FriendlyMail: Confidential and Verified Emails among Friends

Despite being one of the most basic and popular Internet applications, email still largely lacks user-to-user cryptographic protections. From a research perspective, designing privacy-preserving techniques for email services is complicated by the requirement of balancing security and ease-of-use needs of everyday users. For example, users cannot be expected to manage long-term keys (e.g., PGP key-pair), or understand crypto primitives. To enable intuitive email protections for a large number of users, we design FriendlyMail by leveraging existing relationships between a sender and receiver on an online social networking (OSN) site. FriendlyMail can pro- vide integrity, authentication and confidentiality guarantees for user-selected messages among OSN friends. A confidentiality-protected email is encrypted by a randomly-generated key, and the key and hash of the encrypted content are privately shared with the receiver via the OSN site. Our implementation consists of a Firefox addon and a Facebook app, and can secure the web-based Gmail service using Facebook as the OSN site; the addon is available at: https://madiba.encs.concordia.ca/software/friendlymail/. However, the design can be implemented for preferred email/OSN services as long as the email and OSN providers are non-colluding parties. FriendlyMail is a client-end solution and does not require changes to email or OSN servers. In contrast to most other solutions, we limit our target user base to existing OSN users, to facilitate ease of adoption. In this paper, the focus of our discussion includes: the design, implementation and security analysis of the proposed solution. We acknowledge that a user study will be required to validate usability-related features of FriendlyMail. We are currently considering a comprehensive user study as separate future work; cf. past such studies of PGP (Whitten and Tygar, USENIX Security 1999), S/MIME (Garfinkel and Miller, SOUPS 2005)

Privacy Preserving Web-Based Email

Abstract. Recent web-based applications offer users free service in exchange for access to personal communication, such as on-line email services and instant messaging. The inspection and retention of user communication is generally intended to enable targeted marketing. However, unless specifically stated otherwise by the collecting service’s privacy policy, such records have an indefinite lifetime and may be later used or sold without restriction. In this paper, we show that it is possible to protect a user’s privacy from these risks by exploiting mutually oblivious, competing communication channels. We create virtual channels over online services (e.g., Google’s Gmail, Microsoft’s Hotmail) through which messages and cryptographic keys are delivered. The message recipient uses a shared secret to identify the shares and ultimately recover the original plaintext. In so doing, we create a wired “spread-spectrum ” mechanism for protecting the privacy of web-based communication. We discuss the design and implementation of our open-source Java applet, Aquinas, and consider ways that the myriad of communication channels present on the Internet can be exploited to preserve privacy.