Secure Email Communication with XML-based Technologies
Produktform: Buch
Email is one of the most successful applications in Internet. The current email format is specified in RFC
822 of Internet Engineering Task Force (IETF) and has several unavoidable restrictions.
Firstly, the data structure is very complex. Header fields that describe the representation of the email
body are merged with header fields for the addressing and administration and header fields added during
the transport. Furthermore, the complexity of the structure of the email body increases when the email is
signed or encrypted. Secondly, the email format is not suitable for massive storage. Thirdly, no individual
information can be delivered to specific blind recipients. Thus the sending client either removes all blind
recipients from the message—which results in that a blind recipient cannot check whether she is the intended
one—or creates a message without blind recipients to all non-blind recipients and creates for each
blind recipient a copy of the message with only the intended recipient in the “Bcc” field. Fourthly, the Signature
and encryption must cover the message body as a whole, the message header remains unprotected.
If the message is signed or encrypted, even if one wishes to read only one multipart body part, one must
download the whole message, and verify the signature or process the decryption over the whole message.
Fifthly, integrity of header fields is not protected in a signed email. This may result in phishing attacks
when the sensitive fields are modified.
To solve these problems, we developed a new email format, called XMail. A message is specified by
an XML document. XML Signature and XML Encryption are used to secure the email communication. In
XMail, it is possible to read, verify and decrypt only one multipart body part without retrieving the other
body parts. Individual information can be sent to blind recipients so that only one copy of a message is
needed, independent on the number of blind recipients. Due to the careful design of XMail, the storage
of messages in email server and the reading of messages are very efficient. In this unified data structure,
different key management technologies like PGP and X.509 can still be used.
Furthermore we developed two solutions for the current email format. We propose to use parts of
the security mechanisms designed for XMail in the current email format to achieve a security format for
different key management technologies like PGP and X.509, and developed a lossless and simple storage
format.weiterlesen