The goal of this project is to allow two people to jointly own an email account, such that an email can only be sent when both parties agree on the exact contents.
Imagine you're a member of an organization in which certain decisions must be approved, via email, by two individuals. Currently, this would likely require both people to individually send an email signaling their approval. But in this project, we introduce a new cryptographic protocol that would allow both decision makers to signal their approval with a single email. This is achieved by having an email account that is "shared" between the two decision makers. In order to send an email, the individuals must use our protocol, which enforces that the text of the email is agreed on by both parties. Our protocol further enforces that an email can be sent only when both parties participate in the sending process, which ensures that the decision is unanimous.
Our protocol is completely client-side, and is designed to be immediately compatible with Gmail, Outlook, and many other email services.
Our protocol makes use of secure multi-party computation (MPC), a subfield of cryptography that studies methods for multiple people to securely evaluate the output of some function on their own private inputs, which they do not wish to share. The main technical contribution of this project is an implementation of Transport Layer Security (TLS, a protocol used to send and receive encrypted information over the internet) in MPC. This allows two parties to jointly act as the client in a TLS connection with a server (in our use case, the server is an email server). Each user is given a "share" of the password to the email account. This ensures that a single group member cannot collude to send an email, as they are unable to retrieve the password. And even when the protocol is successfully used, the password is encrypted inside of a TLS packet which cannot be decrypted by any individual group member. This allows the protocol to be used repeatedly without losing any security guarantees.
This project was done under the supervision of Dr. Mike Rosulek.
| Attachment | Size |
|---|---|
 poster_12.pdf | 399.22 KB |
