A Forward-Secure E-Mail Protocol without Certificated Public Keys - PowerPoint PPT Presentation

1 / 11
About This Presentation
Title:

A Forward-Secure E-Mail Protocol without Certificated Public Keys

Description:

Password-based e-mail protocol. Considerations of an e-mail system for mobile applications ... g1, g2: two generators of G : A's one-time private/public key pair : ... – PowerPoint PPT presentation

Number of Views:29
Avg rating:3.0/5.0
Slides: 12
Provided by: Tif77
Category:

less

Transcript and Presenter's Notes

Title: A Forward-Secure E-Mail Protocol without Certificated Public Keys


1
A Forward-Secure E-Mail Protocol without
Certificated Public Keys
  • Source Information Sciences, article in press
  • Author Jeong-Ok Kwon, Ik-Rae Jeong and
    Dong-Hoon Lee
  • Speaker Ting-Fang Cheng
  • Date 2009/10/08

2
Introduction (1/2)
The common e-mail architecture
Mail Servers
Store-and-forward system
Sender (A)
Receiver (B)
M
M
3
Introduction (2/2)
Considerations of an e-mail system for mobile
applications
  • Confidentiality and authenticity
  • PGP, 1995
  • Forward secrecy
  • Diffie-Hellman key exchange, 1976
  • Sun et al.s e-mail protocol, 2005
  • Kim et al.s e-mail protocol, 2006
  • Efficiency
  • Password-based e-mail protocol

4
Notations
  • SA the mail server which A registered
  • SB the mail server which B registered
  • pwA As password shared with SA
  • pwB Bs password shared with SB
  • G the finite cyclic group of order q
  • p a large prime
  • g1, g2 two generators of G
  • As one-time private/public key
    pair
  • Bs one-time private/public key
    pair
  • Ek(.)/Dk(.) the symmetric encryption/decryption
    algorithm with key k
  • PEk(.)/PDk(.) the public-key encryption/decryptio
    n algorithm with key k
  • Mac(.), F(.), H(.) three pseudorandom functions

5
Proposed protocol (1/6)
The scenario
  • Assume that A wants to send a message M to B
  • A and B have registered at distinct mail servers
    SA and SB respectively
  • SA stores (A, )
  • SB stores (B, )

6
Proposed protocol (2/6)
Login phase of A
SA
A
Selects xA ? Zq Computes
A, XA
Selects yA ? Zq Computes
SA,
Computes
Computes
7
Proposed protocol (3/6)
Login phase of A
SA
A
Verifies Computes
Verifies Computes
Key agreement
8
Proposed protocol (4/6)
Sending phase of A
SA
SB
A
Establish a short-term key kSS through a secure
AKE protocol
Computes
YB
Decrypts YB Computes
YA
9
Proposed protocol (5/6)
Sending phase of A
SA
SB
A
YA
Decrypts YA to get Computes
Z1
Decrypts Z1 to get Z Computes
Z2
Decrypts Z2 Stores (A, B, Z) in database
10
Proposed protocol (6/6)
Receiving phase of B
B
SB
B login to SB and produces a key KB shared with SB
Searches database Computes
Computes Chooses new public/private key pair
to replace the old one in its
mobile device
Decrypts the message to get Replaces
with
11
Conclusions
  • Forward secrecy
  • Password-based protocol
  • Practicality and efficiency
Write a Comment
User Comments (0)
About PowerShow.com
Home About Us Terms and Conditions Privacy Policy Presentation Removal Request Contact Us
Copyright 2024 CrystalGraphics, Inc. — All rights Reserved. PowerShow.com is a trademark of CrystalGraphics, Inc.
The PowerPoint PPT presentation: "A Forward-Secure E-Mail Protocol without Certificated Public Keys" is the property of its rightful owner.
Do you have PowerPoint slides to share? If so, share your PPT presentation slides online with PowerShow.com. It's FREE!