期刊文献+

一种前向安全的电子邮件协议 被引量:3

Towards a Secure E-mail Protocol with Perfect Forward Secrecy
下载PDF
导出
摘要 电子邮件已成为Internet环境中传送通讯数据的一个重要应用.为了安全有效地传递电子邮件协议数据,目前很多研究者从电子邮件协议的基本安全性以及可认证电子邮件协议等方面提出了一些安全方案.但这些方案仅仅解决了电子邮件协议的某些安全需求,并不能从实用安全电子邮件协议的角度来提供完整的安全解决方案.本文首次给出了一个安全电子邮件的定义,提出了一个前向安全的电子邮件协议.该协议利用短期密钥来加密协议消息,并且使用Diffie-Hellman算法进行短期密钥协商.安全分析表明该协议不仅保证了协议的基本安全性,而且确保了协议的前向安全性.另外,该协议还提供了安全电子邮件协议中所需要的可认证性,时效性和敏感性. E-mail has been an important application to transfer the data of communication on Internet.In order to securely and efficiently transfer the E-mail message,many researchers focus on the issues of providing basic encryption function for E-mail protocol or certified E-mail schemes.However,these schemes only meet part of the security requirements for a secure E-mail protocol,and fail to provide a complete solution from the view of a practical secure E-mail protocol.A secure E-mail protocol is defined and proposed for the first time in this paper.In this protocol,the message is encrypted by the short-term encryption keys which are negotiated by the Diffie-Hellman algorithm.The security analysis shows that the scheme not only provides the basic security mechanism but also guarantees the perfect forward secrecy.In addition,this protocol resolves the problems of certification,timeliness and sensitivity,which are strongly needed by a secure E-mail protocol.
出处 《电子学报》 EI CAS CSCD 北大核心 2009年第10期2302-2308,共7页 Acta Electronica Sinica
基金 国家973重点基础研究发展规划(No.2009CB32501) 国家863高技术研究发计划(No.2007AA01Z2A2 No.2009AA01Z205) "十一五"国家科技支撑计划重大项目(No.2008BAH37B03)
关键词 电子邮件 网络安全 密钥协商 electronic mail network security key agreements
  • 相关文献

参考文献17

  • 1Voltage Security, Inc. [ OL ]. http://www, voltage, com/.
  • 2Sun H M,Heish B T,Hwang H J. Secure E-mail Protocols Providing Perfect Forward Secrecy[ J]. IEEE Communications Letters,2005,9(1) :58 - 60.
  • 3Bruce S, James R.A Certified E-mail Protocol[A] .Proceedings of 14th Annual Computer Security Application Conference 1998 (ACSAC1998) [C]. 1998.
  • 4Dent A W. Flaws in an E- Mail Protocol of Sun, Hsieh, and Hwang[ J ]. IEEE Communications Letters, 2005,9 (8) : 718 -719.
  • 5Zhou J, Gollmann D. Certified Electronic Mail[ A]. Proceedings of 4th European Symposium on Research in Computer Security 1996 (ESORICS 1996)[C]. 1996.160- 171.
  • 6Bao F, Deng R, Mao W. Efficient and practical fair exchange protocols with off-line TTP[ A] .Proceeding of IEEE Symposium on Security and Privacy[ C]. 1998.77 - 85.
  • 7Henry P,Luo H. Off-the-record Email System[A]. Proceeding of 20th Conference on Computer Communications 2001 (INFOCOM 2001)[C].2001.869 - 877.
  • 8Abadi M, Glew N, Home B, Pinkas B. Certified Email with a Light On-line Trusted Third Party:Design and Implementation [ A ]. Proceedings of the 11th International Conference on World Wide Web 2002 (WWW02)[C] .2002.
  • 9Deng R H,Gong L,Lazar A, and Wang W. Practical protocols for certified electronic e-mail[ J] .Journal of Networks and Systems Management, 1996,4 (3) : 279 - 297.
  • 10Ateniese G., Medeiros B D, Goodrich M T. TRICERT: A Distributed Certified E-Mail Scheme[ A]. Proceedings of Network and Distributed System Security Symposium 2000 (NDSS 200)[C] .2000.

二级参考文献10

  • 1Subramanian S.Design and verification of secure e-commerce protocols[D].USA:The Ohio State University,1998.
  • 2Denning D E,Sacco G M.Timestamps in key distribution protocols[J].Comm.of ACM,1981,24(8):533-536.
  • 3Syverson P.Adding time to a logic of authentication[A].In Proc.of the 1st ACM Conf.on Computer and Communications Security[C].Fairfax:ACM,1993.97-101.
  • 4Abadi M,Tuttle M R.A semantics for a logic of authentication[A].Proc.of the 10th Annual ACM Symposium on Principles of Distributed Computing[C].1991.201-216.
  • 5Stubblebine S G,Wright R N.An authentication logic supporting synchronization,revocation,and recency[A].Proc.of the 3rd ACM Conf.on Computer and Communications Security[C].New Delhi:ACM,1996.95-105.
  • 6Kailar R.Accountability in electronic commerce protocols[J].IEEE Trans.on Software Engineering,1996,22(5):313-328.
  • 7Kudo M.Electronic submission protocol based on temporal accountability[A].Proc.of 14th Annual Computer Security Application Conf.[C].Phoenix:ACSA,1998.353-363.
  • 8Sirbu M,Tygar J D.NetBill:an internet commerce system optimized for network delivered services[J].IEEE Personal Communications,1995,2(4):34-39.
  • 9Yee B,Tygar J D.Secure coprocessors in electronic commerce applications[A].Proc.of the 1st USENIX Workshop on Electronic Commerce[C].New York:USENIX,1995.155-170.
  • 10Burrows M,Abadi M,Needham R M.A logic of authentication.Report.39[R].Palo Alto,CA:DEC System Research Center,1989.

共引文献5

同被引文献20

引证文献3

二级引证文献5

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部