Visible to the public Biblio

Filters: Author is Bellovin, Steven M.  [Clear All Filters]
2020-01-21
Koh, John S., Bellovin, Steven M., Nieh, Jason.  2019.  Why Joanie Can Encrypt: Easy Email Encryption with Easy Key Management. Proceedings of the Fourteenth EuroSys Conference 2019. :1–16.

Email privacy is of crucial importance. Existing email encryption approaches are comprehensive but seldom used due to their complexity and inconvenience. We take a new approach to simplify email encryption and improve its usability by implementing receiver-controlled encryption: newly received messages are transparently downloaded and encrypted to a locally-generated key; the original message is then replaced. To avoid the problem of moving a single private key between devices, we implement per-device key pairs: only public keys need be synchronized via a simple verification step. Compromising an email account or server only provides access to encrypted emails. We implemented this scheme on several platforms, showing it works with PGP and S/MIME, is compatible with widely used mail clients and email services including Gmail, has acceptable overhead, and that users consider it intuitive and easy to use.