet - Click to enlarge

Starting in October 1999, I worked on HushMail as the senior developer, reworking the initial alpha prototype client in order to enable maintainability and extensibility. When I started the client software consisted of only 8 classes to provide all of the encryption, communication, and user interface functionality (see Version 1.04 of the code); by the time I’d finished, the alpha client code had been refactored into 130 classes abstracting all areas of the client’s functionality. The effectiveness of this solution proved itself in short order when I easily (in less than two weeks) augmented the communication protocol and message processing to enable the product to work through proxies, and added more complex message processing capabilities to support digital signatures. In addition, the code was completely localized and internationalized using Java’s built-in Unicode and resource support, in preparation for providing HushMail support for non-English speaking locales.

In the interest of encouraging peer review, all of the code I developed for the client portion of the HushMail software was released to the public on Hush.ai. I was responsible for all versions of the HushMail client from version 1.11 through 1.301 inclusive; this included extensively commenting the source code, and documenting the solution in preparation for the growth of the development team. The development team grew on our arrival in Dublin from three developers to more than a dozen; during this time, my role expanded to including the Development Team Leader and Senior Arichitect roles. When I left HushMail in October 2000, we were already investigating a new version of the client software built using HTML as the user interface, and implementing OpenPGP as the new HushMail message format. More recently, Phil Zimmermann, of PGP fame, joined Hush as the Chief Cryptographer to help spearhead further adoption of the OpenPGP standard.

This code is presented for peer review, and education; while the client code is freely available for inspection, the server code is not. For those developers interested in validating the operation of the HushMail applets, I’m providing a document detailing how to set up a client test environment using the live HushMail servers, and the files necessary to configure the applets to run in a Java appletviewer: