Avanna,Psycho Zhang,Simon Yan,Jonne Mao

DOI: https://doi.org/10.48550/arXiv.1902.09115

2019-02-25

Abstract:Using multi group asymmetric public and private keys, this paper proposes a encryption email communication system, which makes email communication more secure, lowers the service providerś network and storage consumption, and completely eliminates any spam. Prior to this, PGP (Pretty Good Privacy) partially solved the encryption problem, but it only encrypts the content of the mail. We would also expect a mail system to provide safe and reliable services, completely eliminate the spam emails, reduce the consumption of service providerś traffic and storage resources, and specially focus on protecting the user privacy and the data security of service provider.

Cryptography and Security

Fagen Li,Di Zhong,Tsuyoshi Takagi

DOI: https://doi.org/10.1109/tifs.2016.2585086

IF: 7.231

2016-01-01

IEEE Transactions on Information Forensics and Security

Abstract:Confidentiality and authentication are two main security goals in secure electronic mail (e-mail). Pretty good privacy (PGP) and secure/multipurpose internet mail extensions (S/MIME) are two famous secure e-mail solutions. Both PGP and S/MIME use digital envelope to provide message confidentiality and digital signature to provide message authentication. However, these methods have the following two weaknesses: 1) digital signature provides non-repudiation evidence of sender that is not desired in some e-mail applications and 2) efficiency is low, since these methods use two kinds of public key cryptographic primitives: public key encryption and digital signature. To overcome the above two weaknesses, we introduce a new concept called deniably authenticated encryption that can achieve confidentiality, integrity, and deniable authentication in a logical single step. We first propose a deniably authenticated encryption scheme and prove its security in the random oracle model. Then, we design a secure e-mail protocol using the proposed deniably authenticated encryption scheme. The deniable authentication property protects senders' privacy.

Gabriel Chen,Rick Wanner

DOI: https://doi.org/10.48550/arXiv.2208.00388

2022-07-31

Abstract:During today's digital age, emails have become a crucial part of communications for both personal and enterprise usage. However, email transmission protocols were not designed with security in mind, and this has always been a challenge while trying to make email transmission more secure. On top of the basic layer of SMTP, POP3, and IMAP protocols to send and retrieve emails, there are several other major security protocols used in current days to secure email transmission such as TLS/SSL, STARTTLS, and PGP/GPG encryption. The most general design used in email transmission architecture is SMTP with PGP/GPG encryption sending through an TLS/SSL secure channel. Regardless, vulnerabilities within these security protocols and encryption methods, there is still work can be done regarding the architecture design. In this paper, we discuss the challenges among current email transmission security protocols and architectures. We explore some new techniques and propose a new email transmission architecture using EEKS structure and Schnorr Signature to eliminate the usage of PGP/GPG for encryption while achieving Perfect Forward Secrecy.

Cryptography and Security,Networking and Internet Architecture

Xun Sun,Jianhua Li,Shutang Yang,Gongliang Chen

DOI: https://doi.org/10.1049/cp:20070274

2007-01-01

Abstract:As e-mail services get wide use in business transactions, the privacy and fairness properties of these services become more important. A certified e-mail protocol focuses mainly on the fairness of e-mail exchanges: it ensures that the receiver get access to the e-mail content if and only if the sender obtains a non-refutable proof of receipt, which is usually a signature of the receiver. This paper identifies a security flaw in a certified e-mail protocol for mobile environments based on the Guillou-Quisquater signature scheme, proposed at GLOBECOM 2003. A dishonest sender can exploit this flaw to gain advantage over the message receiver with high probability within a few rounds of interactions. We then propose an improved protocol, which is based on a verifiably encrypted RSA signature scheme, to fix this security flaw. The new protocol obtains a trustable security (fairness) level and is as efficient as the original insecure protocol.

Yali Si

DOI: https://doi.org/10.4028/www.scientific.net/amm.397-400.1941

2013-01-01

Applied Mechanics and Materials

Abstract:The security in e-mail protocol has received significant research attention. In this paper, an e-mail protocol, GSEP, using improved generalized signcryption scheme is proposed. GSEP can send private e-mail, public e-mail safely, and using key trace to solve the problem of key escrowing, using identity authentication to solve the problem of junk e-mail. The proposed protocol not only improves the information processing capability of e-mail system for its multi-function, but also guarantees the security of transmitting information.

