节点文献
基于Mozilla Add-On的IBE邮件加密研究
Research of IBE Encryption Email Based on Mozilla Add-On
【作者】 王维;
【导师】 龙毅宏;
【作者基本信息】 武汉理工大学 , 通信与信息系统, 2014, 硕士
【摘要】 在因特网上,每秒都有成千上万封的邮件在各个服务器之间和客户端之间进行投递,但是它们中的大多数都是通过明码传输的,这样很容易导致个人隐私的泄露和商业机密的失窃。传统的保护数据安全的方法是使用基于数字证书的基础公钥设施(PKI:Public Key Infrastructure),但是PKI的实现面临着很多问题,例如对证书的管理成本比较高、对证书的验证和撤销的步骤有点复杂等问题,这些个问题阻碍了PKI在用户中的发展。而基于身份的加密技术IBE可以直接使用用户的任何身份信息计算得到公钥,大大简化了公钥的使用和管理,使应用起来非常方便。PKI体制使用广泛,IBE体制使用方便,两者的结合系统——伪RSA密钥的IBE加密系统应用而生。Mozilla平台下的Thunderbird邮件客户端是一款功能强大并且应用广泛的邮件客户端,本身自带PKI邮件加密体制的功能。Thunderbird邮件客户端具有代码开源、跨平台性和可扩展功能等优点。本文结合伪RSA密钥的IBE加密系统的研究成果,在Thunderbird上开发了一款扩展应用,使IBE加密技术能够应用于Mozilla平台,而又不影响Mozilla平台自身PKI邮件加密体制的使用。本扩展能够捕捉Thunderbird邮件客户端发送邮件和打开邮件的动作,自动判断是否发送加密邮件或者是打开加密邮件。在发送加密邮件时,能够获得收件人列表,并判断收件人是否有公钥证书,如果没有公钥证书,则能够自动获取伪RSA数字公钥证书并导入到Thunderbird的公钥证书库中,利用公钥证书对邮件进行加密。在打开加密邮件时,能够自动判断当前账户是否有私钥证书,如果没有私钥证书,则能够自动获取伪RSA数字私钥证书并导入到Thunderbird的私钥证书库中,利用私钥证书对邮件进行解密。本文在开发过程中,深入研究了PKI体制和IBE体制,了解了Mozilla平台的基本构架,分析了扩展的组织结构和安装运行机制。本扩展采用XPCOM组件技术来调用伪RSA密钥的IBE加密系统的接口来获取伪RSA公私钥证书。本文的创新和特色之处在于,将IBE加密技术应用于Mozilla平台下的Thunderbird邮件客户端,扩展了Thunderbird邮件客户端的邮件加密功能。在对邮件进行加解密过程中,所有过程基本上不需要用户手动进行操作,都由扩展在后台自动完成,用户使用起来非常方便。目前,在Thunderbird官网上提供的所有扩展中,还没有将IBE加密技术应用于Thunderbird的,所以该扩展有着很好的研究意义。
【Abstract】 On the Internet, there are thousands of emails per second between each serverbetween the client and the delivery, but most of them are clearly transmitted through,so easily lead to leaks and privacy theft of trade secrets. Traditional method is to useto protect the safety of data based on digital certificate of Public Key Infrastructure(PKI), but the realization of PKI is faced with many problems, such as themanagement cost is higher, the certificate of the certificate of verification andcancellation of steps a little complicated, these problems hindered the development ofPKI in the user. And identity based encryption IBE can directly use any user identityinformation to calculate the public key, greatly simplifies the use and management ofthe public, make up is very convenient. PKI system is widely used, IBE system easyto use, a combination of both system, pseudo RSA digital certificate distributionsystem application.Mozilla Thunderbird email client platform is a kind of widely used mail client,itself the function of PKI mail encryption system. Thunderbird email client code isopen source, cross-platform and extensible function, etc. In this paper, combiningwith the results of pseudo RSA digital certificate distribution system, developed anextension on the Thunderbird makes IBE encryption technology can be applied to theMozilla platform, and will not affect the Mozilla platform itself the use of PKI emailencryption system.This extension can capture Thunderbird email client send E-mail and open themail, automatically determine whether to send encrypted mail or open the encryptedmail. When send encrypted mail, access to the recipient list, and determine whetherthe recipient has a public key certificate, if there is no public key certificate, canautomatically access to pseudo RSA digital public key certificate and imported intoThunderbird public key certificate repository, using the public key certificate toencrypt E-mail. When open the encrypted mail, can automatically judge whether thecurrent account has a private key certificate, if there is no private key certificate, canautomatically access to pseudo RSA digital private key certificate and import to theThunderbird private key certificate repository, using encrypted private key certificate for mail.In the development process, this paper deeply studied the PKI system and IBEsystem, understanding the basic framework of the Mozilla platform, analyzing theorganization structure and installation running of the extension mechanism. Thisextension uses the XPCOM component technology to invoke the pseudo RSA digitalcertificate distribution system interface to get pseudo RSA public and privatecertificate.Innovation and characteristic of this article is that IBE encryption technologywas applied to the Mozilla Thunderbird email client platform expands theThunderbird email client E-mail encryption. On E-mail encryption process, allprocesses with almost no user manual, by extending automatically in the background,the user use is very convenient. At present, the Thunderbird’s official website toprovide all of the extension, haven’t IBE encryption technology was applied to theThunderbird, so this extension has a great significance in research.
- 【网络出版投稿人】 武汉理工大学 【网络出版年期】2015年 04期
- 【分类号】TP393.098;TN918.4
- 【被引频次】3
- 【下载频次】48