Happy New Year
[squirrelmail.git] / plugins / squirrelspell / doc / CRYPTO
1 CRYPTOGRAPHY SUPPORT IN SQUIRRELSPELL
2 --------------------------------------
3
4 Starting with version v0.3 SquirrelSpell is capable of working with encrypted
5 user dictionaries. However, this option is only available when PHP
6 is compiled with support for MCRYPT. This is relatively easy -- to enable
7 MCRYPT support, follow instructions at:
8
9 http://www.php.net/mcrypt
10
11 NOTE: You will need libmcrypt version 2.4.x or above for SquirrelSpell
12 to work.
13
14 HOW IT'S DONE
15 --------------
16 SquirrelSpell encrypts the dictionary with the user's mailbox password,
17 thus making the encryption/decryption process transparent to the user.
18 The algorythm used for encryption is Blowfish, but you may manually override
19 it in the code if you so wish.
20
21 The only shortcoming this approach has -- when mailbox password is changed,
22 SquirrelSpell asks the user to enter the old password in order to re-encrypt
23 the file with the new key. If the user doesn't remember the password, then
24 the file is lost, unless you want to brute-force it open.
25
26 The encryption is off by default and users are warned about remembering
27 their passwords before they enable encryption of their personal dictionary.
28
29 I haven't tested the overhead. If anyone has any benchmarks -- you are
30 welcome to share them.