Balamaruthu Mani. Supervisor: Professor Barak A. Pearlmutter



Similar documents
Options for encrypted communication with AUDI AG Version of: 31 May 2011

Chapter 6 Electronic Mail Security

Electronic Mail Security. Security. is one of the most widely used and regarded network services currently message contents are not secure

Network Security Essentials Chapter 7

SubmitedBy: Name Reg No Address. Mirza Kashif Abrar T079 kasmir07 (at) student.hh.se

Strong Encryption for Public Key Management through SSL

An Introduction to Secure . Presented by: Addam Schroll IT Security & Privacy Analyst

to hide away details from prying eyes. Pretty Good Privacy (PGP) utilizes many

Cryptography and Network Security Chapter 15

Sync Security and Privacy Brief

Chapter 8. Network Security

Efficient Similarity Search over Encrypted Data

Network Security - Secure upper layer protocols - Background. Security. Question from last lecture: What s a birthday attack? Dr.

The basic groups of components are described below. Fig X- 1 shows the relationship between components on a network.

Announcement. Final exam: Wed, June 9, 9:30-11:18 Scope: materials after RSA (but you need to know RSA) Open books, open notes. Calculators allowed.

Cryptography and Network Security

GlobalSign Enterprise Solutions

Hushmail Express Password Encryption in Hushmail. Brian Smith Hush Communications

PGP from: Cryptography and Network Security

How encryption works to provide confidentiality. How hashing works to provide integrity. How digital signatures work to provide authenticity and

Secure cloud access system using JAR ABSTRACT:

Introduction...3 Terms in this Document...3 Conditions for Secure Operation...3 Requirements...3 Key Generation Requirements...

Office Standardization. Encryption Gateway. A Brief Guide for External Communication Partners.

Message authentication and. digital signatures

EXAM questions for the course TTM Information Security May Part 1

Global Client Access Managed Communications Solutions. JPMorgan - Global Client Access. Managed Internet Solutions (EC Gateway)

CSE/EE 461 Lecture 23

Security Technical. Overview. BlackBerry Enterprise Service 10. BlackBerry Device Service Solution Version: 10.2

IT Networks & Security CERT Luncheon Series: Cryptography

Secure FAQs 1

An Introduction to Cryptography as Applied to the Smart Grid

User Guide Supplement. S/MIME Support Package for BlackBerry Smartphones BlackBerry Pearl 8100 Series

White Paper BMC Remedy Action Request System Security

Secure Part II Due Date: Sept 27 Points: 25 Points

Network Security Protocols

365 Cloud Storage. Security Brief

Thick Client Application Security

Taxonomy of Security Protocol

Elements of Security

Guide for Securing With WISeKey CertifyID Personal Digital Certificate (Personal eid)

Installing your Digital Certificate & Using on MS Out Look 2007.

SecureDoc Disk Encryption Cryptographic Engine

Information Security

FileCloud Security FAQ

Network Security. Computer Networking Lecture 08. March 19, HKU SPACE Community College. HKU SPACE CC CN Lecture 08 1/23

Internet Security. Contents. ITS335: IT Security. Internet Security. Secure . Summary

Network Security - ISA 656 Security

Secure Frequently Asked Questions

Cryptography and Security

Receiving Secure from Citi For External Customers and Business Partners

Guidance End User Devices Security Guidance: Apple OS X 10.9

ACNS Delivery via

12/3/08. Security in Wireless LANs and Mobile Networks. Wireless Magnifies Exposure Vulnerability. Mobility Makes it Difficult to Establish Trust

Communication Systems 16 th lecture. Chair of Communication Systems Department of Applied Sciences University of Freiburg 2009

Oracle Database Security and Audit

CLOUD COMPUTING SECURITY ARCHITECTURE - IMPLEMENTING DES ALGORITHM IN CLOUD FOR DATA SECURITY

How To Encrypt With An Certificate On An From A Gmail Account On A Pc Or Mac Or Ipa (For A Pc) On A Microsoft Gmail (For An Ipa) Or Ipad (For Mac) On

Chapter 10. Network Security

Wakefield Council Secure and file transfer User guide for customers, partners and agencies

Snow Agent System Pilot Deployment version

Efficient Framework for Deploying Information in Cloud Virtual Datacenters with Cryptography Algorithms

BlackBerry Enterprise Service 10. Secure Work Space for ios and Android Version: Security Note

Clearswift Information Governance

Communication Systems SSL

Security. Contents. S Wireless Personal, Local, Metropolitan, and Wide Area Networks 1

BBM Protected Secure mobile

How To Stop A Ddos Attack On A Network From Tracing To Source From A Network To A Source Address

Network Security [2] Plain text Encryption algorithm Public and private key pair Cipher text Decryption algorithm. See next slide

PineApp TM Mail Encryption Solution TM

DKIM Enabled Two Factor Authenticated Secure Mail Client

Forward proxy server vs reverse proxy server

Network FAX Driver. Operation Guide

CIPHERMAIL ENCRYPTION. CipherMail white paper

Guidance Regarding Skype and Other P2P VoIP Solutions

A Noval Approach for S/MIME

BlackBerry Enterprise Solution Security Release Technical Overview

Overview Keys. Overview

Savitribai Phule Pune University

7 Network Security. 7.1 Introduction 7.2 Improving the Security 7.3 Internet Security Framework. 7.5 Absolute Security?

Is your data safe out there? -A white Paper on Online Security

How to Build an Effective Mail Server Defense

Applying Cryptography as a Service to Mobile Applications

CS 393 Network Security. Nasir Memon Polytechnic University Module 11 Secure

Computer System Management: Hosting Servers, Miscellaneous

Policy Based Encryption E. Administrator Guide

Policy Based Encryption E. Administrator Guide

Final Year Project Interim Report

Managing and Securing Computer Networks. Guy Leduc. Chapter 3: Securing applications. Chapter goals: security in practice:

