Practical Implementation of a Secure Email System Using Certificateless Cryptography and Domain Name System

Email is currently the most widely used communication system in daily life. To improve security and efficiency, most email systems adopt Public Key Infrastructure (PKI) as the mechanism to implement security, but PKI based systems suffer from expensive certificate management and problems in scalability. Identity Based Cryptography (IBC) is another method, but it has the inherent drawback of Key Escrow. This paper proposes an implementation of a practical, secure email system based on certificateless cryptography, which uses Domain Name System (DNS) as the infrastructure for public key exchange and a secure key token/fingerprint authentication system for user authentication. The message payload is encrypted by a per-email symmetric key generated from a secret value, the public and private keys of both the sender and the receiver. The proposed mailing system is secure against standard security model.