Hsien-Hau Chen, Yung-Sheng Chen, Hsia-Ling Chiang, Chung-Huang Yang
{"title":"Design and implementation of smartcard-based secure e-mail communication","authors":"Hsien-Hau Chen, Yung-Sheng Chen, Hsia-Ling Chiang, Chung-Huang Yang","doi":"10.1109/CCST.2003.1297564","DOIUrl":null,"url":null,"abstract":"E-mail system is by far the most widely used application in the Internet. However, mainly due to the lack of communication security, sensitive messages could not transmit securely over open networks using off-the-shell e-mail systems. A new secure e-mail system is proposed and implemented to extend the popular Microsoft Outlook e-mail software with flexible security services and to combine these services tightly with smartcards. The enhanced security services include data confidentiality, authentication of message originator and recipient, data integrity, and nonrepudiation. The proposed system provides two approaches for secure e-mail communication, one is base on the certification authority (CA) and the other is base on the keys distribution center (KDC), such that a complete solution may be satisfied for both open public and private enterprise. Windows-based smart cards, NexCard 2.0, is adopted as portable security tokens to store private key for generating digital signature, to store multiple digital certificates issued from the CAs and to store the master key shared with the KDC. We also designed and implemented cryptographic libraries, CSP 2.0 and PKCS#11, which is need for secure interaction of smartcard module with applications.","PeriodicalId":344868,"journal":{"name":"IEEE 37th Annual 2003 International Carnahan Conference onSecurity Technology, 2003. Proceedings.","volume":"160 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2003-10-14","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"2","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"IEEE 37th Annual 2003 International Carnahan Conference onSecurity Technology, 2003. Proceedings.","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/CCST.2003.1297564","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 2
Abstract
E-mail system is by far the most widely used application in the Internet. However, mainly due to the lack of communication security, sensitive messages could not transmit securely over open networks using off-the-shell e-mail systems. A new secure e-mail system is proposed and implemented to extend the popular Microsoft Outlook e-mail software with flexible security services and to combine these services tightly with smartcards. The enhanced security services include data confidentiality, authentication of message originator and recipient, data integrity, and nonrepudiation. The proposed system provides two approaches for secure e-mail communication, one is base on the certification authority (CA) and the other is base on the keys distribution center (KDC), such that a complete solution may be satisfied for both open public and private enterprise. Windows-based smart cards, NexCard 2.0, is adopted as portable security tokens to store private key for generating digital signature, to store multiple digital certificates issued from the CAs and to store the master key shared with the KDC. We also designed and implemented cryptographic libraries, CSP 2.0 and PKCS#11, which is need for secure interaction of smartcard module with applications.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
