SaTC: TTP: Small: Easy Email Encryption

SaTC：TTP：小型：轻松电子邮件加密

• 批准号: 1717801
• 负责人: Steven Bellovin
• 金额: $ 50万
• 依托单位: Columbia University
• 依托单位国家: 美国
• 项目类别: Standard Grant
• 财政年份: 2017
• 资助国家: 美国
• 起止时间: 2017-09-01 至 2021-08-31
• 项目状态: 已结题
• 来源: https://www.nsf.gov/awardsearch/showAward?AWD_ID=1717801&HistoricalAwards=false
• 关键词: SaTC; TTP; Small; Easy; Email

Encryption is not used as widely as it should be, especially for email. One reason is that it's very hard to use; study after study has shown that email users, especially senders, cannot use email encryption correctly. All too often, email is sent unencrypted or encrypted to the wrong recipient, without the sender even realizing it. The essential problem is the certificate: recipients may not have one, or senders may not know how to find it. This project addresses these problems in two ways. First, it makes certificate generation and selection automatic and transparent; when a sender tries to transmit an email message, the recipient's site automatically generates the certificate and returns it to the sender's email client; that program in turn uses the certificate to encrypt the email. Second, when email arrives unencrypted, the recipient's mail client encrypts it with a locally generated key, thus obviating any need for the sender to know or do anything.The schemes rest on one fundamental principle: a significant reason for the complexity of cryptography is that it tries to defend against extremely powerful adversaries. This provides strong protection, but at the expense of usability. The approach of this project is to assume a somewhat less capable adversary; in turn, it achieves a significant reduction in complexity. For automatic key distribution, the sender's email client consults the recipient's site's Lightweight Directory Access Protocol (LDAP) database. If a certificate already exists; it is returned and used for encryption; if it does not, a key pair and certificate are generated. The certificate is stored in the database and returned to the querier; the private key is passed to the recipient. The system also implements receiver-controlled email encryption: when email is received, a modified Internet Message Access Protocol (IMAP) client downloads the message, encrypts it with a locally generated key, and replaces the original email with an encrypted version. This functionality can be incorporated into a standard email client or it can be done via a standalone daemon. Either way, there is no key distribution problem nor any need for sender action. The emails are not protected in transmission, except by Transport Layer Security (TLS); however, they are protected for their likely long lifetime in an IMAP store. If the email had been encrypted by the sender, it is decrypted and then re-encrypted; the same can be done with messages protected by a locally generated key. This allows for key and algorithm refresh, again protecting email in storage.

加密没有得到应有的广泛应用，尤其是对电子邮件。一个原因是它很难使用；一项又一项的研究表明，电子邮件用户，特别是发件人，不能正确使用电子邮件加密。电子邮件经常被发送给错误的收件人，而发件人甚至没有意识到这一点。根本的问题是证书：收件人可能没有证书，或者发送者可能不知道如何找到它。该项目通过两种方式解决这些问题。首先，它使证书的生成和选择变得自动化和透明；当发送者试图传输电子邮件消息时，接收者的站点自动生成证书并将其返回给发送者的电子邮件客户端；该程序反过来使用该证书来加密电子邮件。其次，当电子邮件未加密时，收件人的邮件客户端使用本地生成的密钥对其进行加密，从而不需要发件人知道或做任何事情。这些方案基于一个基本原则：密码学复杂性的一个重要原因是它试图防御极其强大的对手。这提供了强大的保护，但以可用性为代价。这个项目的方法是假设一个能力稍弱的对手；反过来，它实现了复杂性的显著降低。对于自动密钥分发，发件人的电子邮件客户端查询收件人站点的轻量级目录访问协议(LDAP)数据库。如果证书已经存在，则返回该证书并用于加密；如果不存在，则生成密钥对和证书。证书存储在数据库中，并返回给查询者；私钥传递给接收者。该系统还实现了接收者控制的电子邮件加密：当收到电子邮件时，修改的互联网消息访问协议(IMAP)客户端下载该消息，使用本地生成的密钥对其进行加密，并用加密版本替换原始电子邮件。此功能可以整合到标准的电子邮件客户端中，也可以通过独立的守护程序来实现。无论哪种方式，都不存在密钥分发问题，也不需要发送方操作。除了传输层安全(TLS)之外，电子邮件在传输过程中不受保护；但是，它们在IMAP存储中受到保护，因为它们可能存在很长的生存期。如果电子邮件是由发件人加密的，则会对其进行解密，然后重新加密；对于受本地生成的密钥保护的邮件，也可以这样做。这允许密钥和算法更新，再次保护存储中的电子邮件。

项目成果

Protecting Cloud Virtual Machines from Hypervisor and Host Operating System Exploits

• 发表时间: 2019
• 作者: Shih-wei Li;John S. Koh;Jason Nieh

Encrypted cloud photo storage using Google photos

• DOI: 10.1145/3458864.3468220
• 发表时间: 2021-06
• 期刊: Proceedings of the 19th Annual International Conference on Mobile Systems, Applications, and Services
• 作者: John S. Koh;Jason Nieh;S. Bellovin

Optimizing Nested Virtualization Performance Using Direct Virtual Hardware

• DOI: 10.1145/3373376.3378467
• 发表时间: 2020-03
• 期刊: Proceedings of the Twenty-Fifth International Conference on Architectural Support for Programming Languages and Operating Systems
• 作者: J. Lim;Jason Nieh