TY - GEN
T1 - A certificateless one-way group key agreement protocol for end-To-end email encryption
AU - Yeh, Jyh Haw
AU - Sridhar, Srisarguru
AU - Dagher, Gaby G.
AU - Sun, Hung Min
AU - Shen, Ning
AU - White, Kathleen Dakota
N1 - Publisher Copyright:
© 2018 IEEE.
PY - 2018/7/2
Y1 - 2018/7/2
N2 - Over the years, email has evolved into one of the most widely used communication channels for both individuals and organizations. However, despite near ubiquitous use in much of the world, current information technology standards do not place emphasis on email security. Not until recently, webmail services such as Yahoo's mail and Google's gmail started to encrypt emails for privacy protection. However, the encrypted emails will be decrypted and stored in the service provider's servers. If the servers are malicious or compromised, all the stored emails can be read, copied and altered. Thus, there is a strong need for end-To-end (E2E) email encryption to protect email user's privacy. In this paper, we present a certificateless one-way group key agreement protocol with the following features, which are suitable to implement E2E email encryption: (1) certificateless and thus there is no key escrow problem and no public key certificate infrastructure is required; (2) one-way group key agreement and thus no back-And-forth message exchange is required; and (3) n-party group key agreement (not just 2-or 3-party). This paper also provides a security proof for the proposed protocol using 'proof by simulation'. Finally, efficiency analysis of the protocol is presented at the end of the paper.
AB - Over the years, email has evolved into one of the most widely used communication channels for both individuals and organizations. However, despite near ubiquitous use in much of the world, current information technology standards do not place emphasis on email security. Not until recently, webmail services such as Yahoo's mail and Google's gmail started to encrypt emails for privacy protection. However, the encrypted emails will be decrypted and stored in the service provider's servers. If the servers are malicious or compromised, all the stored emails can be read, copied and altered. Thus, there is a strong need for end-To-end (E2E) email encryption to protect email user's privacy. In this paper, we present a certificateless one-way group key agreement protocol with the following features, which are suitable to implement E2E email encryption: (1) certificateless and thus there is no key escrow problem and no public key certificate infrastructure is required; (2) one-way group key agreement and thus no back-And-forth message exchange is required; and (3) n-party group key agreement (not just 2-or 3-party). This paper also provides a security proof for the proposed protocol using 'proof by simulation'. Finally, efficiency analysis of the protocol is presented at the end of the paper.
KW - Certificateless PKC
KW - End-To-end email encryption
KW - One-way group key agreement
UR - http://www.scopus.com/inward/record.url?scp=85062878213&partnerID=8YFLogxK
U2 - 10.1109/PRDC.2018.00014
DO - 10.1109/PRDC.2018.00014
M3 - Conference contribution
AN - SCOPUS:85062878213
T3 - Proceedings of IEEE Pacific Rim International Symposium on Dependable Computing, PRDC
SP - 34
EP - 43
BT - Proceedings - 2018 IEEE 23rd Pacific Rim International Symposium on Dependable Computing, PRDC 2018
PB - IEEE Computer Society
T2 - 23rd IEEE Pacific Rim International Symposium on Dependable Computing, PRDC 2018
Y2 - 4 December 2018 through 7 December 2018
ER -