Next: Other benefits of using
Up: Introduction
Previous: The SEM architecture.
We now describe in more detail how decryption and signing is done
in the SEM architecture:
- - Decryption: suppose Alice wishes to decrypt an email message
using her private key. Recall that encrypted email is composed of two
parts: (1) a short header containing a message-key encrypted using
Alice's public key, and (2) the body contains the email message
encrypted using the message-key. To decrypt, Alice first
sends the short header to her SEM. SEM responds with a short
token. This token enables Alice to read her email. However, it contains
no useful information to anyone but Alice. Hence, communication with the
SEM does not have to be protected or authenticated. We note that
interaction with the SEM is fully managed by Alice's email
reader and does not require any intervention on Alice's part. This
interaction does not use Alice's private key. If Alice wants to read
her email offline, the interaction with the SEM takes places at the
time Alice's email client downloads Alice's email from the email server.
- - Signatures: suppose Alice wishes to sign a message using her
private key. She sends a hash of the message to the SEM which, in turn,
responds with a short token enabling Alice to generate the signature.
As with decryption, this token contains no useful information to anyone but
Alice; therefore, the interaction with the SEM is not encrypted or
authenticated.
Note that all interaction with the SEM involves very short messages.
Next: Other benefits of using
Up: Introduction
Previous: The SEM architecture.
Gene Tsudik
2001-05-10