WO2020176975A1 - Blockchain-based secure email system - Google Patents

Blockchain-based secure email system Download PDF

Info

Publication number
WO2020176975A1
WO2020176975A1 PCT/CA2020/050267 CA2020050267W WO2020176975A1 WO 2020176975 A1 WO2020176975 A1 WO 2020176975A1 CA 2020050267 W CA2020050267 W CA 2020050267W WO 2020176975 A1 WO2020176975 A1 WO 2020176975A1
Authority
WO
WIPO (PCT)
Prior art keywords
blockchain
email
recipient
key
content
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Ceased
Application number
PCT/CA2020/050267
Other languages
French (fr)
Inventor
Francois Dumas
Yuming QIAN
Patricia POPERT-FORTIER
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Zeu Crypto Networks Inc
Original Assignee
Zeu Crypto Networks Inc
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Zeu Crypto Networks Inc filed Critical Zeu Crypto Networks Inc
Priority to CN202080018217.9A priority Critical patent/CN113508563A/en
Priority to CA3130464A priority patent/CA3130464A1/en
Priority to JP2021551808A priority patent/JP2022522788A/en
Priority to KR1020217031107A priority patent/KR20210137073A/en
Priority to US17/432,040 priority patent/US20220198049A1/en
Priority to EP20765968.1A priority patent/EP3932021A4/en
Publication of WO2020176975A1 publication Critical patent/WO2020176975A1/en
Priority to IL285952A priority patent/IL285952A/en
Anticipated expiration legal-status Critical
Ceased legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • G06F21/6227Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database where protection concerns the structure of data, e.g. records, types, queries
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/90Details of database functions independent of the retrieved data types
    • G06F16/901Indexing; Data structures therefor; Storage structures
    • G06F16/9024Graphs; Linked lists
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6209Protecting access to data via a platform, e.g. using keys or access control rules to a single file or object, e.g. in a secure envelope, encrypted and accessed using a key, or with access control rules appended to the object itself
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/64Protecting data integrity, e.g. using checksums, certificates or signatures
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L51/00User-to-user messaging in packet-switching networks, transmitted according to store-and-forward or real-time protocols, e.g. e-mail
    • H04L51/42Mailbox-related aspects, e.g. synchronisation of mailboxes
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/0435Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply symmetric encryption, i.e. same key used for encryption and decryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/0442Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply asymmetric encryption, i.e. different keys for encryption and decryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • H04L63/102Entity profiles
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/12Applying verification of the received information
    • H04L63/123Applying verification of the received information received data contents, e.g. message integrity
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/12Applying verification of the received information
    • H04L63/126Applying verification of the received information the source of the received data
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0819Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
    • H04L9/0825Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) using asymmetric-key encryption or public key infrastructure [PKI], e.g. key signature or public key certificates
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/30Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3236Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions
    • H04L9/3239Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions involving non-keyed hash functions, e.g. modification detection codes [MDCs], MD5, SHA or RIPEMD
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/50Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols using hash chains, e.g. blockchains or hash trees
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W4/00Services specially adapted for wireless communication networks; Facilities therefor
    • H04W4/12Messaging; Mailboxes; Announcements
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/56Financial cryptography, e.g. electronic payment or e-cash
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2463/00Additional details relating to network architectures or network communication protocols for network security covered by H04L63/00
    • H04L2463/062Additional details relating to network architectures or network communication protocols for network security covered by H04L63/00 applying encryption of the keys

