Send emails securely with a secret handshake
Spies recognize each other by a secret handshake. Thanks to a new cryptographic technique , this type of protection is now also possible for e-mails. Good news for online spies - and all others who exchange sensitive information, such as doctors and journalists.
You are an FBI agent who must pass on secret information about a criminal to a CIA agent. You meet in a dark alley. With a secret handshake you ensure that you exchange information with the right person. Thanks to that handshake, you do not have to disclose any information or your own identity in advance.
Nowadays a lot of secret communication no longer takes place in dark alleys, but online. Digital handshakes are used there. Only if the handshake of two parties agrees do they exchange information. If that is not the case, then nothing will be exchanged.
Time difference
For this digital handshake, it is now necessary for the two parties to be online at the same time. It is not possible that one sends a mail with a handshake in the morning, and that the other confirms the handshake in the afternoon and opens the mail.
This is changing thanks to a group of American researchers. They have developed a cryptographic handshake method for digital communication with a time difference.
Conditions lists
By combining existing cryptographic encryption techniques in a new way, the researchers developed so-called matchmaking encryption. An independent authority creates digital keys for this. One for the encryption (the encryption ) of the message, and one for decrypting it (decryption).
The sender encrypts the message with such a key. Then comes the matchmaking aspect. The sender and receiver both draw up a list of conditions. For example, an FBI agent states that the message may only be sent to a CIA agent who works in New York and who is looking for criminal X. And the CIA agent only wants to receive messages from an FBI agent in Chicago who has information about criminal X.
Once the recipient is online, the authority goes through the condition lists simultaneously. Only if all the conditions of both parties are met, does he send and decrypt the message. "This way the conditions of the sender and of the receiver are met in one system, " says Giuseppe Ateniese, professor at the Stevens Institute of Technology and lead author of the article.
The sender and receiver cannot see the verification. If the secret handshake fails, no one can figure out the condition that caused it. Everyone remains anonymous. In addition, as the recipient you determine the conditions for receipt. This way you prevent incriminating information from entering your mailbox.
Matchmaking bulletin board
The researchers tested their encryption method with an online 'matchmaking' notice board. This digital sign was accessible via the Tor Browser. A web browser, similar to Chrome or Firefox, but aimed at anonymous communication.
The researchers left messages on the digital board. Users looked at the board, looking for a message whose conditions came over with their own list. Only if the conditions lists match, will the recipient see it. The control was found to link the transmitters and receiver correctly within a few milliseconds.
The technique is a fast, promising encryption method. But, the researchers write, the efficiency of drafting conditions could be better. The comparison of the lists must also be improved to prevent problems if the channel is malicious.
References: Network World, Github