Chapter 11. CipherMail

CipherMail is a cryptographically enabled email client. It can send and receive encrypted, authenticated messages over the Internet. Like SafeTalk, CipherMail uses classes presented elsewhere in this book.

  • The KeyManager class, from Chapter 5, is used to keep track of all of CipherMail’s keys.

  • The ElGamal cipher and signature classes, presented in Chapter 9, are used to encrypt a session key and to provide authentication. You’ll also need the Jonathan cryptographic provider, oreilly.jonathan.security.Provider.

  • The base64 classes, BASE64Encoder and BASE64Decoder, are used to create ASCII mail messages from binary data. These classes are presented in Appendix B, Base64, as part of the oreilly.jonathan.util package. Alternately, if you wish, you can use the base64 classes with the same names from the sun.misc package, shipped as part of the JDK.

CipherMail uses its own cryptographic message format in conjunction with standard Internet email transport protocols. CipherMail’s use of standard email protocols makes it a tool that is widely useful. This approach, however, has some shortcomings. Specifically, CipherMail encrypts only the body of messages, not their headers. Even if you use CipherMail to encrypt your messages, other people can still find out quite a bit of information simply by examining the messages you send and receive. They’ll know whom you’re writing to, who writes to you, when you send and receive messages, and the subject lines of the messages. ...

Get Java Cryptography now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.