Abstract
Recently, Sun et al. (2005) highlighted the essential property of perfect forward secrecy (PFS) for e-mail protocols when a higher security level is desirable. Furthermore, Sun et al. (2005)’s protocols take only a single e-mail server into account. Actually, it is much more common that the sender and the recipient register at different e-mail servers. Compared to existing protocols, the protocol proposed in this paper takes into account the scenario that the sender and the recipient register at different servers. The proposed protocol is skillfully designed to achieve PFS and end-to-end security as well as to satisfy the requirements of confidentiality, origin, integrity and easy key management. The comparison in terms of functionality and computational efficiency demonstrates the superiority of the present scheme.
This is a preview of subscription content, log in via an institution to check access.
Similar content being viewed by others
References
Dent, A.W., 2005. Flaws in an e-mail protocol of Sun, Hsieh and Hwang. IEEE Commun. Lett., 9(8):718–719. [doi:10.1109/LCOMM.2005.1496593]
Diffie, W., Hellman, M.E., 1976. New directions in cryptography. IEEE Trans. Inf. Theory, 22(6):644–654. [doi:10.1109/TIT.1976.1055638]
Kim, B.H., Koo, J.H., Lee, D.H., 2006. Robust e-mail protocols with perfect forward secrecy. IEEE Commun. Lett., 10(6):510–512. [doi:10.1109/LCOMM.2006.1638632]
Lin, I.C., Lin, Y.B., Wang, C.M., 2006. An Improvement on Secure E-Mail Protocols Providing Perfect Forward Secrecy. Proc. 9th Joint Conf. on Information Sciences, p.697–700. [doi:10.2991/jcis.2006.102]
Park, J.M., Ray, I., Chong, E.K.P., Siegel, H.J., 2003. A Certified E-Mail Protocol Suitable for Mobile Environments. Proc. IEEE Global Telecommunications Conf., p.1394–1398. [doi:10.1109/GLOCOM.2003.1258467]
Phan, R.C.W., 2008. Cryptanalysis of e-mail protocols providing perfect forward secrecy. Comput. Stand. Inter., 30(3):101–105. [doi:10.1016/j.csi.2007.08.007]
Puigserver, M.M., Gomila, J.L.F., Rotger, L.H., 2005. Certified E-Mail Protocol with Verifiable Third Party. Proc. IEEE Int. Conf. on e-Technology, e-Commerce and e-Service, p.548–551. [doi:10.1109/EEE.2005.46]
Rivest, R.L., Shamir, A., 2001. PayWord and MicroMint: Two Simple Micropayment Schemes. MIT Laboratory for Computer Science, Cambridge, MA, p.1–18. [doi:10.1007/3-540-62494-5_6]
RSA Laboratories, 2000. RSA Laboratories’ Frequently Asked Questions about Today’s Cryptography, V4.1. Bedford, USA.
Schneier, B., Riordan, J., 1998. A Certified E-Mail Protocol. Proc. 14th Annual Computer Security Applications Conf., p.347–352.
Sun, H.M., Hsieh, B.T., Hwang, H.J., 2005. Secure e-mail protocols providing perfect forward secrecy. IEEE Commun. Lett., 9(1):58–60. [doi:10.1109/LCOMM.2005.01004]
Thompson, J., 1996. S/MIME Message Specification: PKCS Security Services for MIME. RSA Data Security Inc. Available from http://www.rsa.com [Accessed on Feb. 22, 2009].
Zimmermann, P.R., 1995. The Official PGP User’s Guide. MIT Press, Cambridge, Massachusetts, USA.
Author information
Authors and Affiliations
Corresponding author
Additional information
Project supported by the National Science Council (No. NSC 98-2221-E-415-006-)
Rights and permissions
About this article
Cite this article
Chen, Th., Wu, Yt. A new protocol of wide use for e-mail with perfect forward secrecy. J. Zhejiang Univ. - Sci. C 11, 74–78 (2010). https://doi.org/10.1631/jzus.A0910126
Received:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1631/jzus.A0910126