Revocation of unread e-mail in an untrusted network
We present protocols for enhancing e-mail systems to allow for secure revocation of messages. This paper identifies the security requirements for e-mail revocation and then shows how our protocols adhere to these requirements. Three different levels of security and threat models are described. We discuss our implementation of the level 1 protocol, which assumes no security infrastructure. The protocols were designed so that existing mailers can easily be enhanced with these new features.
KeywordsShared Secret Security Requirement Electronic Mail Random String Incoming Message
Unable to display preview. Download preview PDF.
- 2.D. Eastlake, S. Crocker, and J. Schiller. Randomness recommendations for security. RFC 1750, December 1994.Google Scholar
- 3.Ceki Gulcu and Gene Tsudik. Mixing E-mail with BABEL. Symposium on Network and Distributed System Security, pages 2–16, February 1996.Google Scholar
- 4.MTS volume 23: Messaging and conferencing in MTS, February 1991.Google Scholar
- 5.National Bureau of Standards. Data encryption standard. Federal Information Processing Standards Publication, 1(46), 1977.Google Scholar
- 6.R. Rivest. The md5 message digest algorithm. RFC 1321, April 1992.Google Scholar
- 8.Douglas Stinson. Cryptography: Theory and Practice. CRC Press, Inc, 1995.Google Scholar
- 9.Domestic mail manual, September 1995.Google Scholar