From Proxy Encryption Primitives to a Deployable Secure-Mailing-List Solution

Proxy encryption schemes transform cipher-text from one key to another without revealing the plain-text. Agents that execute such transformations are therefore minimally trusted in distributed systems leading to their usefulness in many applications. However, till date no application of proxy encryption has been deployed and used in practice. In this work we describe our efforts in developing a deployable secure mailing list solution based on proxy encryption techniques. Securing emails exchanged on mailing lists requires that confidentiality, integrity, and authentication of the emails be provided. This includes ensuring their confidentiality while in transit at the list server; a functionality that is uniquely supported by proxy encryption. In developing this solution we addressed the challenges of identifying requirements for deployability, defining a component architecture that maximizes the use of COTS components to help in deployment, developing the proxy encryption protocol to satisfy requirements and to fit within the component architecture, implementing and testing the solution, and packaging the release. As evidence of its deployability, the resulting secure mailing list solution is compatible with common email clients including Outlook, Thunderbird, Mac Mail, Emacs, and Mutt.