Abstract
Proxy encryption schemes transform cipher-text from one key to another without revealing the plain-text. Agents that execute such transformations are therefore minimally trusted in distributed systems leading to their usefulness in many applications. However, till date no application of proxy encryption has been deployed and used in practice. In this work we describe our efforts in developing a deployable secure mailing list solution based on proxy encryption techniques. Securing emails exchanged on mailing lists requires that confidentiality, integrity, and authentication of the emails be provided. This includes ensuring their confidentiality while in transit at the list server; a functionality that is uniquely supported by proxy encryption. In developing this solution we addressed the challenges of identifying requirements for deployability, defining a component architecture that maximizes the use of COTS components to help in deployment, developing the proxy encryption protocol to satisfy requirements and to fit within the component architecture, implementing and testing the solution, and packaging the release. As evidence of its deployability, the resulting secure mailing list solution is compatible with common email clients including Outlook, Thunderbird, Mac Mail, Emacs, and Mutt.
Chapter PDF
Similar content being viewed by others
Keywords
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
References
Adida, B., Hohenberger, S., Rivest, R.L.: Lightweight Encryption for Email. In: Proceedings of Usenix’s Symposium on Reducing Unwanted Traffic on the Internet (SRUTI 2005) (July 2005)
Ateniese, G., Fu, K., Green, M., Hohenberger, S.: Improved proxy re-encryption schemes with applications to secure distributed storage. In: Proceedings of the 12th Annual Network and Distributed System Security Symposium (NDSS), San Diego, CA, February 3-4 (2005)
Bentley, D., Rose, G.G., Whalen, T.: ssmail: Opportunistic Encryption in sendmail. In: Proceedings of the 13th Usenix Systems Administration Conference (LISA) (1999)
Blaze, M., Bleumer, G., Strauss, M.: Divertible protocols and atomic proxy cryptography. In: Nyberg, K. (ed.) EUROCRYPT 1998. LNCS, vol. 1403, pp. 127–144. Springer, Heidelberg (1998)
Boneh, D., Franklin, M.: Identity based encryption from the Weil pairing. SIAM Journal of Computing 32(3), 586–615 (2003)
Boneh, D., Gentry, C., Waters, B.: Collusion Resistant Broadcast Encryption with Short Ciphertexts and Private Keys. In: Shoup, V. (ed.) CRYPTO 2005. LNCS, vol. 3621, pp. 258–275. Springer, Heidelberg (2005)
Brownlee, N., Guttman, E.: Expectations for Computer Security Incident Response, IETF Network Working Group, RFC 2350 (June 1998)
Callas, J., Donnerhacke, L., Finney, H., Thayer, R.: OpenPGP Message Format, IETF Network Working Group, Request for Comments, RFC 2440 (November 1998)
Callas, J.: Identity-Based Encryption with Conventional Public-Key Infrastructure. In: Proceedings of the 4th Annual PKI R&D Workshop (2005)
Chiu, Y.-P., Lei, C.-L., Huang, C.-Y.: Secure Multicast Using Proxy Encryption. In: Qing, S., Mao, W., López, J., Wang, G. (eds.) ICICS 2005. LNCS, vol. 3783, pp. 280–290. Springer, Heidelberg (2005)
Crocker, S., Freed, N., Galvin, J., Murphy, S.: MIME Object Security Services, IETF Network Working Group, Request for Comments, 1848 (October 1995)
Delaney, M. (ed.): Domain-based Email Authentication Using Public-Keys, IETF Internet Draft (September 2005)
Ding, X., Tsudik, G.: Simple Identity-Based Cryptography with Mediated RSA. In: Proceedings of the RSA Conference. Cryptographer’s Track (2003)
Dodis, Y., Fazio, N.: Public Key Broadcast Encryption for Stateless Receivers. In: ACM Workshop on Digital Rights Management (DRM) (November 2002)
