Electronic mail (“e-mail”) messages may be generally encoded using one of a number of known protocols to facilitate secure message communication. The Secure Multiple Internet Mail Extensions (“S/MIME”) protocol, for example, relies on public and private encryption keys to provide confidentiality and integrity, and on a Public Key Infrastructure (PKI) to communicate information that provides authentication and authorization. Data encoded using a private key of a private key/public key pair can only be decoded using the corresponding public key of the pair, and data encoded using a public key of a private key/public key pair can only be decoded using the corresponding private key of the pair. Other known standards and protocols may be employed to facilitate secure message communication, such as Pretty Good Privacy™ (PGP) and variants of PGP such as OpenPGP, for example. PGP-based systems also utilize public and private encryption keys to provide confidentiality and integrity, although the authenticity of public keys used in the encoding of PGP messages are validated in a different manner as compared to S/MIME systems. Constructs similar to that of a “certificate” (as used in S/MIME for example) containing a public key and information on the key holder may be provided in secure message communication standards and protocols. One example of such a construct is known as a “PGP key” in PGP-based systems.
An encoded message may be encrypted, digitally signed (“signed”), or both. Consider a signed message that is received by a user at a computing device (e.g. a mobile device). The message will typically comprise one digital signature generated using the signer's private key, although some protocols may permit multiple, individual portions of a message to be signed. Where multiple portions of a message are signed, the message may comprise multiple digital signatures. If the user possesses the public key that will successfully decode a given digital signature generated with the signer's private key, then the user will be able to authenticate the signer and verify the integrity of the signed data. A public key may, in some cases, accompany the received message.
Despite the safeguards afforded by the use of digital signatures, there are, however, instances in which security may be still be compromised. For example, a private key of an individual may be used to sign a message. A user receives the message, and a public key accompanying the message successfully decodes the digital signature in the message. Successful verification of the digital signature would suggest that the individual signed the message, and that the message was not modified in transport. However, suppose that unbeknownst to the user, the private key used to encode the digital signature does not belong to the sender of the message as identified in the header of the message. In this example, the user may be led to believe, in error, that the identified sender had signed the message even though the identified sender is not, in fact, the individual who signed the message.