Advertisement

Practical and Secure E-Mail System (PractiSES)

  • Albert Levi
  • Mahmut Özcan
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 3261)

Abstract

In this paper, a practical and secure e-mail system (called “PractiSES”) that performs public key distribution and management in a unique way is proposed. PractiSES is a network of several domains. At the domain level, a designated PractiSES server, which is trusted by all users of that domain, distributes the public keys. If a user needs another user’s public key at a different domain, then inter-domain communication is carried out. PractiSES clients manage their public keys and obtain public keys of other users by using unique, secure and user-transparent protocols. PractiSES clients can exchange e-mails in encrypted and/or signed fashion. Since on-demand fetching of public keys is aimed in PractiSES, use of certificates is limited for inter-domain communications only; no certificates are used within a domain. Our simulations show that a state-of-the-art PC would be sufficient to serve as PractiSES server of a medium-size organization.

Keywords

Certificate Authority Message Authentication Code Home Server Domain Server Client Module 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Ramsdell, B. (ed.): S/MIME Version 3 Message Specification, RFC 2633 (June 1999)Google Scholar
  2. 2.
    Network Associates, PGP Freeware for Windows 95, Windows 98,Windows NT, Windows 2000 & Windows Millennium User’s Guide Version 7.0 (2001), available from http://www.pgpi.org/doc/guide/7.0/en/win/
  3. 3.
    Housley, R., Ford, W., Polk, W., Solo, D.: Internet X.509 Public Key Infrastructure Certificate and CRL profile, RFC 2459 (1999)Google Scholar
  4. 4.
    Stallings, W.: Cryptography and Network Security, 3/E, ch. 11. Prentice-Hall, Englewood Cliffs (2003)Google Scholar
  5. 5.
    Jonsson, J., Kaliski, B.: Public-Key Cryptography Standards (PKCS) #1: RSA Cryptography Specifications Version 2.1. RFC 3447 (February 2003)Google Scholar
  6. 6.
    FIPS Publication 46-2: Data Encryption Standard. National Institute of Standards and Technology, NIST (1993)Google Scholar
  7. 7.
    Rivest, R., Shamir, A., Adleman, L.: A Method for Obtaining Digital Signatures and Public Key Cryptosystems. Comm. of the ACM 21(2), 120–126 (1978)zbMATHCrossRefMathSciNetGoogle Scholar
  8. 8.
    FIPS Publication 180-1: Secure Hash Standard. National Institute of Standards and Technology (NIST) (1995)Google Scholar
  9. 9.
    Krawczyk, H., Bellare, M., Canetti, R.: HMAC: Keyed-Hashing for Message Authentication, RFC2104 (1997)Google Scholar
  10. 10.
    Levi, A.: How Secure is Secure Web Browsing. Comm. of the ACM 46(7), 152 (2003)CrossRefGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2004

Authors and Affiliations

  • Albert Levi
    • 1
  • Mahmut Özcan
    • 1
  1. 1.Faculty of Engineering and Natural SciencesSabanci UniversityTuzla, IstanbulTurkey

Personalised recommendations