In this paper, a practical and secure e-mail system (called “PractiSES”) that performs public key distribution and management in a unique way is proposed. PractiSES is a network of several domains. At the domain level, a designated PractiSES server, which is trusted by all users of that domain, distributes the public keys. If a user needs another user's public key at a different domain, then inter-domain communication is carried out. PractiSES clients manage their public keys and obtain public keys of other users by using unique, secure and user-transparent protocols. PractiSES clients can exchange e-mails in encrypted and/or signed fashion. Since on-demand fetching of public keys is aimed in PractiSES, use of certificates is limited for inter-domain communications only; no certificates are used within a domain. Our simulations show that a state-of-the-art PC would be sufficient to serve as PractiSES server of a medium-size organization.
[1]
Jakob Jonsson,et al.
Public-Key Cryptography Standards (PKCS) #1: RSA Cryptography Specifications Version 2.1
,
2003,
RFC.
[2]
Russ Housley,et al.
Internet X.509 Public Key Infrastructure Certificate and CRL Profile
,
1999,
RFC.
[3]
Hugo Krawczyk,et al.
HMAC: Keyed-Hashing for Message Authentication
,
1997,
RFC.
[4]
Adi Shamir,et al.
A method for obtaining digital signatures and public-key cryptosystems
,
1978,
CACM.
[5]
Blake Ramsdell,et al.
S/MIME Version 3 Message Specification
,
1999,
RFC.
[6]
Ralph Howard,et al.
Data encryption standard
,
1987
.
[7]
Albert Levi.
How secure is secure Web browsing?
,
2003,
CACM.