1. Field of the Invention
The present invention relates generally to generating an authentication signature for an electronic mail message. In particular, the present invention enables multiple parties to sequentially create a single hash value from a message not known in its entirety by any party. The hash value may then be used to authenticate an e-mail message.
2. Description of Background Art
E-mail authentication and certification services are often used to ensure the reliable delivery of e-mail and confirm the identity of the sender. One service offered by Goodmail Systems, Inc., of Mountain View Calif., includes an imprinter associated with the mail sender, which hashes the body and certain fields of an e-mail message, and a generator, associated with a token authority, which performs an additional hash using the hash from the imprinter and a hash based on additional fields in the message header to create a token. The token and e-mail message are then sent to the recipient's ISP, where the token is validated and the message delivered. This arrangement protects the privacy of the message sender, because the original body and certain fields of the e-mail message, such as the addressee and subject, are never provided to the token authority.
Another e-mail authentication service is DomainKeys Identified Mail (DKIM). An organization can apply a DKIM signature to an e-mail message, and the signature can be verified by the receiver, thus ensuring that the e-mail received is from the domain associated with the signature and that the message was not altered en route. A DKIM signature is generated by hashing various header fields and the body of the e-mail message in an order dictated by the DKIM standard.