SecureCMail: Securing Emails from Service Providers


Email is regularly used as a primary form of communication and as such, email messages might contain highly sensitive information such as social security numbers, passport credentials, credit card information, etc. It is often assumed that information sent over email is available to intended parties only, which might not always be the case. This has lead to concerns over email confidentiality. Emails are stored on infrastructure belonging to email service providers (ESPs). They are generally not read by the service providers, but there exists a potential threat from these ESPs as they can have access to users' email messages. ESPs may not be able to guarantee users' privacy in all scenarios due to the possibilities of various security breaches across the network. Threats from malicious external adversaries obtaining unauthorized access to these email servers and subsequently to users' emails may cause a huge loss in privacy. With growing concern over mass surveillance, privacy infringement and online attacks leading to unauthorized access and data theft, there have been various attempts to add security to email communication with varying degrees of success.

Key Contributions

This research focuses on these security issues associated with emails and presents a method called S3Email, Shamir Secret Sharing (S3) based email, which uses a desktop mail user agent (MUA) application. The proposed method aims to address security under the Semi-malicious ESP threat model. The core idea behind the proposed solution is to use S3 technique to create shares of an email message (email subject, body and attachment) before it is sent. The shares are reconstructed at the receiver's end to reveal the original email message. The distinct characteristics of the proposed S3Email method are:

  • Since the S3Email method is based on the S3 scheme which doesn't require a key, it not only avoids the key storage problem, but also provides information theoretic security.
  • The S3Email method doesn't require any additional email infrastructure; rather it uses a decentralized architecture for email communication utilizing existing email services.
  • Unlike other schemes that use PGP, the S3Email method does not require PGP and reduces reliance on third party services and infrastructure for email security.