Definitions

  • the present application relates generally to a secure email system and more specifically to a blockchain-based secure email system.
  • Email is not as secure as we have allowed us to believe.
  • the traditional email system authenticates only on the email server according to the user name and password, while the information itself is typically stored in plain text on the server. Therefore, vulnerabilities in email service can be exploited by malevolent actors to obtain sensitive information contained in the mailbox.
  • the data of email systems is stored centrally. Vulnerabilities in the email storage service may leak important mail information or lead to email tampering. Failure of email services, either through software or hardware failures, may also lead to loss of important email messages. After accessing the computer through these vulnerabilities, an intruder can readily obtain the email address and the corresponding username, password and the content of emails. If there is an email address book, the intruder can also get the contact information of those people. There are also vulnerabilities in some email clients. Intruders can inject a Trojan Horse into special format emails. The user then executes the Trojan Horse when the email is opened, creating a potentially dangerous security risk.
  • a blockchain messaging system comprising: a first blockchain mail agent comprising: a first interface for communication with a first smart contract on a first blockchain; a second interface for communication with a shared storage; and a third interface for receiving a transmission request for a message from a sender to a recipient.
  • the first blockchain mail agent receives the transmission request, determines that a mailbox of the recipient is in a blockchain, and upon determining: encrypts content of the message; saves the encrypted content to the shared storage at a storage index; and creates a smart contract request for the first smart contract.
  • the first smart contract generates a transaction record and saves the transaction record in the first blockchain.
  • a method of secure messaging using a blockchain includes: receiving a transmission request for a message from a sender to a recipient, the sender having a sender account on the blockchain; generating a cypher key; encrypting content of the message using the cypher key; storing the encrypted content to a shared storage at a storage index; and encrypting the storage index and the cypher key with a public key of the recipient so that only the recipient having a private key corresponding to the public key of the recipient can access the storage index and cypher key.
  • FIG. l is a simplified system architecture block diagram
  • FIG. 2 is a simplified diagram illustrating sending and receiving email from mailboxes in the same blockchain
  • FIG. 3 is a simplified diagram illustrating the internal logic of a blockchain mail agent
  • FIG. 4 is a simplified diagram illustrating internal logic of mail transfer agent (MTA);
  • FIG. 5 is a simplified diagram illustrating a detailed process of sending cross-chain email.
  • FIG. 6 is a simplified diagram illustrating two services: one for sending email, and another one for checking email.
  • A“blockchain” is a tamper-evident, shared digital ledger that records transactions in a public or private peer-to-peer network of computing devices.
  • the ledger is maintained as a growing sequential chain of cryptographic hash-linked blocks.
  • A“node” is a device on a blockchain network.
  • the device is typically be a computer having a processor interconnected to a processor readable medium including memory, having processor readable instructions thereon.
  • a combination of blockchain technology and email technology can effectively solve the problems identified in the background section.
  • the blockchain authenticates the sender and the recipient of the blockchain email. This authentication cannot be forged. All content and attachments are encrypted with the other party's encryption key and stored on the distributed storage service. Third parties cannot obtain all of the data. Should the data be illegally retrieved, it is still not possible to decrypt the corresponding data without the appropriate key. All email content and attachments are processed, signed by the sender to generate fingerprint information, and stored in the blockchain, which means the sender’s public key can verify the email for accuracy at any time. The recipient decrypts the data using their private key and verifies the data fingerprint on the blockchain to ensure that the data is not altered or forged. This fully distributed decentralized email system can fundamentally guarantee the security of email.
  • the present specification describes a blockchain email system that supports both internal and cross-chain emails with the potential to interact with non-blockchain email systems.
  • the email information will be recorded in the blockchain to ensure the authenticity of the email.
  • blockchain mailboxes exchange messages, the email information will be encrypted and stored in distributed storage; only the recipient can obtain the unique cypher key and storage location of the email, thereby ensuring the security of email transmissions.
  • FIG. 1 depicts a system architecture diagram for an embodiment of the present invention. As illustrated, the system architecture diagram includes of the following components.
  • Component 101 is a standard email client.
  • an email service is provided, for example as an email client plugin, to capture the content of the email via an internal protocol or a standard email protocol through a secure mail agent component 103.
  • the agent identifies the blockchain email by the special tag in email content. If the email is normal email, the email will go through the traditional email server; otherwise, the email will be encrypted and sent through blockchain email service.
  • the local mail agent could provide POP3 and SMTP interface to local email clients, thus any third party email client could send /receive email through the secure local email agent service.
  • the Secure Mail Agent is required to run on the same node as the standard email client to prevent the non-secure mail messages from being transmitted and saved on the network.
  • the standard email client could have a plugin, which interacts with the email client’s user interface (UI) to capture the content of the email.
  • UI user interface
  • the plugin will act as a secure mail agent and converts the secured blockchain email to a clear text email to be displayed on the email client’s UI, or encrypts the clear text mail to blockchain email and sends to blockchain email service for further processing.
  • Component 102 is a blockchain wallet.
  • the blockchain wallet’s primary function is to store the user’s private key and public key.
  • Each blockchain email account sets the public key and the private key.
  • the public key will be posted to shared cloud storage, and anyone can access it, while the wallet fully protects the private key.
  • the data will be encrypted or decrypted by using the wallet API (Application Programming Interface). Since the wallet stores important blockchain account information and private keys, to avoid information leaks, we require the wallet to run on the user-side terminal to ensure that only the user can access the wallet.
  • Component 103 is a secure blockchain local email agent or plugin.
  • the agent communicates with the local email client through private plugin protocol or through the POP3 and SMTP interface, and converts the email send/receive request into a blockchain smart contract request.
  • the secured blockchain email message which contains the encrypted storage index key and a common cypher for decryption, is sent and received through the smart contract running in the blockchain.
  • the encrypted mail could send and receive through normal mail server, while using the plugin or the mail agent to verify the content and encrypt/decrypt the mails.
  • the secure email agent registers the public key information of the local mailbox on the shared cloud storage.
  • the recipient-side email agent monitors the blockchain to retrieve messages.
  • the private key in the wallet is used to decrypt and obtain the shared exclusive cypher key and the indexed data used in the shared cloud storage to obtain the corresponding encrypted email content and attachments.
  • the email agent uses the exclusive cypher key to decrypt the email content and forward it to local email.
  • the agent is also responsible for locally caching various received messages.
  • Component 104 is a client side component. To ensure information security, components 101, 102, 103 are deployed together to form the client component 104.
  • Component 105 is a blockchain email smart contract. Smart contracts are used to record the encrypted exclusive cypher key of each email and the sender's signature information in the chain. Consensus is completed at the blockchain node for smart contracts, ensuring data is stored and unalterable. Since the cypher key stored in blockchain is encrypted by the recipient's public key, and the main email content and attachments are encrypted by the exclusive cypher key and stored in distributed cloud storage, only the recipient can retrieve the corresponding email information correctly. No one else, not even the administrator, knows where the email information is stored, nor can they intercept the content of the email; thus there is no way to decode the email. For all emails sent or received to the Internet mailbox, as long as one party is a blockchain mailbox, the signature information of the email will also be left in the blockchain for verification purposes.
  • Component 106 is a blockchain node. Component 106 is used to complete multi node consensus and account recording work. This patent does not limit the specific blockchain; any blockchain system that can support smart contracts should be suitable. Furthermore, this patent works for multiple heterogeneous blockchain systems to exchange emails.
  • Component 107 is a Mail Transfer Agent (MTA).
  • MTA Mail Transfer Agent
  • Component 107 is used for the interface gateway of Internet email.
  • the MX (mail exchanger) information is registered on the domain name server so that all Internet email and other cross-chain blockchain emails are sent to the node for processing.
  • MTA Mail Transfer Agent
  • the MTA receives a cross-chain email from another blockchain, it will send the message directly to the blockchain mailbox based on the recipient information.
  • Component 108 is a shared, cloud storage service component.
  • Component 108 provides the basic Key/Value mapping storage, and distributes data to multiple different nodes in a multi-copy distributed storage manner to ensure the efficiency and data security of the entire system. All users can publicly access the storage system. However, when the blockchain email is stored, the email information is encrypted and the corresponding KEY is encrypted, and only accessible by the recipient. Therefore, third parties cannot assemble the complete email and cannot decrypt it.
  • Component 109 depicts the at least three types of data which are stored on the shared cloud storage in this embodiment.
  • the three types of data include: 1) corresponding public key information of the mailbox, and publicly accessible information; 2) encrypted email message content, which is used by the exclusive key of each email; and 3) encrypted large attachments.
  • a symmetric encryption algorithm is used to encrypt the email content with the exclusive cypher key.
  • the content format is MIME (Multipurpose Internet Mail Extensions). Therefore, small attachments could be encrypted together with email body as part of the encrypted email message content. Encrypted large attachments are similarly encrypted by an exclusive cypher key using a symmetric encryption algorithm.
  • Component 110 is a DNS (domain name system) service component. To fill in the MTA's IP (internet protocol) address on the MX record of the domain name, all email addressed to the domain name will be forwarded to assigned MTA.
  • DNS domain name system
  • a complete email system includes an email client, email server, and email transmission channel.
  • the email itself typically includes sender, recipient, title, content, and multiple attachments.
  • the deployment of a system exemplary of an embodiment of the present invention is differentiated according to the recipient's mailbox domain name.
  • the recipient may belong to the local mailbox in the same blockchain or in another blockchain.
  • the recipient’s mailbox may also be an external Internet mailbox.
  • Scenario 1 From blockchain mailbox to blockchain mailbox in the same chain
  • the email client first sends an email to the local blockchain email agent using the general mail protocol.
  • the local agent determines whether the domain to which the multiple recipients in the email belong, has its mailbox in the local blockchain. If so, it generates a unique cypher key for this email, and saves the encrypted email body and attachments to a shared storage through encryption, and uses the sender's private key to sign the data to prevent illegal tampering by a third party.
  • the local email agent simultaneously encrypts the shared storage index information and the email exclusive cypher key with the public key of the blockchain recipient’s mailbox, pushes it to the email contract to generate a transaction record, saves it on the blockchain, and completes the consensus. If there are N recipients in the email then, N blockchain records are generated respectively, and the public key of the N recipients is used to encrypt the cypher key and index the information of the email on the shared storage.
  • At least one email body will be retained in the shared storage, and the email agent generates N (number of recipients) blockchain records and completes the consensus on the chain.
  • the local blockchain email agent when sending an email, queries the shared cloud storage to check whether the corresponding recipient email address is a blockchain mailbox. If it is a blockchain mailbox, it first generates a dedicated cypher key and encrypts the email with the cypher key. The encrypted mail content and attachments are stored in the shared cloud storage.
  • the sender’s blockchain email agent obtains the public key information of the recipient account from the shared cloud storage, and uses the public key to encrypt the exclusive cypher key and sends it to the mail transmission gateway (MTA) of the other party through regular Internet email. After receiving the blockchain email, the other party’s MTA pushes a blockchain email to the party’s blockchain email contract according to the recipient information.
  • MTA mail transmission gateway
  • cloud storage services shared by multiple blockchains are relied on in order to exchange cross-chain data. Since the data is shared, when the receiving agent receives the email information, the email body data must already exist and can only be decrypted by the other party's email; any intermediate node cannot know the email content, which ensures data security.
  • the exemplary system calculates fingerprint information for sent email’s content and attachments, and uses the sender's private key to sign and authenticate the fingerprint information.
