Email security remains crucial in today’s digital information exchange, with Pretty Good Privacy (PGP), which is one of the widely used encryption techniques for email. However, PGP’s key distribution vulnerabilities persist as a significant challenge. We previously integrated blockchain technology with Elliptic Curve Cryptography (ECC) and zero-knowledge proofs (zk-SNARKs) to enhance PGP key distribution. This approach utilized blockchain’s immutability for secure key sharing and zk-SNARKs for efficient verification without exposing sensitive data. While our initial implementation improved key distribution security, it utilized a fixed ECC key length, which did not address the diverse security needs of users across various contexts. Email communications range from simple personal messages to highly sensitive corporate or government correspondence, each requiring different levels of encryption strength. Additionally, users operate on devices with varying computational capabilities, from smartphones to high-performance workstations. This paper introduces a flexible key length mechanism to our blockchain-based PGP key distribution system. We implement support for multiple ECC key lengths (ECC-256, ECC-384, and ECC-521), allowing users to dynamically adjust encryption strength based on message sensitivity, recipient requirements, and device capabilities. We evaluate this approach by analyzing blockchain performance metrics, including gas consumption, transaction costs, and memory requirements, through case studies of three different scenarios: casual personal email, professional communication, and highly confidential government communication.

错误:搜索内容不能为空,请输入英文关键词
错误:关键词超出字数限制,请精简
高级检索

A Blockchain-Based Approach for Secure Email Encryption with Variable ECC Key Lengths Selection

  • Md. Biplob Hossain,
  • Maya Rahayu,
  • Samsul Huda,
  • Md. Arshad Ali,
  • Yuta Kodera,
  • Yasuyuki Nogami

摘要

Email security remains crucial in today’s digital information exchange, with Pretty Good Privacy (PGP), which is one of the widely used encryption techniques for email. However, PGP’s key distribution vulnerabilities persist as a significant challenge. We previously integrated blockchain technology with Elliptic Curve Cryptography (ECC) and zero-knowledge proofs (zk-SNARKs) to enhance PGP key distribution. This approach utilized blockchain’s immutability for secure key sharing and zk-SNARKs for efficient verification without exposing sensitive data. While our initial implementation improved key distribution security, it utilized a fixed ECC key length, which did not address the diverse security needs of users across various contexts. Email communications range from simple personal messages to highly sensitive corporate or government correspondence, each requiring different levels of encryption strength. Additionally, users operate on devices with varying computational capabilities, from smartphones to high-performance workstations. This paper introduces a flexible key length mechanism to our blockchain-based PGP key distribution system. We implement support for multiple ECC key lengths (ECC-256, ECC-384, and ECC-521), allowing users to dynamically adjust encryption strength based on message sensitivity, recipient requirements, and device capabilities. We evaluate this approach by analyzing blockchain performance metrics, including gas consumption, transaction costs, and memory requirements, through case studies of three different scenarios: casual personal email, professional communication, and highly confidential government communication.