Franklin, M., Tsudik, G.: Secure group barter: multi-party fair exchange with semi-trusted neutral parties. In: Financial Cryptography (1998)
Gamal, T.E.: A Public Key Cryptosystem and a Signature Scheme Based on the Discrete Logarithm. IEEE Transactions of Information Theory 31(4), 469–472 (1985)
Hoffman, P. (ed.): Enhanced Security Services for S/MIME, IETF Network Working Group, RFC 2634 (June 1999)
Ivan, A., Dodis, Y.: Proxy Cryptography Revisited. In: Proceedings of the Network and Distributed System Security Symposium (NDSS) (February 2003)
Jakobsson, M.: On quorum controlled asymmetric proxy re-encryption. In: Imai, H., Zheng, Y. (eds.) PKC 1999. LNCS, vol. 1560, pp. 112–121. Springer, Heidelberg (1999)
Khurana, H., Slagell, A., Bonilla, R.: SELS: A Secure E-mail List Service. In: The Security Track of the ACM Symposium on Applied Computing (SAC) (March 2005)
Khurana, H., Hahm, H.-S.: Certified Mailing Lists. In: Proceedings of the ACM Symposium on Communication, Information, Computer and Communication Security (ASIACCS 2006), Taipei, Taiwan (March 2006)
Khurana, H., Koleva, R.: Scalable Security and Accounting Services for Content-Based Publish Subscribe Systems. International Journal of E-Business Research 2(3) (2006)
Kim, Y., Perrig, A., Tsudik, G.: Simple and Fault-Tolerant Key Agreement for Dynamic Collaborative Groups. In: Proceedings of 7th ACM Conference on Computer and Communication Security (CCS) (2000)
Linn, J.: Privacy Enhancement for Internet Electronic Mail: Part I: Message Encryption and Authentication Procedures. IETF PEM WG RFC 21 (1993)
Mambo, M., Okamoto, E.: Proxy Cryptosystems: Delegation of the Power to Decrypt Ciphertexts. IEICE Transactions on Fundamentals E80-A(1) (1997)
Ramsdell, B. (ed.): Secure/Multipurpose Internet Mail Extensions (S/MIME) Version 3.1 Message Specification, IETF Network Working Group, Request for Comments, RFC 3851 (July 2004)
Smetters, D.K., Durfee, G.: Domain-based authentication of identity-based cryptosystems for secure email and IPsec. In: Proceedings of the 12th Usenix Security Symposium, Washington, DC, August 4-8 (2003)
Wei, W., Ding, X., Chen, K.: Multiplex Encryption: A Practical Approach to Encrypting Multi-Recipient Emails. In: Qing, S., Mao, W., López, J., Wang, G. (eds.) ICICS 2005. LNCS, vol. 3783, pp. 269–279. Springer, Heidelberg (2005)
West-Brown, M.J., Stikvoort, D., Kossakowski, K.-P., Killcrece, G., Ruefle, R., Zajicek, M.: Handbook for Computer Security Incident Response Teams (CSIRTs), CERT Handbook, CMU/SEI-2003-HB-002 (April 2003), available at: http://www.cert.org/archive/pdf/csirt-handbook.pdf
Wong, C.K., Gouda, M.G., Lam, S.S.: Secure group communications using key graphs. IEEE/ACM Transactions on Networking 8(1), 16–30 (2000)
Zimmerman, P.: The Official PGP User’s Guide. MIT Press, Cambridge (1995)
Zhou, J.: On the Security of a Multi-Party Certified Email Protocol. In: Proceedings of the International Conference on Information and Communications Security, Malaga, Spain (October 2004)
Zhou, L., Marsh, M.A., Schneider, F.B., Redz, A.: Distributed Blinding for Distributed ElGamal Re-Encryption. In: International Conference on Distributed Computing Systems (ICDCS), pp. 815–824 (2005)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2006 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Khurana, H., Heo, J., Pant, M. (2006). From Proxy Encryption Primitives to a Deployable Secure-Mailing-List Solution. In: Ning, P., Qing, S., Li, N. (eds) Information and Communications Security. ICICS 2006. Lecture Notes in Computer Science, vol 4307. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11935308_19
Download citation
DOI: https://doi.org/10.1007/11935308_19
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-49496-6
Online ISBN: 978-3-540-49497-3
eBook Packages: Computer ScienceComputer Science (R0)