  • the blockchain mailbox agent pushes the information to the blockchain email smart contract and saves the relevant information to the blockchain so that the recipient of the email can verify whether the email message has been tampered with according to the fingerprint information of the signature.
  • Mail reception may include the following scenarios:
  • Scenario 4 Receive a blockchain email from a mailbox that belongs to the same blockchain
  • the blockchain email agent monitors new messages on the blockchain.
  • the blockchain email agent parses the message content, obtains the sender's public key to verify the signature, and uses the private key in the local wallet to decrypt the message body to obtain the mail storage index and the corresponding exclusive cypher key.
  • the blockchain email agent uses the email storage index information to download the corresponding encrypted email content and attachments from the shared cloud storage service and decrypts the content using the exclusive cypher key.
  • the decrypted email will be temporarily stored in the local post office.
  • the email client communicates with the local email agent using the standard POP3 protocol to obtain the decrypted email and attachments. This approach makes the user's blockchain mailbox experience no different from using a regular mailbox service.
  • Scenario 5 Receive a cross-chain blockchain email from a mailbox on another blockchain
  • the blockchain email proxy service registers as an ordinary MX email service to the Internet domain name and saves the public key and domain name mapping of the blockchain email agent to the shared cloud storage service.
  • MTA When receiving a cross-chain blockchain email sent by a mailbox on another blockchain, MTA first obtains the sender’s public key from the public key directory in the shared cloud storage service, verifies the email signature, and then pushes the encrypted exclusive cypher key and storage index information to the local blockchain email smart contract.
  • the local recipient receives the corresponding blockchain email message, the message will be treated the same as Scenario 1.
  • Scenario 6 Receive regular email from a regular Internet mailbox
  • Email sent from regular Internet mailboxes is unencrypted.
  • the blockchain MTA needs to perform the email forwarding work: generate the exclusive cypher key, encrypt the contents and attachments of the message with the cypher key, save the encrypted email content and attachments to the shared cloud storage service, obtain the cloud storage index and search for the corresponding recipient mailbox public key in cloud storage according to the recipient mailbox, then use the public key to encrypt the cypher key and storage index.
  • the exclusive cypher key is encrypted and signed with the private key of the email agent, and then pushed to the blockchain email contract to complete the local email forwarding.
  • the recipient’s blockchain mailbox client can receive regular Internet mail using the same process as Scenario 1.
  • FIG. 2 depicts a schematic block diagram illustrating sending and receiving email from mailboxes in the same blockchain.
  • User A sends a blockchain email to User B’s mailbox; they are both on the same blockchain.
  • User A’s email client perform authentication with local email agent through POP3 protocol.
  • User A composes an email, and sends it to local email agent through SMTP.
  • step 204 User A’s local email agent receives an email send out request, and generates a unique exclusive cypher key.
  • step 205 User A’s local email agent uses this unique cypher key to encrypt the email content and attachments based on symmetric encryption methods.
  • User A’s local email agent calls the wallet, uses user A’s private key to sign the encrypted email content and attachments, and generate a signature for this email.
  • step 207 User A’s local email agent stores the encrypted mail content and attachments to the shared cloud storage with index key (DATETIME + HASH(SENDER + recipient + TITLE) ) or (DATETIME + HASH( SENDER + recipient + ATTACHMENT FILENAME)).
  • User A’s local email agent retrieves user B‘s (the recipient) public key from the shared storage, and encrypts the exclusive cypher key and cloud storage index keys with User B’s public key based on asymmetric encryption. If there is more than one recipient, the local mail agent encrypts multiple times for each recipient.
  • User A invokes the email contract, pushes the encrypted exclusive cypher key and cloud index keys to the smart contract and stores it in the blockchain.
  • the email contract performs the consensus operation in the blockchain and stores the messages on the blockchain.
  • User B email agent continues to monitor the blockchain. When the agent finds a message to User B, it retrieves the message from the blockchain.
  • User B’s email agent decrypts the message with user B’s private key in the wallet based on asymmetric encryption methods.
  • User B’s email agent retrieves the index for email content and attachments and the cypher key for this email. It retrieves the encrypted email content and attachment from the shared storage using the index.
  • User B’s email agent decrypts the email content and attachments with the cypher key based on symmetric encryption method.
  • User B’s email agent temporary stores the decrypted mail content and attachments in local storage.
  • User B’s email client retrieves the mail from User B’s email agent using POP3 protocol or plugin and displays the message to User B.
  • a string represents the user's mailbox as the only primary key in the format XX@[domain.com] where XX is the mailbox name, and domain.com is the domain name.
  • a string represents the public key of the mailbox.
  • the format of the public key could be different for different key systems; it is recommended to express in PEM (Privacy Enhanced Mail) format.
  • Data Type 2 Mail Index Encrypted Mail Content mapping
  • a string represents the mail index.
  • the structure is DATETIME + HASH(SENDER+recipient+TITLE), which makes it easier to group by date, which is convenient for hot and cold data exchange on cloud storage.
  • the standard MIME structure represents the content of the email.
  • the structure may be as described in section 7.2“The Multipart Content-Type” of RFC1341 entitled “MIME (Multipurpose Internet Mail Extensions): Mechanisms for Specifying and Describing the Format of Internet Message Bodies” available online at: https://www.w3.org/Protocols/rfcl341/7_2_Multipart.html, and the Wikipedia entry for MIME available online at: https://en.wikipedia.org/wiki/MIME.
  • the email TITLE, FROM, TO, CC, BCC, etc. are not encrypted, but the mail content and attachments are encrypted by AES (Advanced Encryption Standard) and other symmetric encryption algorithms and then combined into a string according to Base64 encoding.
  • AES Advanced Encryption Standard
  • the attachment index format is Mail Index - Attachment ID, which adds a large attachment by referring to the attachment index in the message.
  • the encryption method of the attachment and the content of the email is encrypted by using the exclusive cypher key of the email, and the exclusive cypher key is transmitted to the recipient through the blockchain.
  • FIG. 3 depicts a flowchart representative of an internal logic for an embodiment of a process utilizing the Blockchain Mail Agent that includes the following steps. [0077] At step 300 of the e process the client sends an email.
  • Mail Agent caches pending email locally.
  • step 302 the process signs the message with the sender's private key.
  • step 303 the process queries shared cloud storage, checks whether the email recipient is registered with the blockchain mailbox.
  • step 304 if a blockchain mailbox is registered in the shared storage, this means that the recipient is a blockchain mailbox, and an exclusive cypher key is generated.
  • step 305 the process encrypts the message content and attachments using the exclusive cypher key.
  • step 306 the process stores the encrypted mail and attachments to the shared cloud storage.
  • step 307 the process checks whether the recipient is in the same blockchain.
  • step 308 the process asks if the recipient is not in the same blockchain, builds an outgoing message with the encrypted exclusive cypher key and the storage index.
  • step 309 the process sends Internet email using SMTP protocol.
  • step 310 the process pushes the message to the email contract, saves the mail signature information, the encrypted exclusive cypher key, and the storage index information in the blockchain.
  • step 311 the process, if the recipient of the email is not a blockchain mailbox, the process constructs a clear text message, sends the message and pushes the message to the email contract which only contains the email signature.
  • Internal Logic of Mail Transfer Agent Ml A
  • FIG. 4 depicts the Internal Logic of Mail Transfer Agent (MTA) including the following steps.
  • step 400 of the process MTA receives an email from the Internet.
  • step 401 the process checks the domain of the recipient.
  • step 402 of the process if the domain is not the same as the currently registered domain, this is junk mail and is discarded.
  • step 403 the process queries if the sender of the email is a blockchain mailbox.
  • step 404 of the process if the sender is not a blockchain mailbox, needs to convert regular internet email to blockchain email, and generates the common cipher key for encryption.
  • step 405 the process encrypts the content & attachments with the exclusive cypher key, and signs the email with MTA private key.
  • step 406 the process stores the encrypted content and attachments to the shared cloud storage.
  • step 407 the process encrypts the exclusive cypher key and storage index with the recipient’s public key.
  • step 408 the process invokes the email contract, pushes the encrypted exclusive cypher key and storage index as a message to Blockchain email contract.
  • FIG. 5 depicts elements or steps involved in sending cross-chain email.
  • These include mail client 500, blockchain mail agent 501, node 502, blockchain mail agent 503, a network 504 such as the internet, a mail transfer agent (MTA) 505, node 506, blockchain mail agent 507, mail client 508, mail server 509, DNS node 510 and shared cloud storage 511.
  • MTA mail transfer agent
  • the process in order to support cross-chain blockchain email, the process first registers the MTA 505 to the MX record of the DNS service 510, so that the corresponding server can be found when sending email through the Internet protocol.
  • the blockchain email agent needs to register its public key and email address to map to the cloud shared distributed storage. Then, the sender can encrypt the data using the recipient key, and verify the sender's signature information to ensure that the content is correct and not leaked to third parties.
  • the process To transfer cross-chain email content from one blockchain system to another, the process first generates a unique exclusive cypher key, and then sign it with the sender's private key on the sender's blockchain mail agent 501.
  • the exclusive cypher key is used to encrypt the mail content and attachments using a symmetric encryption algorithm, and the encrypted email data is stored in the distributed cloud storage 511 that can be shared globally. External exposure of the key-value (K/V) access interface of distributed cloud storage is required in this embodment.
  • the public key of the recipient mailbox is then used to encrypt the generated exclusive cypher key and the index position of the cloud storage with an asymmetric encryption algorithm. Since the encrypted data can only be decrypted by the private key of the recipient mailbox, it restricts the random forwarding of the secure email or the interception of email content which may cause security issues.
  • the process constructs a regular Internet email to transfer the information to the email service under the new domain name - Mail Transfer Agent 505.
  • the MTA 505 then forwards the message contents to the blockchain system node 506, completes the blockchain consensus operation, and records the message into the blockchain account book.
  • the blockchain email agent 507 of the recipient client 508 detects the new mail, it decrypts the mail message using the private key of the mailbox in the local wallet, obtains the index address of the exclusive cypher key and the cloud storage 511, and retrieves the corresponding address in cloud storage 511.
  • the email content and attachments use the exclusive cypher key for decryption for recipient client 508 to retrieve and display using standard mail protocols.
  • the“From” field will be filled as the MTA’s account. If the recipient of the email is outside of the current chain, the“To” field will be filled with null.
  • FIG. 6 depicts a flowchart of smart contract email services including sending and checking email.
  • the blockchain email contract includes of two services, one for sending email messages (steps 600-605) and one for checking email messages (steps 607-612).
  • the services need to ensure that the user has enough tokens to send the email, and the sender of the email is consistent with the sender of the message and has the authority to operate the contract.
  • the services also need to ensure that recipient of the message can only get the message sent to the account, and cannot get any messages sent to others.
  • step 600 the process Transfer email message contract invoked.
  • step 601 the process checks the sender’s authentication and makes sure the operator is the same as the sender’s account and has privileges to send out an email message.
  • step 602 the process Queries if the sender’s account has enough tokens. The account needs to pay a certain amount of tokens to the pool to cover the email transfer expenses.
  • step 603 the process if the sender’s account has positive tokens after payment, invokes the token transfer contract.
  • step 604 the process stores the email record in the blockchain’s unread message table.
  • step 605 the transaction is declared successful.
  • step 606 if the sender’s account has negative tokens after payment, the transaction will fail.
  • step 607 the process checks the message invoked.
  • the process queries if the recipient account has privileges to receive messages and if the recipient is the same as the current account. [00123] At step 609 the process queries if the chain table contains unread messages.
  • step 610 the process finds and retrieves unread messages for the current account.
  • step 611 the process deletes message from the unread message table.
  • step 612 the transaction ends.
  • the smart contract After a new message is received, the smart contract encapsulates the new message into an email agent that is passed to the recipient in JSON (JavaScript Object Notation) format.
  • JSON JavaScript Object Notation
  • the blockchain email agent To facilitate receiving messages, the blockchain email agent continually monitors the blockchain. When a new block is generated, the blockchain email agent checks if the chain contains unread messages for the current user. It then retrieves the message by calling the receive function of the smart contract. In the contract, only clients providing the corresponding authentication key according to the recipient account can retrieve the message.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • General Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Databases & Information Systems (AREA)
  • Data Mining & Analysis (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)
  • Information Transfer Between Computers (AREA)

