Secure XMaiL or how to get rid of legacy code in secure e-mail applications

Authors:
Lars Ewers;Wolfgang Kubbilun;Lijun Liao;Jörg Schwenk
Affiliations:
Bochum, Germany;MediaSec Technologies GmbH, Essen, Germany;Hörst Görtz Institute for IT Security, Ruhr-University, Bochum;Hörst Görtz Institute for IT Security, Ruhr-University, Bochum
Venue:
CMS'05 Proceedings of the 9th IFIP TC-6 TC-11 international conference on Communications and Multimedia Security
Year:
2005

Citing 2
Cited 0

Views, reactions and impact of digitally-signed mail in e-commerce

FC'05 Proceedings of the 9th international conference on Financial Cryptography and Data Security
Ciphire mail email encryption and authentication

FC'05 Proceedings of the 9th international conference on Financial Cryptography and Data Security

Quantified Score

Hi-index	0.00

Visualization

Abstract

E-mail is one of the oldest applications on the internet. Clients have to adhere to message formats that have been defined in RFC 822 [13] back in 1982, and at the same time be able to transport all types of content. Additionally, there are severe restrictions for the use of both encryption and digital signatures due to the adherence to RFC822. In this paper we propose a new approach based on our XMaiL project: Using the XMaiL parser, we transform header and body of the mail into an XML object. This transformation preserves both the MIME and the PKCS#7 structure of the mail. We describe the security enhancements that are possible using XMaiL such as selective encryption and signature of parts of the e-mail, or signature of critical fields in the header of the mail.