Hung-Min Sun,Bing-Zhe He,Chien-Ming Chen,Tsu-Yang Wu,Chia-Hsien Lin,Huaxiong Wang

DOI: https://doi.org/10.1016/j.ins.2015.01.037

IF: 8.1

2015-01-01

Information Sciences

Abstract:Secure group communication over an untrusted open network is a continuing problem, especially in mobile environments. With the development of 3G networks and mobile computing technology, the number of group-oriented applications is increasing rapidly. Although these applications are convenient, achieving secure group communication to protect user privacy is a major concern. This study presents an authenticated group key agreement protocol for mobile environments. By using certificateless public key cryptography, the protocol reduces the cost of managing the certificates and avoids the key escrow problem. Instead of a fully-trusted server, the protocol uses a semi-trusted server, which helps users communicate but does not learn about the group key. The analytical results indicate that the proposed protocol provides good security in mobile environments.

Jianbin Hu,Hu Xiong,Zhi Guan,Cong Tang,Yonggang Wang,Wei Xin,Zhong Chen

DOI: https://doi.org/10.1109/ISPAW.2011.15

2011-01-01

Abstract:Key agreement protocols are multi-party protocols in which entities exchange public information allowing them to create a common secret key that is known only to those entities and which cannot be predetermined by any party. Recently, the notion of certificateless public key cryptography was introduced to mitigate the heavy certificate management burden in traditional public key infrastructure and key escrow problem in ID-based cryptosystem. In this paper, we present an efficient certificateless three-party authenticated key agreement protocol based on certificateless signature scheme. We show that the proposed protocol is secure (i.e. conforms to defined security attributes) while being efficient.

Itzel Vazquez Sandoval,Gabriele Lenzini

DOI: https://doi.org/10.1007/978-3-030-39749-4_11

2020-08-29

Abstract:To send encrypted emails, users typically need to create and exchange keys which later should be manually authenticated, for instance, by comparing long strings of characters. These tasks are cumbersome for the average user. To make more accessible the use of encrypted email, a secure email application named pEp automates the key management operations; pEp still requires the users to carry out the verification, however, the authentication process is simple: users have to compare familiar words instead of strings of random characters, then the application shows the users what level of trust they have achieved via colored visual indicators. Yet, users may not execute the authentication ceremony as intended, pEp's trust rating may be wrongly assigned, or both. To learn whether pEp's trust ratings (and the corresponding visual indicators) are assigned consistently, we present a formal security analysis of pEp's authentication ceremony. From the software implementation in C, we derive the specifications of an abstract protocol for public key distribution, encryption and trust establishment; then, we model the protocol in a variant of the applied pi calculus and later formally verify and validate specific privacy and authentication properties. We also discuss alternative research directions that could enrich the analysis.

Cryptography and Security

Zeyu Yang,Ziqing Wang,Fei Qiu,Fagen Li

DOI: https://doi.org/10.1016/j.jisa.2022.103388

IF: 4.96

2023-01-01

Journal of Information Security and Applications

Abstract:A group key agreement protocol allows a set of users to establish a common session key over an open network. A dynamic contributory group key agreement (DCGKA) protocol generates a session key based on contributions of all group members and allows a member to dynamically join or leave this group. Although current DCGKA can resist passive attacks, it cannot resist positive attacks like the man-in-the-middle (MITM) attack. In this paper, we propose a dynamic contributory Group Key Agreement protocol by using Short Signature (called GKA-SS) which uses bilinear map to accomplish the signature and the verification processes. The formal security proof shows that our protocol can resist both active and passive attacks under random oracle model. The informal security analysis indicates that our protocol can obtain backward secrecy, forward secrecy, etc. Besides, we analyze the communication and computation cost of our protocol and simulate it with pypbc library. As compared with TGECDH, our protocol is 2.4 times faster in join phase and 29 times faster in leave phase, when p is 512 bits, q is 160 bits and group size is 256.

Ming-Hui Zheng,Hui-Hua Zhou,Jun Li,Guo-Hua Cui

DOI: https://doi.org/10.1016/j.csi.2008.09.021

IF: 3.721

2009-01-01

Computer Standards & Interfaces

Abstract:This paper considers the issue on authenticated group key agreement protocol among n users broadcasting communication over an insecure public network. Many authenticated group Diffie-Hellman key agreement protocols have been proposed to meet the challenges. However, existing protocols are either limited by the use of public key infrastructure or by their scalability, requiring O(n) rounds. To overcome these disadvantages, we propose an efficient password-based group key agreement protocol resistant to the dictionary attacks by adding password-authentication services to a non-authenticated multi-party key agreement protocol proposed by Horng. The proposed protocol is very efficient since it only requires constant rounds to agree upon a session key, and each user broadcasts a constant number of messages and only requires four exponentiations. Under the Decisional Diffie-Hellman assumption, we will show the proposed protocol is provably secure in both the ideal-cipher model and the random-oracle model.