Abstract

This patent describes a complete blockchain email system that supports both internal and cross-chain emails with the potential to interact with non-blockchain email systems. Through this method, as long as the sender or the recipient of the email is a blockchain mailbox, the email information will be recorded in the blockchain to ensure the authenticity of the email. Moreover, when blockchain mailboxes exchange messages, the email information will be encrypted and stored in distributed storage where only the recipient can obtain the unique cypher key and storage location of the email, thereby ensuring the security of email transmissions.

Description

Blockchain-Based Secure Email System
TECHNICAL FIELD
[0001] The present application relates generally to a secure email system and more specifically to a blockchain-based secure email system.
BACKGROUND ART
[0002] Email is not as secure as we have allowed ourselves to believe. There are security vulnerabilities in the email servers, email clients, and webmail servers available on the market. The traditional email system authenticates only on the email server according to the user name and password, while the information itself is typically stored in plain text on the server. Therefore, vulnerabilities in email service can be exploited by malevolent actors to obtain sensitive information contained in the mailbox.
[0003] For traditional email systems, the transfer of an email message from sender to recipient goes through multiple computers between the two points. Not only does the user have access to the email, but also many other parties like mailbox holders, email service providers, and even the network provider may all have access to the email, and could modify the content of emails without notifying the user. In the current email transmission process, the content data is encapsulated in clear text and is exposed to universal ports, making the data easily intercepted. The email data information could be seized by monitoring network, equipment or software.
[0004] In addition to access security factors, the data of email systems is stored centrally. Vulnerabilities in the email storage service may leak important mail information or lead to email tampering. Failure of email services, either through software or hardware failures, may also lead to loss of important email messages. After accessing the computer through these vulnerabilities, an intruder can readily obtain the email address and the corresponding username, password and the content of emails. If there is an email address book, the intruder can also get the contact information of those people. There are also vulnerabilities in some email clients. Intruders can inject a Trojan Horse into special format emails. The user then executes the Trojan Horse when the email is opened, creating a potentially dangerous security risk.
[0005] In light of the vulnerabilities noted above, there is a need for more secure email systems.
SUMMARY OF INVENTION
[0006] In accordance with one aspect of the present invention, there is provided a blockchain messaging system comprising: a first blockchain mail agent comprising: a first interface for communication with a first smart contract on a first blockchain; a second interface for communication with a shared storage; and a third interface for receiving a transmission request for a message from a sender to a recipient. The first blockchain mail agent receives the transmission request, determines that a mailbox of the recipient is in a blockchain, and upon determining: encrypts content of the message; saves the encrypted content to the shared storage at a storage index; and creates a smart contract request for the first smart contract. The first smart contract generates a transaction record and saves the transaction record in the first blockchain.
[0007] In accordance with another aspect of the present invention, there is provided a method of secure messaging using a blockchain. The method includes: receiving a transmission request for a message from a sender to a recipient, the sender having a sender account on the blockchain; generating a cypher key; encrypting content of the message using the cypher key; storing the encrypted content to a shared storage at a storage index; and encrypting the storage index and the cypher key with a public key of the recipient so that only the recipient having a private key corresponding to the public key of the recipient can access the storage index and cypher key.
BRIEF DESCRIPTION OF DRAWINGS
[0008] In the figures, which illustrate by way of example only, embodiments of the present invention, [0009] FIG. l is a simplified system architecture block diagram;
[0010] FIG. 2 is a simplified diagram illustrating sending and receiving email from mailboxes in the same blockchain;
[0011] FIG. 3 is a simplified diagram illustrating the internal logic of a blockchain mail agent;
[0012] FIG. 4 is a simplified diagram illustrating internal logic of mail transfer agent (MTA);
[0013] FIG. 5 is a simplified diagram illustrating a detailed process of sending cross-chain email; and
[0014] FIG. 6 is a simplified diagram illustrating two services: one for sending email, and another one for checking email.
DESCRIPTION OF EMBODIMENTS
[0015] A description of various embodiments of the present invention is provided below. In this disclosure, the use of the word“a” or“an” when used herein in conjunction with the term “comprising” may mean“one”, but it is also consistent with the meaning of“one or more”,“at least one” and“one or more than one.” Any element expressed in the singular form also encompasses its plural form. Any element expressed in the plural form also encompasses its singular form. The term“plurality” as used herein means more than one, for example, two or more, three or more, four or more, and the like. Directional terms such as“top”,“bottom”, “upwards”,“downwards”,“vertically” and“laterally” are used for the purpose of providing relative reference only, and are not intended to suggest any limitations on how any article is to be positioned during use, or to be mounted in an assembly or relative to an environment.
[0016] The terms“comprising”,“having”,“including”, and“containing”, and grammatical variations thereof, are inclusive or open-ended and do not exclude additional, un-recited elements and/or method steps. The term“consisting essentially of’ when used herein in connection with a composition, use or method, denotes that additional elements, method steps or both additional elements and method steps may be present, but that these additions do not materially affect the manner in which the recited composition, method, or use functions. The term“consisting of’ when used herein in connection with a composition, use, or method, excludes the presence of additional elements and/or method steps.
[0017] A“blockchain” is a tamper-evident, shared digital ledger that records transactions in a public or private peer-to-peer network of computing devices. The ledger is maintained as a growing sequential chain of cryptographic hash-linked blocks.
[0018] A“node” is a device on a blockchain network. The device is typically be a computer having a processor interconnected to a processor readable medium including memory, having processor readable instructions thereon.
[0019] In addition, the terms“first”,“second”,“third” and the like are used for descriptive purposes only and cannot be interpreted as indicating or implying relative importance.
[0020] In the description of the invention, it should also be noted that the terms“mounted”, “linked” and“connected” should be interpreted in a broad sense unless explicitly defined and limited otherwise. For example, it could be fixed connection, or assembled connection, or integrally connected; either hard-wired or soft-wired; it may be directly connected or indirectly connected through an intermediary. For technical professionals, the specific meanings of the above terms in the invention may be understood in context.
[0021] In the drawings illustrating embodiments of the present invention, the same or similar reference labels correspond to the same or similar parts. In the description of the invention, it should be noted that the meaning of“a plurality of’ means two or more unless otherwise specified; The directions or positions of the terms“up”,“down”,“left”,“right”, “inside”, “outside”, “front end”, “back end”, “head”, “tail”, the orientation or positional relationship shown in the drawings is merely for the convenience of describing the invention and simplifying the description rather than indicating or implying that the indicated device or element must have a particular orientation and be constructed and operated in a particular orientation, and therefore cannot be used as a limitation of the invention.
[0022] A combination of blockchain technology and email technology can effectively solve the problems identified in the background section. The blockchain authenticates the sender and the recipient of the blockchain email. This authentication cannot be forged. All content and attachments are encrypted with the other party's encryption key and stored on the distributed storage service. Third parties cannot obtain all of the data. Should the data be illegally retrieved, it is still not possible to decrypt the corresponding data without the appropriate key. All email content and attachments are processed, signed by the sender to generate fingerprint information, and stored in the blockchain, which means the sender’s public key can verify the email for accuracy at any time. The recipient decrypts the data using their private key and verifies the data fingerprint on the blockchain to ensure that the data is not altered or forged. This fully distributed decentralized email system can fundamentally guarantee the security of email.
[0023] In the real world, it is almost impossible for all users to utilize the same blockchain system. Therefore, there are multiple alliance chains that do not interact with each other. However, as an email system, it is imperative to provide cross-chain email interoperability, as well as blockchain email and communication with regular Internet email. When interacting with ordinary mailboxes, information security issues are not covered in this patent because ordinary mailboxes are transmitted or stored in plain text; however, we can still use the blockchain feature to guarantee the authenticity of all sent or received messages. Furthermore, for blockchain-to- blockchain mailboxes, the email transmission will be encrypted end to end, and only the authorized recipient can read the mail.
[0024] The present specification describes a blockchain email system that supports both internal and cross-chain emails with the potential to interact with non-blockchain email systems. Through this method, as long as the sender or the recipient of the email is a blockchain mailbox, the email information will be recorded in the blockchain to ensure the authenticity of the email. Moreover, when blockchain mailboxes exchange messages, the email information will be encrypted and stored in distributed storage; only the recipient can obtain the unique cypher key and storage location of the email, thereby ensuring the security of email transmissions.
[0025] A system, exemplary of an embodiment of the invention, is described below. FIG. 1 depicts a system architecture diagram for an embodiment of the present invention. As illustrated, the system architecture diagram includes of the following components.
[0026] Component 101 is a standard email client. In order to adapt to different users’ usage habits, an email service is provided, for example as an email client plugin, to capture the content of the email via an internal protocol or a standard email protocol through a secure mail agent component 103. The agent identifies the blockchain email by the special tag in email content. If the email is normal email, the email will go through the traditional email server; otherwise, the email will be encrypted and sent through blockchain email service. Optionally, the local mail agent could provide POP3 and SMTP interface to local email clients, thus any third party email client could send /receive email through the secure local email agent service. To ensure information security, the Secure Mail Agent is required to run on the same node as the standard email client to prevent the non-secure mail messages from being transmitted and saved on the network.
[0027] Alternatively, the standard email client could have a plugin, which interacts with the email client’s user interface (UI) to capture the content of the email. If email is identified as a blockchain email, the plugin will act as a secure mail agent and converts the secured blockchain email to a clear text email to be displayed on the email client’s UI, or encrypts the clear text mail to blockchain email and sends to blockchain email service for further processing.
[0028] Component 102 is a blockchain wallet. The blockchain wallet’s primary function is to store the user’s private key and public key. We can associate an email account with a blockchain account using a wallet. Each blockchain email account sets the public key and the private key. The public key will be posted to shared cloud storage, and anyone can access it, while the wallet fully protects the private key. The data will be encrypted or decrypted by using the wallet API (Application Programming Interface). Since the wallet stores important blockchain account information and private keys, to avoid information leaks, we require the wallet to run on the user-side terminal to ensure that only the user can access the wallet.
