Securing Internet Electronic Mail

  • Mark Vandenwauver
  • Frank Jorissen
Part of the Lecture Notes in Computer Science book series (LNCS, volume 1528)


Thanks to the widespread success of the Internet, the use of e-mail has become common practice. More and more people are even using it as a primary means of communication. Unfortunately, regular users are not aware of the risks they are facing. If you send a regular letter, you can rely on the confidentiality of its content but not so with plain e-mail. Each message can be intercepted by a trained computer user connected to the net. Indeed in this paper we will show how easy it is to read other people's e-mail, and even change it without being caught. Thanks to an extensive use of cryptography, we can limit these risks. We will present and analyze an overview of the latest available standards and tools.


Smart Card Encrypt Data Initial Value Internet Draft Secure Electronic Transaction 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    A. J. Menezes, P. C. van Oorschot, and S. A. Vanstone, Handbook of Applied Cryptography, CRC Press, 1996.Google Scholar
  2. 2.
    International Standards Organization, Digital signature schemes giving message recovery-Part 2: Mechanisms using a hash-function, Draft International Standard ISO/IEC 9796-2, December 1996.Google Scholar
  3. 3.
    A. S. Tanenbaum, Computer Networks, Prentice Hall, 1996.Google Scholar
  4. 4.
    International Telecommunication Union-Telecommunications Standardization Sector, The Directory-Authentication Framework, Recommendation X.509, 1996.Google Scholar
  5. 5.
    RSA Laboratories, Cryptographic Message Syntax Standard, PKCS #7, Version 1.5, November 1993.Google Scholar
  6. 6.
    D. Crocker, Standard for the Format of ARPA Internet Text Messages, RFC 822, University of Delaware, August 1982.Google Scholar
  7. 7.
    N. Freed, N. Borenstein, Multipurpose Internet Mail Extensions (MIME) Part One: Format of Internet Message Bodies, RFC 2045, Innosoft and First Virtual, November 1996.Google Scholar
  8. 8.
    J. Galvin, S. Murphy, S. Crocker, and N. Freed, Security Multiparts for MIME: Multipart/Signed and Multipart/Encrypted, RFC 1847, TIS and Innosoft, September 1995.Google Scholar
  9. 9.
    J. Linn, Privacy Enhancement for Internet Electronic Mail: Part I: Message Encryption and Authentication Procedures, RFC 1421, IAB IRTF PSRG, IETF PEM WG, February 1993.Google Scholar
  10. 10.
    S. Kent, Privacy Enhancement for Internet Electronic Mail: Part II: Certificate Based Key Management, RFC 1422, BBN Communications, February 1993.Google Scholar
  11. 11.
    D. Balenson, Privacy Enhancement for Internet Electronic Mail: Part III: Algorithms, Modes, and Identfiers, RFC 1423, TIS, February 1993.Google Scholar
  12. 12.
    B. Kaliski, Privacy Enhancement for Internet Electronic Mail: Part IV: Key Certification and Related Services, RFC 1424, RSA Laboratories, February 1993.Google Scholar
  13. 13.
    X. Lai, J. L. Massey, and S. Murphy, Markov Ciphers and Differential Cryptanalysis, Advances in Cryptology-EUROCRYPT’ 91, LNCS 547, August 1991.Google Scholar
  14. 14.
    S. Dusse, S/MIME Message Specification: PKCS Security Services for MIME, Internet Draft, RSA Laboratories, September 1996.Google Scholar
  15. 15.
    M. Elkins, MIME Security with Pretty Good Privacy (PGP), RFC 2015, Aerospace Corporation, October 1996.Google Scholar
  16. 16.
    S. Crocker, N. Freed, J. Galvin, and S. Murphy, MIME Object Security Services, RFC 1848, Cybercash, Innosoft and TIS, October 1995.Google Scholar
  17. 17.
    C. Dinkel (Ed.), Secure Data Network System (SNDS) Network, Transport and Message Security Protocols, U.S. Department of Commerce, National Institute of Standards and Technology, Report NISTIR 90-4250, 1990.Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 1998

Authors and Affiliations

  • Mark Vandenwauver
    • 1
  • Frank Jorissen
    • 2
  1. 1.ESAT/COSICKatholieke Universiteit LeuvenHeverleeBelgium
  2. 2.Uti-maco BelgiumHolsbeekBelgium

Personalised recommendations