Research And Implementation Of Secure Web Email System Based On IBC

With the continuous popularity of the Internet communication,people generally use email for daily communication and deal with the important affairs of life and work.However,email attacks,data leakage and other frequent events marked a big question mark on the security transmission of the email.The existing secure email systems are mostly based on the PKI system,the user's own digital certificate is the premises to use the secure mail,which leads to a series of operational problems about a great numbers of digital certificates,like generation,distribution,cross validation.These cumbersome and complicated operations cast a shadow over the popularity of secure email.Due to the problems of PKI system,Identity-Based Cryptograph is proposed.It is an asymmetric algorithm,its public key is composed by a unique identity(such as email address)and a group of public parameters,and do not need to use digital certificate as a carrier to bind the public key,so it can perfectly solve the problems of exchanging and distributing the massive certificates.However,the commonly used applications do not support IBC technology,by far.Aiming at this problem,this thesis designs and implements a secure Web email system based on IBC by using pseudo RSA digital certificate technology.The system is composed of Web mail system client and Web mail system server.Web mail system client consists of human-computer interface and cipher processing module.The human-computer interface is responsible for providing interfaces to the user,sending cross-domain http requests to the cipher processing module,obtaining the response and displaying results.The cipher processing module is designed as a local agent module,this local agent module is mainly responsible for receiving the requests from the human-computer interface and calling the local IBC CSP to do the operations like mail encryption,signature,decryption,verification and the selection of upload attachments according to the different requests.Web mail system server is composed of Web mail proxy server and mail server.Web mail proxy server is responsible for receiving the requests from the cipher processing module and human-computer interface,and then completing the operations of sending and receiving mails.Mail server can use any mature POP3/SMTP server.In addition,the system also implements the management of the user account,including new account registration and user password modification.The innovations of this paper are as following:(1)Design a secure web mail system based on IBC.It can use IBC technology to handle a series of security processing for mails,which does not exist on the market at present.(2)The pseudo RSA certificate technology is employed to make IBE technology perfectly fused into the existing applications with PKI capacity.IBC technology is applied to mail encryption and decryption,signature and signature verification process by automatically generating the corresponding pseudo RSA digital certificate,the generated SMIME data can be used to structure a mail.So it can support SMIME based email software.(3)Design and implement a no plug-in technology,achieve the corresponding IBC cryptographic technique through local agent module communicate with secure email system server.This method is applicable to any version of any web browser.It avoid the plug-in cannot be suitable for different browsers and different versions of the same browser.The compatibility and versatility of the system is improved,and the development cost is reduced.