Design of secure and independent controllable email system based on Identity-Based Cryptography

摘要

Email is an import part of critical information infrastructure, whose security has attracted more and more attention from the public. Due to technical reasons, traditional email system sends cross-domain emails across the Internet in plain text. The inherent vulnerability of email system causes enormous risks of information disclosure and misuse. The fundamental way out lies in secure transformation of email function entities and business processes by applying modern cryptographic technologies. Combining the analysis on the architecture and data flows of tradition email system, with the development trends of Identity-Based Cryptography, this paper put forward secure and independent controllable email system based on Identity-Based Cryptography. Three concrete applied solutions—client encrypting dedicated to third party, mail server encrypting before transmission and industry private network SM9 encrypting alliance, are proposed and introduced in detail. Then a comparison is performed to point out appropriate scenarios of three solutions, providing investigation and theoretic basis for upgrading and reconstruction of secure email system.