Practical and Secure Email System (PractiSES)

PractiSES is an economical and facile system featured a third party source, trusted by all of the emailers. It is able to distribute public keys to each user for the purpose of digitally-signed email encryption/decryption and signature verification by featuring a solid security backbone and cryptographic library.

A practical and secure e-mail system (called “PractiSES”) that performs public key distribution and management in a unique way is implemented. PractiSES is a network of several domains. At the domain level, a designated PractiSES server, which is trusted by all users of that domain, distributes the public keys. If a user needs another user’s publickey at a different domain, then inter-domain communication is carried out. PractiSES clients manage their public keys and obtain public keys of other users by using unique, secure and user-transparent protocols. PractiSES clients can exchange e-mails in encrypted and/or signed fashion. Since on-demand fetching of public keys is aimed in PractiSES, use of certificates is limited for inter-domain communications only; no certificates are used within a domain. Our simulations show that a state-of-the-art PC would be sufficient to serve as PractiSES server of a medium-size organization.

Practical and Secure Email System (PractiSES)

PractiSES does not use the certification mechanisms of PKIs. A central authority, which is trusted by all users, takes the responsibility of key distribution and management in PractiSES. PractiSES Client is an e-mail application that is designed for end users. On top of regular e-mail client features, PractiSES Client can also be used to exchange e-mails among users in encrypted and/or signed fashion.

Signed and encrypted message of PractiSES is the combination of signature and encryption procedures. Signed and encrypted message consists of three parts: (i) message that is encrypted with a random secret key; (ii) secret key that is encrypted with public key of the receiver, and (iii) the digital signature of message. Symmetric cryptographic algorithm is used for encrypting the message and the RSA algorithm is used for encrypting the secret key and signing the message. Before encrypting a message, a secret key is randomly selected and it is used for encrypting the message. Besides, the secret key is encrypted with the public key of receiver. At the end, sender digitally signs hash of the message. Hashing algorithm is used to get hash of the message. The encrypted key, an encrypted message and digital signature of the original message constitute the signed and encrypted message structure of PractiSES as shown in Figure below.

Signed and Encrypted Message

Deployment of System

PractiSES Server and Client software is available to set the system up for your close-group. In order to use PractiSES, MySQL Server, PractiSES Server and PractiSES Client applications should be downloaded. Initially, both the PractiSES Server and MySQL Server are set up. While server is being set up, key pair of PractiSES Server is generated and the public key storage tables are created on MySQL. The password for private key should be known by the “administrator”. Administrator should make the server’s public key reachable to all group members from a web or an ftp site. Finally, from PractiSES Server’s GUI, administrator should make necessary settings such as mail server IP, database user name, password etc.

In the client side, client first downloads the client application (mobile or desktop app) and sets it up to his/her PC or telephone. Consequently, client downloads the server’s public key from a web site that server informed. Secondly, he/she performs security settings such as defining a profile, mail server IP etc. Lastly, he/she triggers the “InitKeySet” protocol from his/her client GUI and uploads his/her public key to public key storage. Note that, PractiSES Server and public key storage must be located in a physically secure room. The system is now ready for all registered and initialized users to exchange secure emails. Other users (uninitialized users) can use the client software for normal e-mail exchange.

Please contact us for further questions about PractiSES system.