An Improved E-Mail Security Protocol

B. Schneier & C. Hall

Current e-mail security systems base their security on the secrecy of the long-term private key. If this private key is ever compromised, an attacker can decrypt any messages---past, present, or future---encrypted with the corresponding public key. The system described in this paper uses short term private-key/public-key key pairs to reduce the magnitude of this vulnerability.