Yang ZHANG,Chaoyang LI,Xiangjun XIN,Fagen LI

DOI: https://doi.org/10.16186/j.cnki.1673-9787.2017.05.015

2017-01-01

Abstract:In order to improve the security and efficiency of the key agreement protocol,a secure one-pass and two-party authenticated key agreement protocol is proposed.In this protocol,a certificateless digital signature is sent to the receiver,in which the sender's public key,identification number,time stamp,and other identifiable information are signed.Then,the receiver verifies the variety of the digital signature.The session key is built by using the Diffie-Hellman key agreement protocol.The new protocol can be proved to be secure in random oracle model;it can also satisfy the properties of known session key secrecy,forward secrecy,uncontrollability of the session key and key compromise impersonation resilience.

李琦,吴建平,徐明伟,徐恪

DOI: https://doi.org/10.3321/j.issn:0372-2112.2009.10.033

2009-01-01

Abstract:E-mail has been an important application to transfer the data of communication on Internet.In order to securely and efficiently transfer the E-mail message,many researchers focus on the issues of providing basic encryption function for E-mail protocol or certified E-mail schemes.However,these schemes only meet part of the security requirements for a secure E-mail protocol,and fail to provide a complete solution from the view of a practical secure E-mail protocol.A secure E-mail protocol is defined and proposed for the first time in this paper.In this protocol,the message is encrypted by the short-term encryption keys which are negotiated by the Diffie-Hellman algorithm.The security analysis shows that the scheme not only provides the basic security mechanism but also guarantees the perfect forward secrecy.In addition,this protocol resolves the problems of certification,timeliness and sensitivity,which are strongly needed by a secure E-mail protocol.

Xue Feng,Qin Qiu,Zhi Tang

DOI: https://doi.org/10.1145/2389376.2389399

2010-01-01

Abstract:Email has been one of the most common medium for online communication. Directly proportional to this situation is the significant financial loss or privacy disclosure resulting from the unprotected emails. We need a secure email system to protect email wherever it goes. However, most existing secure email solutions can only achieve security during email transmission. After an encrypted email is received and downloaded on the recipient's computer, the email will lose protection. In this paper, we propose a copy protection method for email based on "client-to-client" architecture. The foundation of our method is a password based key negotiation protocol between two clients. Moreover, device-bound technology and commutative symmetric encryption are applied in our method to achieve persistent copy protection. Our method balances flexibility and security by allowing users to receive and use email on any of their devices.

Pascal Gerig,Jämes Ménétrey,Baptiste Lanoix,Florian Stoller,Pascal Felber,Marcelo Pasin,Valerio Schiavoni

DOI: https://doi.org/10.1145/3583678.3596899

2023-06-23

Abstract:Traditional email encryption schemes are vulnerable to EFail attacks, which exploit the lack of message authentication by manipulating ciphertexts and exfiltrating plaintext via HTML backchannels. Swiss Post's IncaMail, a secure email service for transmitting legally binding, encrypted, and verifiable emails, counters EFail attacks using an authenticated-encryption with associated data (AEAD) encryption scheme to ensure message privacy and authentication between servers. IncaMail relies on a trusted infrastructure backend and encrypts messages per user policy. This paper presents a revised IncaMail architecture that offloads the majority of cryptographic operations to clients, offering benefits such as reduced computational load and energy footprint, relaxed trust assumptions, and per-message encryption key policies. Our proof-of-concept prototype and benchmarks demonstrate the robustness of the proposed scheme, with client-side WebAssembly-based cryptographic operations yielding significant performance improvements (up to ~14x) over conventional JavaScript implementations.

Cryptography and Security

Fagen Li,Zhaohui Zheng,Chunhua Jin

DOI: https://doi.org/10.1007/s11235-015-0099-1

2015-01-01

Telecommunication Systems

Abstract:An authenticated encryption (AE) scheme simultaneously achieves two security goals: confidentiality and authenticity. AE can be divided into symmetric AE and asymmetrical (public key) AE. In a symmetric AE scheme, deniability is gained automatically. However, a public key AE scheme can not gain deniability automatically; on the contrary, it provides non-repudiation. In this paper, we address a question on deniability of public key AE. Of course, we can achieve this goal by “deniable authentication followed by encryption” method. However, such method has the following two weaknesses: (1) the computational cost and communication overhead are the sum of two cryptographic primitives; (2) it is complex to design cryptographic protocols with deniable authentication and confidentiality using two cryptographic primitives. To overcome the two weaknesses, we propose a new concept called deniable authenticated encryption (DAE) that can achieve both the functions of deniable authentication and public key encryption simultaneously, at a cost significantly lower than that required by the “deniable authentication followed by encryption” method. This single cryptographic primitive can simplify the design of cryptographic protocols with deniable authentication and confidentiality. In particular, we construct an identity-based deniable authenticated encryption (IBDAE) scheme. Our construction uses tag-key encapsulation mechanism (KEM) and data encapsulation mechanism (DEM) hybrid techniques, which is more practical for true applications. We show how to construct an IBDAE scheme using an identity-based deniable authenticated tag-KEM (IBDATK) and a DEM. We also propose an IBDATK scheme and prove its security in the random oracle model. For typical security level, our scheme is at least 50.7 and 22.7 % faster than two straightforward “deniable authentication followed by encryption” schemes, respectively. The communication overhead is respectively reduced at least 21.3 and 31.1 %. An application of IBDAE to an e-mail system is described.

