[1] Jiang Rui, Hu Aiqun, Yang Xiaohui,. Improvements on robust email protocols with perfect forward secrecy [J]. Journal of Southeast University (English Edition), 2008, 24 (2): 139-142. [doi:10.3969/j.issn.1003-7985.2008.02.003]

Copy

Improvements on robust email protocols with perfect forward secrecy()

Share：

Journal of Southeast University (English Edition)[ISSN:1003-7985/CN:32-1325/N]

Volumn:

24

Issue:

2008 2

Page:

139-142

Research Field:

Computer Science and Engineering

Publishing date:

2008-06-03

Info

Title:

Improvements on robust email protocols with perfect forward secrecy

Author(s):

Jiang Rui;  Hu Aiqun;  Yang Xiaohui

School of Information Science and Engineering, Southeast University, Nanjing 210096, China

Keywords:

man-in-the-middle attack;  email;  network security;  perfect forward secrecy

PACS:

TP393

DOI:

10.3969/j.issn.1003-7985.2008.02.003

Abstract:

According to the security shortages of two robust practical email protocols with perfect forward secrecy, attacks on the two protocols are analyzed and corresponding improvements on the two protocols are proposed.First, by analyzing the two email protocols, the corresponding man-in-the-middle attacks are proposed, where the adversary forges the messages in the receiving phase to cheat the two communication participants and makes them share the wrong session keys with him.Consequently, the man-in-the-middle attacks can make the two protocols fail to provide perfect forward secrecy.Secondly, by adding corresponding signatures in the receiving phases of the two protocols, two corresponding improvements on the protocols are proposed to overcome the man-in-the-middle attacks on the two protocols and make them provide perfect forward secrecy.Moreover, the two improved protocols can retain all the merits of the former protocols.

References:

[1] Schneier B.Applied cryptography[M].2nd ed.New York:John Wiley & Sons, Inc., 1995:56-120.
[2] ElGamal T.A public key cryptosystem and a signature scheme based on discrete logarithms [J].IEEE Trans Inform Theory, 1985, 31(4):469-472.
[3] Schneier B. Email security:how to keep your electronic mail private [M].New York:John Wiley & Sons, Inc., 1995:81-156.
[4] Bacard A.The computer privacy handbook:a practical guide to email encryption, data protection, and PGP privacy software [M].Peachpit Press, 1995:18-126.
[5] Kim B, Koo J, Lee D.Robust email protocols with perfect forward secrecy [J].IEEE Communications Letters, 2006, 10(6):510-512.
[6] Sun H, Hsieh B, Hwang H.Secure email protocols providing perfect forward secrecy [J].IEEE Communications Letters, 2005, 9(1):58-60.
[7] Dent A W.Flaws in an email protocol of Sun, Hsieh, and Hwang [J].IEEE Communications Letters, 2005, 9(8):718-719.
[8] Diffie W, Hellman M E.New directions in cryptography [J].IEEE Transactions on Information Theory, 1976, 22(5):644-654.
[9] Zheng Y.Digital signcryption or how to achieve cost(signature and encryption)[C]//CRYPTO’ 97.Santa Barbara, California, USA, 1997:165-179.

Memo

Memo:

Biography: Jiang Rui(1968—), male, doctor, associate professor, R.Jiang@seu.edu.cn.
Foundation item: The Natural Science Foundation of Jiangsu Province(No.BK2006108).
Citation: Jiang Rui, Hu Aiqun, Yang Xiaohui.Improvements on robust email protocols with perfect forward secrecy[J].Journal of Southeast University(English Edition), 2008, 24(2):139-142.

Common functions