Abstract
Ciphire Mail is cryptographic software that provides email encryption and digital signatures. The Ciphire Mail client resides on the user’s computer between the email client and the email server, intercepting, encrypting, decrypting, signing, and authenticating email communication. During normal operation, all operations are performed in the background, making it very easy to use even for non-technical users. Ciphire Mail provides automated secure public-key exchange using an automated fingerprinting system. It uses cryptographic hash values to identify and validate certificates, thus enabling clients to detect malicious modification of certificates. This data is automatically circulated among clients, making it impossible to execute fraud without alerting users. The Ciphire system is a novel concept for making public-key cryptography and key exchange usable for email communication. It is the first transparent email encryption system that allows everyone to secure their communications without a steep learning curve.
This is a preview of subscription content, log in via an institution to check access.
Preview
Unable to display preview. Download preview PDF.
Similar content being viewed by others
References
Diffie, W., Hellmann, M.E.: New Directions in Cryptography. IEEE Transactions on Information Theory (1976)
Schneier, B., et al.: Twofish: A 128-bit Block Cipher (June 1998), http://www.schneier.com/paper-twofish-paper.pdf
Kaliski, B.: PKCS #1: RSA Cryptography Specifications Version 2.0., RFC 2437 (March 1998)
NIST: “Digital Signature Standard (DSS)”, FIPS 186-2 (January 2000)
ElGamal, T.: A public-key cryptosystem and a signature scheme based on discrete logarithms. IEEE Transactions on Information Theory IT-31, 469–472 (1985)
NIST: “Advanced Encryption Standard (AES)”, FIPS-192 (November 2001)
NIST: “Specifications for the Secure Hash Standard”, FIPS 180-2 (August 2002)
Klensin, J., et al.: Simple Mail Transfer Protocol., RFC 2821 (April 2001)
Myers, J., Rose, M.: Post Office Protocol - Version 3, RFC 1939 (May 1996)
Crispin, M.: Internet Message Access Protocol - Version 4rev1, RFC 2060 (December 1996)
Frier, A., Karlton, P., Kocher, P.: The SSL 3.0 Protocol., Netscape Communications Corp. (November 1996)
Dierks, T., Allen, C.: The TLS Protocol Version 1.0., RFC 2246 (January 1999)
ITU: Information technology - Abstract Syntax Notation One (ASN.1): Specification of basic notation, ITU-T Recommendation X.680 (ISO/IEC 8824-1:2002) (2002)
Housley, R., et al.: Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL), RFC 3280 (April 2002)
Callas, J., et al.: OpenPGP Message Format, RFC 2440 (November 1998)
Haber, S., Stornetta, W.S.: How to Time-Stamp a Digital Document. Journal of Cryptography (1991)
Freed, N.: Multipurpose Internet Mail Extensions (MIME) Part One: Format of Internet Message Bodies, RFC 2045 (November 1996)
Ferguson, N., Schneier, B.: Practical Cryptography. Wiley, Chichester (2003)
Krawczyk, H., et al.: HMAC: Keyed-Hashing for Message Authentication, RFC 2104 (February 1997)
Whitting, D., Housley, R., Ferguson, N.: Counter with CBC-MAC (CCM) (2002), http://www.macfergus.com/pub/ccm.html
Anderson, R., Biham, E., Knudson, L.: The Case for Serpent (March 2000), http://www.cl.cam.ac.uk/~rja14/serpent.html
Rijmen, V., Barreto, P.S.L.M.: The Whirlpool Hash Function (2001), http://planeta.terra.com.br/informatica/paulobarreto/WhirlpoolPage.html
Eilebrecht, L.: Ciphire - Technical Product Description, Ciphire Labs, unpublished
Housley, R., Ferguson, N.: Security Design Review of the Ciphire System (July 2004)
Schneier, B.: Analysis of the Ciphire System’s Resistance to Insider Attacks (January 2005)
Davis, D.: Defective Sign & Encrypt in S/MIME, PKCS#7, MOSS, PEM, PGP, and XML. In: Proceedings USENIX Technical Conference (2001)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2005 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Eilebrecht, L. (2005). Ciphire Mail Email Encryption and Authentication. In: Patrick, A.S., Yung, M. (eds) Financial Cryptography and Data Security. FC 2005. Lecture Notes in Computer Science, vol 3570. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11507840_20
Download citation
DOI: https://doi.org/10.1007/11507840_20
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-26656-3
Online ISBN: 978-3-540-31680-0
eBook Packages: Computer ScienceComputer Science (R0)