This invention relates to an electronic mail messaging system, and in particular to a system for sending messages to and receiving messages from a person electronically.
Electronic mail messaging is widely used. It is also known to encrypt electronic mail messages using public key cryptography in which an asymmetric encryption algorithm is used. In particular, a public key associated with the recipient of an electronic mail message is used by the sender to encrypt the message. The resultant encrypted message can only be decrypted by using a private key which is different from the public key and access to which is controlled by the recipient of the message.
A problem with the asymmetric encryption algorithms utilised in public key cryptography is that they are slow in comparison with symmetric encryption algorithms in which the same cryptographic key is used for encryption and decryption. This problem has previously been addressed for electronic mail messaging by employing a so-called KEM-DEM approach in which an encrypted electronic mail message is formed by a Key Encapsulation Mechanism (KEM) part storing a session key (which is unique to the message) encrypted using the public key of the recipient, and a Data Encapsulation Mechanism (DEM) part storing the electronic mail message encrypted by a symmetric encryption algorithm using the session key stored in the KEM part as the cryptographic key. In this way, the amount of decryption performed by the asymmetric encryption algorithm is reduced.
Public key cryptography works well when the recipient always uses a private computer, i.e. one which is under the control of the recipient and is not freely accessible to the public, to access electronic mail messages.
Nowadays, “webmail” services are available which allow a user to use any computer connected to the internet to access electronic mail messages stored in a mailbox in a remote network device. Such webmail services include services in which the mailbox of the user is permanently stored on a server operated by an electronic mail messaging service provider (for example the services provided by Hotmail and Yahoo) and services which allow accessing of messages temporarily stored by an electronic mail messaging service provider pending downloading to a permanent store on a computer associated with the recipient. These webmail services allow a user to access electronic mail messages from a publicly accessible computer, for example at an internet café.
A problem with using publicly accessible computers to access electronic mail messages is that using a private key on a freely accessible computer may compromise the private key, and accordingly the use of conventional public key cryptography is not secure.