[0029] Component 103 is a secure blockchain local email agent or plugin. The agent communicates with the local email client through private plugin protocol or through the POP3 and SMTP interface, and converts the email send/receive request into a blockchain smart contract request. The secured blockchain email message, which contains the encrypted storage index key and a common cypher for decryption, is sent and received through the smart contract running in the blockchain. Alternatively, the encrypted mail could send and receive through normal mail server, while using the plugin or the mail agent to verify the content and encrypt/decrypt the mails. The secure email agent registers the public key information of the local mailbox on the shared cloud storage. The recipient-side email agent monitors the blockchain to retrieve messages. After receiving the message, the private key in the wallet is used to decrypt and obtain the shared exclusive cypher key and the indexed data used in the shared cloud storage to obtain the corresponding encrypted email content and attachments. After retrieving the email content and attachments, the email agent uses the exclusive cypher key to decrypt the email content and forward it to local email. When the local email client application is not enabled, the agent is also responsible for locally caching various received messages.
[0030] Component 104 is a client side component. To ensure information security, components 101, 102, 103 are deployed together to form the client component 104.
[0031] Component 105 is a blockchain email smart contract. Smart contracts are used to record the encrypted exclusive cypher key of each email and the sender's signature information in the chain. Consensus is completed at the blockchain node for smart contracts, ensuring data is stored and unalterable. Since the cypher key stored in blockchain is encrypted by the recipient's public key, and the main email content and attachments are encrypted by the exclusive cypher key and stored in distributed cloud storage, only the recipient can retrieve the corresponding email information correctly. No one else, not even the administrator, knows where the email information is stored, nor can they intercept the content of the email; thus there is no way to decode the email. For all emails sent or received to the Internet mailbox, as long as one party is a blockchain mailbox, the signature information of the email will also be left in the blockchain for verification purposes.
[0032] Component 106 is a blockchain node. Component 106 is used to complete multi node consensus and account recording work. This patent does not limit the specific blockchain; any blockchain system that can support smart contracts should be suitable. Furthermore, this patent works for multiple heterogeneous blockchain systems to exchange emails.
[0033] Component 107 is a Mail Transfer Agent (MTA). Component 107 is used for the interface gateway of Internet email. The MX (mail exchanger) information is registered on the domain name server so that all Internet email and other cross-chain blockchain emails are sent to the node for processing. When the MTA receives regular Internet email, it will sign the email with the MTA private key, obtain the recipient's public key according to the recipient information, encrypt the content, and forward it to the blockchain email. When the MTA receives a cross-chain email from another blockchain, it will send the message directly to the blockchain mailbox based on the recipient information.
[0034] Component 108 is a shared, cloud storage service component. Component 108 provides the basic Key/Value mapping storage, and distributes data to multiple different nodes in a multi-copy distributed storage manner to ensure the efficiency and data security of the entire system. All users can publicly access the storage system. However, when the blockchain email is stored, the email information is encrypted and the corresponding KEY is encrypted, and only accessible by the recipient. Therefore, third parties cannot assemble the complete email and cannot decrypt it.
[0035] Component 109 depicts the at least three types of data which are stored on the shared cloud storage in this embodiment. The three types of data include: 1) corresponding public key information of the mailbox, and publicly accessible information; 2) encrypted email message content, which is used by the exclusive key of each email; and 3) encrypted large attachments. A symmetric encryption algorithm is used to encrypt the email content with the exclusive cypher key. The content format is MIME (Multipurpose Internet Mail Extensions). Therefore, small attachments could be encrypted together with email body as part of the encrypted email message content. Encrypted large attachments are similarly encrypted by an exclusive cypher key using a symmetric encryption algorithm.
[0036] Component 110 is a DNS (domain name system) service component. To fill in the MTA's IP (internet protocol) address on the MX record of the domain name, all email addressed to the domain name will be forwarded to assigned MTA.
[0037] A complete email system includes an email client, email server, and email transmission channel. The email itself typically includes sender, recipient, title, content, and multiple attachments. To integrate with the existing email system, the deployment of a system exemplary of an embodiment of the present invention is differentiated according to the recipient's mailbox domain name. The recipient may belong to the local mailbox in the same blockchain or in another blockchain. In other embodiments, the recipient’s mailbox may also be an external Internet mailbox.
[0038] The process of sending and receiving of emails may be classified in accordance with the following scenarios.
Email Processes
Mail delivery processes
Scenario 1: From blockchain mailbox to blockchain mailbox in the same chain
[0039] In this scenario, the email client first sends an email to the local blockchain email agent using the general mail protocol. The local agent determines whether the domain to which the multiple recipients in the email belong, has its mailbox in the local blockchain. If so, it generates a unique cypher key for this email, and saves the encrypted email body and attachments to a shared storage through encryption, and uses the sender's private key to sign the data to prevent illegal tampering by a third party. The local email agent simultaneously encrypts the shared storage index information and the email exclusive cypher key with the public key of the blockchain recipient’s mailbox, pushes it to the email contract to generate a transaction record, saves it on the blockchain, and completes the consensus. If there are N recipients in the email then, N blockchain records are generated respectively, and the public key of the N recipients is used to encrypt the cypher key and index the information of the email on the shared storage.
[0040] After the implementation of this step, at least one email body will be retained in the shared storage, and the email agent generates N (number of recipients) blockchain records and completes the consensus on the chain.
Scenario 2: From blockchain mailbox to blockchain mailbox in another chain
[0041] In this scenario, when sending an email, the local blockchain email agent queries the shared cloud storage to check whether the corresponding recipient email address is a blockchain mailbox. If it is a blockchain mailbox, it first generates a dedicated cypher key and encrypts the email with the cypher key. The encrypted mail content and attachments are stored in the shared cloud storage. The sender’s blockchain email agent obtains the public key information of the recipient account from the shared cloud storage, and uses the public key to encrypt the exclusive cypher key and sends it to the mail transmission gateway (MTA) of the other party through regular Internet email. After receiving the blockchain email, the other party’s MTA pushes a blockchain email to the party’s blockchain email contract according to the recipient information.
[0042] In this scenario, cloud storage services shared by multiple blockchains are relied on in order to exchange cross-chain data. Since the data is shared, when the receiving agent receives the email information, the email body data must already exist and can only be decrypted by the other party's email; any intermediate node cannot know the email content, which ensures data security.
Scenario 3: From blockchain mailbox to normal non-encrypted Internet mailbox
[0043] In this scenario, since the recipient is a non-encrypted Internet mailbox, responsibility for the security of the information does not rest with the exemplary embodiment of the systems. However, the exemplary system calculates fingerprint information for sent email’s content and attachments, and uses the sender's private key to sign and authenticate the fingerprint information. The blockchain mailbox agent pushes the information to the blockchain email smart contract and saves the relevant information to the blockchain so that the recipient of the email can verify whether the email message has been tampered with according to the fingerprint information of the signature. These email records could also be used for legal purposes.
Mail recipient processes
[0044] Mail reception may include the following scenarios:
Scenario 4: Receive a blockchain email from a mailbox that belongs to the same blockchain
[0045] The blockchain email agent monitors new messages on the blockchain. When the blockchain has generated an email transaction record for a recipient’s current account, the blockchain email agent parses the message content, obtains the sender's public key to verify the signature, and uses the private key in the local wallet to decrypt the message body to obtain the mail storage index and the corresponding exclusive cypher key. The blockchain email agent uses the email storage index information to download the corresponding encrypted email content and attachments from the shared cloud storage service and decrypts the content using the exclusive cypher key. The decrypted email will be temporarily stored in the local post office. When the user opens the standard email client, the email client communicates with the local email agent using the standard POP3 protocol to obtain the decrypted email and attachments. This approach makes the user's blockchain mailbox experience no different from using a regular mailbox service.
Scenario 5: Receive a cross-chain blockchain email from a mailbox on another blockchain
[0046] The blockchain email proxy service registers as an ordinary MX email service to the Internet domain name and saves the public key and domain name mapping of the blockchain email agent to the shared cloud storage service. When receiving a cross-chain blockchain email sent by a mailbox on another blockchain, MTA first obtains the sender’s public key from the public key directory in the shared cloud storage service, verifies the email signature, and then pushes the encrypted exclusive cypher key and storage index information to the local blockchain email smart contract. When the local recipient receives the corresponding blockchain email message, the message will be treated the same as Scenario 1.
Scenario 6: Receive regular email from a regular Internet mailbox
[0047] Email sent from regular Internet mailboxes is unencrypted. In order to enable the blockchain mailbox to receive regular email sent through the Internet, the blockchain MTA needs to perform the email forwarding work: generate the exclusive cypher key, encrypt the contents and attachments of the message with the cypher key, save the encrypted email content and attachments to the shared cloud storage service, obtain the cloud storage index and search for the corresponding recipient mailbox public key in cloud storage according to the recipient mailbox, then use the public key to encrypt the cypher key and storage index. The exclusive cypher key is encrypted and signed with the private key of the email agent, and then pushed to the blockchain email contract to complete the local email forwarding. The recipient’s blockchain mailbox client can receive regular Internet mail using the same process as Scenario 1.
Example:
[0048] The following example is described with reference to FIG. 2 which depicts a schematic block diagram illustrating sending and receiving email from mailboxes in the same blockchain.
[0049] User A sends a blockchain email to User B’s mailbox; they are both on the same blockchain.
[0050] At step 201 User A’s email agent register get User A’s public key from the wallet and register it to the shared storage. Thus, other users in the same chain or different chains could find the public key for user A. [0051] At step 202 User A’s email client perform authentication with local email agent through POP3 protocol.
[0052] At step 203 User A composes an email, and sends it to local email agent through SMTP.
[0053] At step 204 User A’s local email agent receives an email send out request, and generates a unique exclusive cypher key.
[0054] At step 205 User A’s local email agent uses this unique cypher key to encrypt the email content and attachments based on symmetric encryption methods.
[0055] At step 206 User A’s local email agent calls the wallet, uses user A’s private key to sign the encrypted email content and attachments, and generate a signature for this email.
