Implementation Study of Public Key Cryptographic Protection in an Existing Electronic Mail and Document Handling System

The problem which is addressed in this paper is to study the public key data protection (privacy, integrity and signatures) of an existing electronic mail and document handling system. This is not a trivial and straightforward problem since the protocols have to be tailored to the user’s needs and since many trade-offs are involved between speed, security and ease of use. Moreover the final security of the overall system not only depends on the choice of the cryptographic algorithm, but also on the communication protocol, the key management and their implementation (physical security and computer security). In other words the security is a property of the whole system [3]. Although many of the arguments described in the paper are rather system dependent, it is expected that the approaches taken here are valuable for other applications too. The readers are however cautioned not to transfer the conclusions blindly.