Authentication applications Kerberos X.509 Authentication services E mail security IP security Web security

Security: Focus of Control. Authentication

Transcription:

Balamaruthu Mani Supervisor: Professor Barak A. Pearlmutter

Plain email text Mail Server Mail Server Encrypted on transfer Encrypted on transfer Sender Email Communication Encryption over network Recipient 2

Encrypted email text Mail Server Mail Server Encrypted on transfer Client1 Client side Key and Index management Client2 Email Communication End-to-End Encryption 3

Client side End-to-End Encrypted email is needed to ensure privacy Current tools or extensions that support encrypted email do not have a direct support for search A naive solution would be to decrypt all messages and store them on the local machine Security risk if the local machine is compromised Inefficient as it is not accessible from other machines 4

End-to-End User 1 User 2 Email Encryption Email Client Email Client Secure Searcher Secure Searcher Email Index Email Index Email Index 5

Build a secure index using Goh s Bloom filter technique where Bloom filter is a data structure with bit vector as a base Catch: There is a false positive rate (fp = (1/2)^r where r = (ln 2)(m/n)) based on the number of elements to be mapped (n), size of the Bloom filter (m) and the number of hash functions used (r) 6

-----BEGIN PGP MESSAGE----- Version: Mailvelope v0.13.1 Comment: https://www.mailvelope.com wcfma0vxwhgntluaaq/+kk7+eugzcpg1au2eogbodbzqdmi0malaba3g/zm9 JbwOcpX2z3nMyzz6Ba73aoBczASvXkGEwVsQVioOawgns4NSXnbQgsyJhNer 7c2ERr/MDSPjIwdVf+TfhTp5ddxqf/uOGiKVk4nXM6n0PZ1WVQBtn7GqSTkn IKbNjZ3bMoSw4qLCPezISWXXYBwby35ZQIKz3fY0pdhsAURjPHXuYZlAWvBI qeh5utcecsbhyz0yy8o+b52ucgpcdls7bchrxfht8xzghgre1v7dfiyw+55n DIPf2tF/89KiMTBHUMKN7uE3S2T37TC3F4rmn1bYAX2tCD4Ew1lZCgx9b4ft anvg+yuwrqtzstvgm9cdcx3wwnigqjm2ggwr+uvsosdq0c6pdm4yjflnvrry nlwxmwm40fzdwekcyogg+sewmgauwyhcxetjuhmeomufomzkusdlkfrfcpnn NQGLHsk7A9iCeY7btb2H66O8kEP38VSz95aUMJfplUv5CED4csKyZx0sHSPO Aplc7OYrLsyxKVRiNRkyKr7MxvpnB5B4Y+qYH374v46ncAnbtN+QIlPfMu3m Aw7i2HnJDoWYY9tRV4WRXXemR6UOUTDH0iYcYeSY23TZA2S3wiOc6m6GGBZM jxp7dyzlkf2wkn9red8i/lyndx4vfoew7c5q81yvqldsugfyqo0iatcu2pxa CF/uQGZbGXR+GiGr18lH+xtGX/uhHq/hYN9kZWE1rR6Ypo1CnAbFBUZMVlnn 7vZMGa1IzG6CzLwEzecPSfOAedJzyfCbHWI= =Qj0J -----END PGP MESSAGE-----

1 (Message Id) This is test pgp (Decrypted Message Body) Indexing Key Secure Index For each word in Message This Hash Function store Message Id (1) Hash Function Tw as key Message Id Bloom Filter Set mapped indices

Search Word (pgp) Hash Function Indexing Key Trap door (Tw) Tw as Key Message Id Hash Message Id Check indices in bloom filter Retrieve Message Id Secure Index Bloom Filter 9

Implemented a library in Java using Bouncy Castle cryptographic libraries Exposed APIs Index plain/encrypted messages Search for word/words in the indexed messages Import Open PGP and S/MIME private keys to Key store Integrated the library with Columba email client to demonstrate the secure search library usage 10

Get All Messages 1 Email Indexer Client Message Listener New Message 2 Add Index Remove Index Messages deleted Email Index 11

Get Search Word 1 Email Searcher Client Display Search Results 3 Email Store 2 Email Index 12

Security Technique is IND-CKA semantically secure (Indistinguishability under Chosen Keyword Attack) Security of the implementation depends on the hash function used (Default: Hmac sha256) Ensures confidentiality but not integrity and authenticity Not secure against in-memory attacks on client that decrypts the message Encrypting the message id may provide more security at the expense of search speed 13

Space efficiency vs False positive (Default: 2% with 6 hash functions and 8 bits per word). False positives can be removed by storing all the encrypted words Performance - Time DaCapo Benchmark suite luindex a corpus of 1230 text documents converted to Open PGP and S/MIME encrypted email messages Indexing time is approximately 1 second for indexing 3000 words up to a maximum of 5.5 seconds for 32000 words Search time in terms of number of email messages indexed in the database (3.5 seconds for searching 3690 indexes) 14

Columba email client with integrated secure searcher is available as a runnable jar Columba client and secure searcher library are extensible with plug-in architecture and layered architecture respectively Facebook enables people to add Open PGP public keys to their profile to enhance the privacy of email messages from Facebook! 15

Thank you 16

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information