[0056] At step 207 User A’s local email agent stores the encrypted mail content and attachments to the shared cloud storage with index key (DATETIME + HASH(SENDER + recipient + TITLE) ) or (DATETIME + HASH( SENDER + recipient + ATTACHMENT FILENAME)).
[0057] At step 208 User A’s local email agent retrieves user B‘s (the recipient) public key from the shared storage, and encrypts the exclusive cypher key and cloud storage index keys with User B’s public key based on asymmetric encryption. If there is more than one recipient, the local mail agent encrypts multiple times for each recipient.
[0058] At step 209 User A’s local email agent invokes the email contract, pushes the encrypted exclusive cypher key and cloud index keys to the smart contract and stores it in the blockchain.
[0059] At step 210 The email contract performs the consensus operation in the blockchain and stores the messages on the blockchain. [0060] At step 211 User B’s email agent continues to monitor the blockchain. When the agent finds a message to User B, it retrieves the message from the blockchain.
[0061] At step 212 User B’s email agent decrypts the message with user B’s private key in the wallet based on asymmetric encryption methods.
[0062] At step 213 after decryption, User B’s email agent retrieves the index for email content and attachments and the cypher key for this email. It retrieves the encrypted email content and attachment from the shared storage using the index.
[0063] At step 214 User B’s email agent decrypts the email content and attachments with the cypher key based on symmetric encryption method.
[0064] At step 215 User B’s email agent temporary stores the decrypted mail content and attachments in local storage.
[0065] At step 216 User B’s email client retrieves the mail from User B’s email agent using POP3 protocol or plugin and displays the message to User B.
Three Types of Data in Shared Cloud Storage
[0066] The following three types of data are stored in the shared cloud storage.
Figure imgf000016_0001
[0067] One exemplary format is as follows:
[0068] A string represents the user's mailbox as the only primary key in the format XX@[domain.com] where XX is the mailbox name, and domain.com is the domain name.
[0069] A string represents the public key of the mailbox. The format of the public key could be different for different key systems; it is recommended to express in PEM (Privacy Enhanced Mail) format. Data Type 2: Mail Index Encrypted Mail Content mapping
[0070] A string represents the mail index. The structure is DATETIME + HASH(SENDER+recipient+TITLE), which makes it easier to group by date, which is convenient for hot and cold data exchange on cloud storage.
[0071] The standard MIME structure represents the content of the email. In one embodiment the structure may be as described in section 7.2“The Multipart Content-Type” of RFC1341 entitled “MIME (Multipurpose Internet Mail Extensions): Mechanisms for Specifying and Describing the Format of Internet Message Bodies” available online at: https://www.w3.org/Protocols/rfcl341/7_2_Multipart.html, and the Wikipedia entry for MIME available online at: https://en.wikipedia.org/wiki/MIME.
[0072] The email TITLE, FROM, TO, CC, BCC, etc. are not encrypted, but the mail content and attachments are encrypted by AES (Advanced Encryption Standard) and other symmetric encryption algorithms and then combined into a string according to Base64 encoding.
Data type 2 : A ttachment Index Encrypt A ttachment Data
[0073] To reduce the cost of getting mail, you can save large and oversized attachments separately.
[0074] The attachment index format is Mail Index - Attachment ID, which adds a large attachment by referring to the attachment index in the message.
[0075] The encryption method of the attachment and the content of the email is encrypted by using the exclusive cypher key of the email, and the exclusive cypher key is transmitted to the recipient through the blockchain.
Internal Logic of Blockchain Mail Agent
[0076] FIG. 3 depicts a flowchart representative of an internal logic for an embodiment of a process utilizing the Blockchain Mail Agent that includes the following steps. [0077] At step 300 of the e process the client sends an email.
[0078] At step 301 Mail Agent caches pending email locally.
[0079] At step 302 the process signs the message with the sender's private key.
[0080] At step 303 the process queries shared cloud storage, checks whether the email recipient is registered with the blockchain mailbox.
[0081] At step 304 if a blockchain mailbox is registered in the shared storage, this means that the recipient is a blockchain mailbox, and an exclusive cypher key is generated.
[0082] At step 305 the process encrypts the message content and attachments using the exclusive cypher key.
[0083] At step 306 the process stores the encrypted mail and attachments to the shared cloud storage.
[0084] At step 307 the process checks whether the recipient is in the same blockchain.
[0085] At step 308 the process asks if the recipient is not in the same blockchain, builds an outgoing message with the encrypted exclusive cypher key and the storage index.
[0086] At step 309 the process sends Internet email using SMTP protocol.
[0087] At step 310 the process pushes the message to the email contract, saves the mail signature information, the encrypted exclusive cypher key, and the storage index information in the blockchain.
[0088] At step 311 the process, if the recipient of the email is not a blockchain mailbox, the process constructs a clear text message, sends the message and pushes the message to the email contract which only contains the email signature. Internal Logic of Mail Transfer Agent (Ml A)
[0089] FIG. 4 depicts the Internal Logic of Mail Transfer Agent (MTA) including the following steps.
[0090] At step 400 of the process MTA receives an email from the Internet.
[0091] At step 401 the process checks the domain of the recipient.
[0092] At step 402 of the process if the domain is not the same as the currently registered domain, this is junk mail and is discarded.
[0093] At step 403 the process queries if the sender of the email is a blockchain mailbox.
[0094] At step 404 of the process, if the sender is not a blockchain mailbox, needs to convert regular internet email to blockchain email, and generates the common cipher key for encryption.
[0095] At step 405 the process encrypts the content & attachments with the exclusive cypher key, and signs the email with MTA private key.
[0096] At step 406 the process stores the encrypted content and attachments to the shared cloud storage.
[0097] At step 407 the process encrypts the exclusive cypher key and storage index with the recipient’s public key.
[0098] At step 408 the process invokes the email contract, pushes the encrypted exclusive cypher key and storage index as a message to Blockchain email contract.
Cross-chain Email
[0099] A detailed exemplary process of sending cross-chain email is described with reference to FIG. 5, which depicts elements or steps involved in sending cross-chain email. These include mail client 500, blockchain mail agent 501, node 502, blockchain mail agent 503, a network 504 such as the internet, a mail transfer agent (MTA) 505, node 506, blockchain mail agent 507, mail client 508, mail server 509, DNS node 510 and shared cloud storage 511.
[00100] In one exemplary embodiment, in order to support cross-chain blockchain email, the process first registers the MTA 505 to the MX record of the DNS service 510, so that the corresponding server can be found when sending email through the Internet protocol. To obtain the public key information of the recipient mailbox, the blockchain email agent needs to register its public key and email address to map to the cloud shared distributed storage. Then, the sender can encrypt the data using the recipient key, and verify the sender's signature information to ensure that the content is correct and not leaked to third parties.
[00101] To transfer cross-chain email content from one blockchain system to another, the process first generates a unique exclusive cypher key, and then sign it with the sender's private key on the sender's blockchain mail agent 501. The exclusive cypher key is used to encrypt the mail content and attachments using a symmetric encryption algorithm, and the encrypted email data is stored in the distributed cloud storage 511 that can be shared globally. External exposure of the key-value (K/V) access interface of distributed cloud storage is required in this embodment. The public key of the recipient mailbox is then used to encrypt the generated exclusive cypher key and the index position of the cloud storage with an asymmetric encryption algorithm. Since the encrypted data can only be decrypted by the private key of the recipient mailbox, it restricts the random forwarding of the secure email or the interception of email content which may cause security issues.
[00102] After completing the exclusive cypher key encryption, the process constructs a regular Internet email to transfer the information to the email service under the new domain name - Mail Transfer Agent 505. The MTA 505 then forwards the message contents to the blockchain system node 506, completes the blockchain consensus operation, and records the message into the blockchain account book. When the blockchain email agent 507 of the recipient client 508 detects the new mail, it decrypts the mail message using the private key of the mailbox in the local wallet, obtains the index address of the exclusive cypher key and the cloud storage 511, and retrieves the corresponding address in cloud storage 511. The email content and attachments use the exclusive cypher key for decryption for recipient client 508 to retrieve and display using standard mail protocols.
Blockchain Smart Contract Logic
Block data storage format
Figure imgf000021_0001
[00103] FROM: The sender’s blockchain account
[00104] TO: The recipient’s blockchain account
[00105] COMMONCYPHER: The encrypted common cypher
[00106] STORAGEKEY : The encrypted storage index key
[00107] SIGNATURE: The signature of mail
[00108] DATETIME: Sent time
[00109] If the email is from the Internet, the“From” field will be filled as the MTA’s account. If the recipient of the email is outside of the current chain, the“To” field will be filled with null.
[00110] To avoid spam email, all users except the MTA is required to pay a certain amount of tokens based on the number of recipients.
[00111] FIG. 6 depicts a flowchart of smart contract email services including sending and checking email. As illustrated, the blockchain email contract includes of two services, one for sending email messages (steps 600-605) and one for checking email messages (steps 607-612). [00112] The services need to ensure that the user has enough tokens to send the email, and the sender of the email is consistent with the sender of the message and has the authority to operate the contract. The services also need to ensure that recipient of the message can only get the message sent to the account, and cannot get any messages sent to others.
[00113] The specific processes for the two services are as follows:
Send message service:
[00114] At step 600 the process Transfer email message contract invoked.
[00115] At step 601, the process checks the sender’s authentication and makes sure the operator is the same as the sender’s account and has privileges to send out an email message.
[00116] At step 602 the process Queries if the sender’s account has enough tokens. The account needs to pay a certain amount of tokens to the pool to cover the email transfer expenses.
[00117] At step 603 the process if the sender’s account has positive tokens after payment, invokes the token transfer contract.
[00118] At step 604 the process stores the email record in the blockchain’s unread message table.
[00119] At step 605, the transaction is declared successful.
[00120] At step 606 if the sender’s account has negative tokens after payment, the transaction will fail.
Check message service:
[00121] At step 607 the process checks the message invoked.
[00122] At step 608 the process queries if the recipient account has privileges to receive messages and if the recipient is the same as the current account. [00123] At step 609 the process queries if the chain table contains unread messages.
[00124] At step 610 the process finds and retrieves unread messages for the current account.
[00125] At step 611 the process deletes message from the unread message table.
[00126] At step 612 the transaction ends.
[00127] After a new message is received, the smart contract encapsulates the new message into an email agent that is passed to the recipient in JSON (JavaScript Object Notation) format.
[00128] To facilitate receiving messages, the blockchain email agent continually monitors the blockchain. When a new block is generated, the blockchain email agent checks if the chain contains unread messages for the current user. It then retrieves the message by calling the receive function of the smart contract. In the contract, only clients providing the corresponding authentication key according to the recipient account can retrieve the message.
[00129] Having thus described, by way of example only, embodiments of the present invention, it is to be understood that the invention as defined by the appended claims is not to be limited by particular details set forth in the above description of exemplary embodiments as many variations and permutations are possible without departing from the scope of the claims.

