View all newsletters
Receive our newsletter - data, insights and analysis delivered to you
  1. Technology
September 13, 2012

Scientists develop new encoding to enhance email security

New encoding to enhance email security

By CBR Staff Writer

A team of computer scientists, Duncan Wong and Xiaojian Tian of City University of Hong Kong have suggested a technical solution to enable email security to be independent of the server used to send message.

The scientists claimed that the new method can reduce the risk of interception of personal email by third party ensuring secrecy of the emails.

According to the team, an e-mail system offers a perfect forward secrecy if any third party, together with the e-mail server, will not be able to recover earlier session keys flanked by the sender and the recipient even after compromising of the secret keys of the sender and the recipient.

Based on the principle, the team advises the possibility of exchanging emails with almost nil risk of interference from third parties.

The team was quoted by International Journal of Security and Networks as saying: "Our protocol provides both confidentiality and message authentication in addition to perfect forward secrecy."

According to the Journal, the protocol developed by the team involves person A sending an encrypted email to person B expecting that person B cannot intercept and decrypt the message.

Prior to the encryption of email and sent the protocol proposed by the team has person A’s computer post an identification code to the email server.

Content from our partners
Powering AI’s potential: turning promise into reality
Unlocking growth through hybrid cloud: 5 key takeaways
How businesses can safeguard themselves on the cyber frontline

Further the server develops a random session "hash" which is then utilised for encrypting the genuine encryption key for the email which is to be sent by person A.

In the interim, person B as assumed recipient, obtain the key used to develop the hash and recover an identification tag, which will enable both the parties to confirm their identities.

As a different key is utilised to lock up the PGP encrypted email with a subsequent one-time layer, though the PGP security is compromised precedent emails created with the same key cannot be unlocked, the team concludes.

Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how Progressive Media Investments may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.