Recommended email solution for securely communicating with vendors?

Hey so I'm a member of a few different markets. Right now mostly Hansa and it seems cool so far. But I only ever have a market account which means I only communicate through the market's built in messaging system. Of course I use encrypted messages when sending sensitive data, and I know how to stay safe in that regard.

However sometimes vendors will not log in to a marketplace for a few days (or sometimes longer), but will provide an email in their vendor description. Also sometimes markets tend to go down and I think it would be good to have direct relationships with the vendors through secure email. I'd like to know how to email them directly for faster communication, but presently, I have no darknet email solution.

I do have a Tutanota email account, which is a clearnet service that sends encrypted messages. I tried using that email account to send an email to a vendor's @torbox3uiot6wchz.onion email address, and it asked me for a shared password, and I didn't know what to do, so I didn't send the email.

Forgive the n00bness of this question but I really think this is an important thing. So yeah.... what's the best way/solutions for communicating to people/vendors through email? Any thoughts/suggestions/input/feedback is appreciated.

-ADoctorinthehouse


Comments


[4 Points] Snapcardhero:

use sigaint


[2 Points] Bbmcisrightyoufools:

Every service is secure once you use Tor and PGP, as long as they don't ask for phone number verification or other irl identity info. That being said, cock.li and sigaint are good


[2 Points] Atr0city--:

Sigiant is where it's at.


[2 Points] Satoshi-:

Looks like he might be promoting phishing links, reported to mods.


[2 Points] noonehear:

Gmail is NSA protected.


[2 Points] hilltopbandaids:

bitmessage.ch is actually quite good.


[1 Points] None:

[deleted]


[1 Points] noonehear:

Gmail is NSA protected.


[1 Points] Devoid_:

Proton mail for the long run, guerilla mail for best opsec, sigaint is the easiest and still secure enough. Watch YouTube videos for bitmessage and set that up properly for the best results


[1 Points] None:

Encrypt your messages and ANY email is suitable. A bitmessage email gateway is a possibility.

If you use RSA encryption you could have your messages intercepted so long as you have a proper public for the recepient you are golden.

It does suffer from a lack of forwards insecurity (if your vendor is busted and his public key caught you are screwed).

For the curious: This is a way to get perfect forwards security bypassing this problem. This is how a DH exchange works (how SSL works). I have your public key I use it to encrypt a number g and another number p and the result of A which is the result of ga mod p, I keep x as secret g and p aren't any old numbers but well chosen and very large). I have to be sure it's truely your public key, I could get it from anumber of sources info grams et c.

You then reply to me with B which is gb mod p. This is signed with your public key and encrypted by mine. You keep b as secret and I keep a as secret.

We can now both make a shared secret S which is Ab mod p, which is Ba mod p, which is also gab mod p, so long as the descrete logirthithm problem is intact this is a secure shared secret despite the fact that everyone may know g, p and B and A!

Now we switch to symmetric encryption with our shared key. Once done we delete this key forever.


[0 Points] lsdisforme:

the best way is to get a pigeon trained to carry the message. That or just use PGP and it doesnt matter