Claims

What is claimed is:
1. A blockchain messaging system comprising:
a first blockchain mail agent comprising:
i) a first interface for communication with a first smart contract on a first blockchain; ii) a second interface for communication with a shared storage;
iii) a third interface for receiving a transmission request for a message from a sender to a recipient, the first blockchain mail agent receiving the transmission request, determining that a mailbox of the recipient is in a blockchain, and upon said determining: encrypting content of the message; saving the encrypted content to the shared storage at a storage index; and creating a smart contract request for the first smart contract, wherein the first smart contract generates a transaction record and saves the transaction record in the first blockchain.
2. The blockchain messaging system of claim 1, wherein the message is an email.
3. The blockchain messaging system of claim 2, wherein upon verifying that the mailbox of the recipient is in the shared storage, the blockchain mail agent: generates a cypher key for said encrypting the content of the email; and encrypts the storage index and the cypher key with a public key of the recipient.
4. The blockchain messaging system of claim 3, further comprising a second blockchain mail agent, wherein the second blockchain mail agent, upon the first blockchain generating the transaction record associated with the recipient: i) obtains a public key of the sender;
ii) uses a private key corresponding to the public key of the recipient to decrypt the content of the message to obtain the storage index and the cypher key;
iii) uses the storage index information to retrieve the encrypted content of the email from the shared storage; and
iv) decrypts the content using the cypher key to form a decrypted email content.
5. The blockchain messaging system of claim 4, wherein the first blockchain mail agent and a second blockchain mail agent, are the same.
6. The blockchain messaging system of claim 4, wherein the first blockchain mail agent and a second blockchain mail agent, are different.
7. The blockchain messaging system of claim 6, wherein the mailbox of the recipient is in a second blockchain different from the first blockchain.
8. The blockchain messaging system of claim 4, wherein upon the recipient opening a standard email client, the standard email client communicates with the second mail agent to obtain and present the decrypted email content.
9. The blockchain messaging system of claim 8, wherein the email client uses a standard POP3 protocol to obtain the decrypted email content.
10. The blockchain messaging system of claim 4, wherein the second blockchain mail agent stores the decrypted email content in the mailbox of the recipient.
11. The blockchain messaging system of claim 4, wherein the private key is in a blockchain wallet in the first blockchain.
12. The blockchain messaging system of claim 6, further comprising: a) a first mail transmission gateway (MTA);
b) a second mail transmission gateway (MTA); wherein the second blockchain mail agent comprises:
i) a third interface for communication with the second smart contract on the second blockchain; and
ii) a fourth interface for communication with the shared storage, and wherein the first MTA sends the cypher key and the storage index to the second MTA, and the second MTA sends the cypher key and the storage index to the recipient.
13. The blockchain messaging system of claim 12, wherein first MTA sends the cypher key and the storage index to the second MTA through regular Internet email.
14. The blockchain messaging system of claim 1, where the transmission request is to a plurality of N receivers and wherein the first smart contract generates N transaction records and saves each of the N transaction records in the first blockchain.
15. A method of secure messaging using a blockchain, comprising:
a) receiving a transmission request for a message from a sender to a recipient, the sender having a sender account on the blockchain;
b) generating a cypher key;
c) encrypting content of the message using the cypher key;
d) storing the encrypted content to a shared storage at a storage index; and
e) encrypting the storage index and the cypher key with a public key of the recipient so that only the recipient having a private key corresponding to the public key of the recipient can access the storage index and cypher key.
16. The method of claim 15, further comprising checking if a mailbox of the recipient is in the blockchain, and if so, executing a smart contract on the blockchain to store a record of a transfer corresponding to the transmission request in the blockchain, but otherwise sending an external message containing the encrypted cypher and storage index.
17. The method of claim 16, further comprising: prior to said executing, ensuring that the sender account is authorized to send a message.
18. The method of claim 17, further comprising: prior to said executing,
ensuring the recipient account has at least a first predetermined amount of tokens on the blockchain.
19. The method of claim 18, wherein the recipient has a recipient account on the blockchain, the method further comprising: prior to said executing,
ensuring the recipient account has at least a second predetermined amount of tokens on the blockchain.
20. The method of claim 19, further comprising: ensuring that the receiver account is authorized to receive a message.
21. The method of claim 20, further comprising retrieving the record.
22. The method of claim 21, further comprising deleting the record.
PCT/CA2020/050267 2019-03-01 2020-02-28 Blockchain-based secure email system Ceased WO2020176975A1 (en)

Priority Applications (7)

Application Number Priority Date Filing Date Title
CN202080018217.9A CN113508563A (en) 2019-03-01 2020-02-28 Blockchain-based secure email system
CA3130464A CA3130464A1 (en) 2019-03-01 2020-02-28 Blockchain-based secure email system
JP2021551808A JP2022522788A (en) 2019-03-01 2020-02-28 Blockchain-based secure email system
KR1020217031107A KR20210137073A (en) 2019-03-01 2020-02-28 Blockchain-based secure email system
US17/432,040 US20220198049A1 (en) 2019-03-01 2020-02-28 Blockchain-Based Secure Email System
EP20765968.1A EP3932021A4 (en) 2019-03-01 2020-02-28 Blockchain-based secure email system
IL285952A IL285952A (en) 2019-03-01 2021-08-30 Blockchain-based secure email system

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US201962812615P 2019-03-01 2019-03-01
US62/812,615 2019-03-01

Publications (1)

Publication Number Publication Date
WO2020176975A1 true WO2020176975A1 (en) 2020-09-10

Family

ID=72338133

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CA2020/050267 Ceased WO2020176975A1 (en) 2019-03-01 2020-02-28 Blockchain-based secure email system

Country Status (8)

Country Link
US (1) US20220198049A1 (en)
EP (1) EP3932021A4 (en)
JP (1) JP2022522788A (en)
KR (1) KR20210137073A (en)
CN (1) CN113508563A (en)
CA (1) CA3130464A1 (en)
IL (1) IL285952A (en)
WO (1) WO2020176975A1 (en)

Cited By (11)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112235110A (en) * 2020-12-14 2021-01-15 支付宝(杭州)信息技术有限公司 Cross-chain service processing method and device of block chain and electronic equipment
CN112261015A (en) * 2020-10-12 2021-01-22 北京沃东天骏信息技术有限公司 Block chain based information sharing method, platform, system and electronic equipment
CN112272156A (en) * 2020-09-15 2021-01-26 山东鲁能软件技术有限公司 E-mail receiving and sending system based on block chain
CN112272155A (en) * 2020-09-15 2021-01-26 山东鲁能软件技术有限公司 E-mail receiving and sending method based on block chain
CN112733207A (en) * 2021-04-02 2021-04-30 国网电子商务有限公司 Data processing method, device and system based on block chain
CN113326541A (en) * 2021-08-03 2021-08-31 之江实验室 Cloud edge collaborative multi-mode private data transfer method based on intelligent contract
US20210284196A1 (en) * 2020-03-16 2021-09-16 Uatc, Llc Systems and Methods for Servicing Vehicle Messages
CN113946857A (en) * 2021-12-20 2022-01-18 太极计算机股份有限公司 Distributed cross-link scheduling method and device based on data routing
EP3996328A1 (en) * 2020-11-09 2022-05-11 Mitel Networks (International) Limited Blockchain-driven certification of iterative electronic communications
CN114760543A (en) * 2022-06-15 2022-07-15 北京北投智慧城市科技有限公司 Block chain-based cross-network data exchange method and system
WO2024239368A1 (en) * 2023-05-25 2024-11-28 陈军 Blockchain mailbox registration method, system, payment device and storage medium