Feng Yu,Linghui Meng,Xianxian Li,Daicen Jiang,Weidong Zhu,Zhihua Zeng

DOI: https://doi.org/10.3390/math12182906

IF: 2.4

2024-09-19

Mathematics

Abstract:Secure instant communication is an important topic of information security. A group chat is a highly convenient mode of instant communication. Increasingly, companies are adopting group chats as a daily office communication tool. However, a large volume of messages in group chat communication can lead to message overload, causing group members to miss important information. Additionally, the communication operator's server may engage in the unreliable behavior of stealing information from the group chat. To address these issues, this paper proposes an attribute-based end-to-end policy-controlled signcryption scheme, aimed at establishing a secure and user-friendly group chat communication mode. By using the linear secret sharing scheme (LSSS) with strong expressive power to construct the access structure in the signcryption technology, the sender can precisely control the recipients of the group chat information to avoid message overload. To minimize computational cost, a signcryption step with constant computational overhead is designed. Additionally, a message-sending mechanism combining "signcryption + encryption" is employed to prevent the operator server from maliciously stealing group chat information. Rigorous analysis shows that PCE-EtoE can resist adaptive chosen-ciphertext attacks under the standard model. Simulation results demonstrate that our theoretical derivation is correct, and that the PCE-EtoE scheme outperforms existing schemes in terms of computational cost, making it suitable for group chat communication.

mathematics

Chengbang Li,Chunxiang Xu

DOI: https://doi.org/10.1108/03321641311296990

2013-01-01

Abstract:Purpose - The purpose of this paper is to introduce a scalable group key exchange (GKE) protocol with provable security, which is used to establish a confidential channel.Design/methodology/approach - The protocol in this paper uses line structure, rather than formal ring structure or tree structure, to reduce the amount of calculation and communication.Findings - In the protocol, every participant just need send two messages. The security can be proved under the Decisional Diffie-Hellman (DDH) problem.Originality/value - Using the protocol provides an efficient and secure method to allow group users to share a common key.

Shi Yijuan,Li Jianhua

DOI: https://doi.org/10.1007/s11859-006-0194-y

2007-01-01

Wuhan University Journal of Natural Sciences

Abstract:Certificateless public key cryptography was introduced to overcome the key escrow limitation of the identity-based cryptography. It combines the advantages of the identity-based cryptography and the traditional PKI. Many certificateless public key encryption and signature schemes have been proposed. However, the key agreement in CL-PKE is seldom discussed. In this paper, we present a new certificateless two party authentication key agreement protocol and prove its security attributes. Compared with the existing protocol, our protocol is more efficient.

Haomin Yang,Yaoxue Zhang,Yuezhi Zhou

DOI: https://doi.org/10.1109/wicom.2012.6478268

2012-01-01

Abstract:Certificateless public key cryptography has appealing features, namely it does not require the use of certificates and yet does not have a private key escrow property. In this paper, we propose a certificateless challenge-response signature scheme from bilinear pairings and a dual version of it, and prove these schemes secure under the bilinear Diffie-Hellman assumption in the random oracle model. Using the signatures as blocking blocks, we propose a certificateless two-party key agreement protocol. The proposed key agreement protocol preserves the desirable security properties. The protocol requires each party to compute one pairing operation, three scalar multiplications and no modular exponentiation. Compared with the other related protocols, the protocol has advantages in both security and computational efficiency.

Hu Xiong,Zhong Chen,Zhiguang Qin

DOI: https://doi.org/10.1080/00207160.2011.568613

IF: 1.75

2011-01-01

International Journal of Computer Mathematics

Abstract:Key agreement protocols are multi-party protocols in which entities exchange public information allowing them to create a common secret key that is known only to those entities and which cannot be predetermined by any party. Key agreement can be achieved using a public key infrastructure or identity-based cryptography. However, the former suffers from a heavy certificate management burden, while the latter is subject to the so-called key escrow problem. Recently, the notion of certificateless public key cryptography (CL-PKC) was introduced to mitigate these limitations. In this paper, we introduce the notion of three-party authenticated key agreement into CL-PKC and propose a concrete certificateless three-party authenticated key agreement protocol. We show that the proposed protocol is secure (i.e. conforms to defined security attributes) while being efficient.