Enabling (End-to-End) Encrypted Cloud Emails With Practical Forward Secrecy

Abstract : With the widespread use of cloud emails and frequent reports on large-scale email leakage events, a security property so-called forward secrecy becomes desirable and indispensable for both individuals and cloud email service providers to strengthen the security of cloud email systems. However, due to the failure to meet the security and practicality requirements of email systems simultaneously, typical methods of achieving forward secrecy, such as Diffie-Hellman key exchange and forward-secure public-key encryption, have not been widely approved and adopted. In this paper, to capture forward secrecy of encrypted cloud email systems without sacrificing the practicability, we introduce a new cryptographic primitive named forward-secure puncturable identity-based encryption (fs-PIBE), which enables an email user to perform fine-grained revocation of decryption capacity. Based on this primitive, we build a framework of encrypted cloud email systems, and instantiate it with a concrete fs-PIBE construction that has constant size of ciphertext and provable security in the standard model. Furthermore, to improve the security and efficiency of the presented framework, we extend the proposed scheme to support end-to-end encryption and outsourced decryption, respectively. In addition, as a proof-of-concept of the proposed fs-PIBE scheme, we implement it and produce various experiments to demonstrate its practicability and correctness.

 EXISTING SYSTEM :

 ? In an internet environment, consider the case that a sender B and a receiver A want to achieve secure communication via existing e-mail system and gain efficiency simultaneously. ? The purpose of encrypting bulk M using a conventional cryptographic system and encrypting k using a public key cryptographic system is to earn the efficiency. ? A protocol providing perfect forward secrecy means that even if one entity’s longterm secret key is compromised, it will never reveal any old short-term keys used before. ? The basic protection in an e-mail system is to encrypt the bulk mail using a conventional cryptosystem with a short-term key and to protect the short-term key using a public-key cryptosystem with the receiver’s public key.

 DISADVANTAGE :

 ? In this work we systematically explore the problem of providing forward secrecy in asynchronous messaging systems. ? Our solution to this problem is to cryptographically bind the secret keys for the FS-PKE scheme with those for the punctured encryption scheme. ? To address these issues, we take a different approach. Rather than deleting elements from an existing decryption key, we desire a structure that allows us to add new restrictions on what the key can decrypt. ? In this setting, a trusted third party issues identities and then through some mechanism (typically either directly updating users keys or posting some public update information) updates only the keys of nonrevoked users.

 PROPOSED SYSTEM :

 • In this letter, two secure e-mail protocols based on the Diffie-Hellman key agreement and CEMBS are proposed. • Compared with the conventional method, the proposed scheme uses a short-term key to encrypt the message M, but doesn’t use the receiver’s public key to protect the short-term key. • In order to provide perfect forward secrecy, two new email protocols are proposed. • In the first protocol, the receiver requires a portable device to remember a used secret random integer. To remove the requirement, the second protocol is proposed. • The second protocol is more flexible and suitable to the e-mail system in our real life.

 ADVANTAGE :

 ? In part this is because little work has been conducted to establish the concrete performance characteristics of such a system. ? We provide two types of experiments: microbenchmarks demonstrating performance of our hybrid (PFSE) scheme and simulated results illustrating the cost of the schemes in example usage scenarios. ? While the goal of this section is to investigate the performance of our hybrid scheme, our micro benchmarks illustrate the performance of operations related to the two underlying cryptographic components – forward-secure PKE and puncturable encryption. ? There are two performance metrics we are concerned with: the size of the secret keys and the amount of time we expect to spend perform cryptographic operations necessary to read messages.