Families Citing this family (19)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US12500891B2 (en) 2021-10-21 2025-12-16 Artema Labs, Inc Systems and methods for protecting against token-based malicious scripts
CN114168997B (en) * 2021-11-24 2025-06-10 中国船舶集团有限公司第七一六研究所 A method and system for automatic data sharing based on blockchain
CN114513482B (en) * 2022-01-11 2024-03-22 德明尚品科技集团有限公司 Email management method and system based on block chain
US12184604B2 (en) 2022-04-13 2024-12-31 Unstoppable Domains, Inc. Domain name registration based on verification of entities of reserved names
US12254464B2 (en) 2022-05-05 2025-03-18 Unstoppable Domains, Inc. Controlling publishing of assets on a blockchain
US12602512B2 (en) 2022-06-24 2026-04-14 Unstoppable Domains, Inc. Data resolution using user domain names
CN115150360B (en) * 2022-06-28 2023-12-19 北京送好运信息技术有限公司 A method of binding email addresses and blockchain addresses based on blockchain technology
US12256028B2 (en) 2022-06-28 2025-03-18 Unstoppable Domains, Inc. Cross chain access granting to applications
US20240007311A1 (en) * 2022-07-01 2024-01-04 Yahoo Assets Llc System and method for decentralized secure communications
CN115052010A (en) * 2022-07-19 2022-09-13 北京微芯感知科技有限公司 Method and system for managing electronic certificate based on distributed storage
US12464072B2 (en) 2022-08-12 2025-11-04 Unstoppable Domains, Inc. Securely controlling communication sessions using user domain
CN116074115B (en) * 2023-03-06 2023-06-23 广州市悦智计算机有限公司 Method for realizing cross-chain encryption session based on intelligent contract
US12309111B2 (en) * 2023-03-16 2025-05-20 Unstoppable Domains, Inc. Controlling communications based on control policies with blockchain associated rules and blockchain authorization
WO2025015369A1 (en) * 2023-07-14 2025-01-23 GoLogic Group Pty Ltd Communications system and method
US20250028790A1 (en) * 2023-07-18 2025-01-23 Artema Labs, Inc Systems and Methods for Token Use and Protection Using Blockchain
US12561681B2 (en) 2023-10-30 2026-02-24 Unstoppable Domains, Inc. Acquisition of digital assets on a blockchain using off-chain valuation and authorization
US12574249B2 (en) 2023-11-16 2026-03-10 Unstoppable Domains, Inc. Off-chain domain name record resolution based on blockchain assets
US20250219842A1 (en) * 2024-01-02 2025-07-03 Mitel Networks Corporation Cryptographic trust system for electronic communications integrity using tuple spaces and messaging user agents
JP7652466B1 (en) 2024-03-11 2025-03-27 国立大学法人佐賀大学 Information and communication device and information and communication program

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106790234A (en) * 2017-01-18 2017-05-31 维沃移动通信有限公司 A mail sending method, receiving method, first terminal and second terminal
CN108259169A (en) 2018-01-09 2018-07-06 北京大学深圳研究生院 A kind of file security sharing method and system based on block chain cloud storage
US10122661B2 (en) * 2016-06-10 2018-11-06 Salesforce.Com, Inc. Messaging systems and methods that employ a blockchain to ensure integrity of message delivery
US20190065764A1 (en) 2017-08-31 2019-02-28 Gavin Wood Secret Data Access Control Systems and Methods

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
AU2002256965A1 (en) * 2002-05-06 2003-12-02 Rhandeev Singh A method of processing electronic mail

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US10122661B2 (en) * 2016-06-10 2018-11-06 Salesforce.Com, Inc. Messaging systems and methods that employ a blockchain to ensure integrity of message delivery
CN106790234A (en) * 2017-01-18 2017-05-31 维沃移动通信有限公司 A mail sending method, receiving method, first terminal and second terminal
US20190065764A1 (en) 2017-08-31 2019-02-28 Gavin Wood Secret Data Access Control Systems and Methods
CN108259169A (en) 2018-01-09 2018-07-06 北京大学深圳研究生院 A kind of file security sharing method and system based on block chain cloud storage

Non-Patent Citations (4)

* Cited by examiner, † Cited by third party
Title
"A Solution for Secure Certified Electronic Mail Using Blockchain as a Secure Message Board", XP011715638
HINAREJOS ET AL.: "A Solution for Secure Certified Electronic Mail Using Blockchain as a Secure Message Board", IEEE ACCESS, vol. 7, 28 February 2019 (2019-02-28), pages 31330 - 31341, XP011715638, DOI: 10.1109/ACCESS.2019.2902174 *
MENEGAY ET AL.: "Secure Communications Using Blockchain Technology", 29 October 2018 (2018-10-29), Los Angeles , CA, pages 599 - 604, XP033489349 *
See also references of EP3932021A4

Cited By (18)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US11993285B2 (en) * 2020-03-16 2024-05-28 Uatc, Llc Systems and methods for servicing vehicle messages
US20210284196A1 (en) * 2020-03-16 2021-09-16 Uatc, Llc Systems and Methods for Servicing Vehicle Messages
CN112272156A (en) * 2020-09-15 2021-01-26 山东鲁能软件技术有限公司 E-mail receiving and sending system based on block chain
CN112272155A (en) * 2020-09-15 2021-01-26 山东鲁能软件技术有限公司 E-mail receiving and sending method based on block chain
CN112261015B (en) * 2020-10-12 2023-05-12 北京沃东天骏信息技术有限公司 Block chain-based information sharing method, platform, system and electronic equipment
CN112261015A (en) * 2020-10-12 2021-01-22 北京沃东天骏信息技术有限公司 Block chain based information sharing method, platform, system and electronic equipment
US11870747B2 (en) 2020-11-09 2024-01-09 Mitel Networks Corporation Blockchain-driven certification of iterative electronic communications
EP3996328A1 (en) * 2020-11-09 2022-05-11 Mitel Networks (International) Limited Blockchain-driven certification of iterative electronic communications
US20220150202A1 (en) * 2020-11-09 2022-05-12 Mitel Networks (International) Limited Blockchain-driven certification of iterative electronic communications
CN112235110A (en) * 2020-12-14 2021-01-15 支付宝(杭州)信息技术有限公司 Cross-chain service processing method and device of block chain and electronic equipment
CN112733207A (en) * 2021-04-02 2021-04-30 国网电子商务有限公司 Data processing method, device and system based on block chain
CN112733207B (en) * 2021-04-02 2021-07-13 国网电子商务有限公司 A method, device and system for data processing based on blockchain
CN113326541B (en) * 2021-08-03 2021-11-16 之江实验室 Cloud edge collaborative multi-mode private data transfer method based on intelligent contract
CN113326541A (en) * 2021-08-03 2021-08-31 之江实验室 Cloud edge collaborative multi-mode private data transfer method based on intelligent contract
CN113946857A (en) * 2021-12-20 2022-01-18 太极计算机股份有限公司 Distributed cross-link scheduling method and device based on data routing
CN114760543B (en) * 2022-06-15 2022-08-23 北京北投智慧城市科技有限公司 Block chain-based cross-network data exchange method and system
CN114760543A (en) * 2022-06-15 2022-07-15 北京北投智慧城市科技有限公司 Block chain-based cross-network data exchange method and system
WO2024239368A1 (en) * 2023-05-25 2024-11-28 陈军 Blockchain mailbox registration method, system, payment device and storage medium

Also Published As

Publication number Publication date
US20220198049A1 (en) 2022-06-23
CA3130464A1 (en) 2020-09-10
JP2022522788A (en) 2022-04-20
CN113508563A (en) 2021-10-15
IL285952A (en) 2021-10-31
EP3932021A4 (en) 2022-11-09
KR20210137073A (en) 2021-11-17
EP3932021A1 (en) 2022-01-05

Similar Documents

Publication Publication Date Title
US20220198049A1 (en) Blockchain-Based Secure Email System
US8732452B2 (en) Secure message delivery using a trust broker
US8266421B2 (en) Private electronic information exchange
US8837739B1 (en) Encryption messaging system
US9602473B2 (en) Secure message forwarding with sender controlled decryption
US20070174636A1 (en) Methods, systems, and apparatus for encrypting e-mail
US20100306537A1 (en) Secure messaging
JP2006520112A (en) Security key server, implementation of processes with non-repudiation and auditing
JP2002024147A (en) System and method for secure mail proxy and recording medium
JP2013529345A (en) System and method for securely using a messaging system
CN103428077B (en) A kind of method and system being safely receiving and sending mails
US20070255815A1 (en) Software, Systems, and Methods for Secure, Authenticated Data Exchange
US20130103944A1 (en) Hypertext Link Verification In Encrypted E-Mail For Mobile Devices
US10778658B1 (en) Communication server and method of secured transmission of messages
WO2017008449A1 (en) E-mail anti-phishing system and method
CN102055685A (en) Method for encrypting webmail information
Muftic et al. Business information exchange system with security, privacy, and anonymity
US20070288746A1 (en) Method of providing key containers
CA2793422C (en) Hypertext link verification in encrypted e-mail for mobile devices
US12432047B2 (en) Method to request sensitive data from a recipient and to establish a secure communication with the recipient
CN102510431B (en) Method, system, device and user terminal for obtaining remote resource
Rachad et al. Sending and receiving secure email based on blockchain
JP6167598B2 (en) Information processing apparatus, information processing method, and computer program
EP4675974A1 (en) Method for establishing a secure e-mail communication channel, data processing system, computer program, and computer-readable medium
KR20080091750A (en) Receiver half mail security system and method

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 20765968

Country of ref document: EP

Kind code of ref document: A1

ENP Entry into the national phase

Ref document number: 3130464

Country of ref document: CA

WWE Wipo information: entry into national phase

Ref document number: 285952

Country of ref document: IL

ENP Entry into the national phase

Ref document number: 2021551808

Country of ref document: JP

Kind code of ref document: A

NENP Non-entry into the national phase

Ref country code: DE

ENP Entry into the national phase

Ref document number: 20217031107

Country of ref document: KR

Kind code of ref document: A

WWE Wipo information: entry into national phase

Ref document number: 2020765968

Country of ref document: EP