Communication is at the heart of modern business and computer networks. Millions of dollars can be made or lost in a moment on the basis of the content of a single message. As a result, reliable and efficient techniques for ensuring the security of communications can be crucial to conducting effective business.
Two important aspects of trust in the area of network communications are end-point authentication (“authentication”) and message integrity. Authentication refers to techniques for confirming that a message that purports to have been sent by a particular sender actually originated from that sender (e.g., not from a third-party impostor). For example, with respect to email communications, it is possible for a malicious third party to send an email to a recipient that falsely purports to originate from a different sender by specifying that sender's email address as the originating email address in a Simple Mail Transfer Protocol (SMTP) header, a technique sometimes referred to as “spoofing.” Message integrity refers to mechanisms for determining that a message that was received by a recipient is the same message that was originally sent by the sender and was not, for example, tampered with by an intervening third party.
Conventional symmetric- and asymmetric-key encryption techniques can be used to provide for message authentication and integrity verification. However, these conventional techniques often impose significant computational, security, and administrative burdens on users and users' devices.
For example, in a public key infrastructure (PKI) system, which is a popular scheme for practicing asymmetric-key encryption, an entity can purchase a set of credentials, consisting of a matching public key and private key pair, from a trusted third party, such as a Certificate Authority. A certificate-holder sender may encrypt or digitally sign messages using its private key, which a recipient may decrypt or verify using the sender's corresponding public key, as attested to by the issuing Certificate Authority.
However, relying on PKI keys for message authentication and integrity verification can impose significant burdens on a certificate-holder. For example, in order to obtain PKI keys, senders must typically purchase PKI credentials from a Certificate Authority. The process of obtaining such credentials from a Certificate Authority may not only involve onerous requirements for proving a sender's identity and legality to the Certificate Authority, but may also come at significant financial expense to the sender.
Moreover, PKI-based authentication may be successful only insofar as a certificate-holder's private key is kept entirely secret and secure from all other parties. In the event that a private key is compromised, a certificate-holder may be subject to impersonation by a third-party impostor or other bad actor. Thus, it often becomes incumbent upon a certificate-holder to take a number of corrective actions in response to a private key being compromised, such as revoking the associated PKI certificate with the Certificate Authority, notifying recipients with whom the certificate-holder has communicated in the past using the PKI certificate, etc. Not only are such corrective actions burdensome, but they may also be delayed in their effectiveness in preventing unlawful impersonation with the appropriated private key, such that a malicious third party may continue to impersonate the certificate-holder for a period of time, even after the fraud is discovered.
PKI-based authentication can also impose a heavy technical and administrative burden on certificate-holders, especially when a sender needs to maintain multiple private keys, each of which may be associated with different communications, business divisions, recipients, levels of security, etc. While large enterprises, such as corporations and government agencies, may have infrastructures in place that are capable of handling such burdens and mitigating some of the above-described deficiencies of PKI-based authentication, smaller organizations and individual end-users often do not. As a result, smaller organizations and individual users frequently forgo the use of any kind of encryption, authentication, or message integrity security mechanisms for everyday communications, such as email, thus placing such entities at risk.
Accordingly, there is a need for communication security mechanisms that are robust enough to provide for effective and reliable end-point authentication and message integrity verification, yet are also light-weight and flexible enough to enable less sophisticated users to employ with little to no user involvement or administrative overhead.