Pretzel: Email encryption and provider-supplied functions are compatible

Trinabh Gupta, Henrique Fingler, Lorenzo Alvisi, Michael Walfish

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

Emails today are often encrypted, but only between mail servers- the vast majority of emails are exposed in plaintext to the mail servers that handle them. While better than no encryption, this arrangement leaves open the possibility of attacks, privacy violations, and other disclosures. Publicly, email providers have stated that default end-to-end encryption would conflict with essential functions (spam filtering, etc.), because the latter requires analyzing email text. The goal of this paper is to demonstrate that there is no conflict. We do so by designing, implementing, and evaluating Pretzel. Starting from a cryptographic protocol that enables two parties to jointly perform a classification task without revealing their inputs to each other, Pretzel refines and adapts this protocol to the email context. Our experimental evaluation of a prototype demonstrates that email can be encrypted end-to-end and providers can compute over it, at tolerable cost: clients must devote some storage and processing, and provider overhead is roughly 5× versus the status quo.

Original languageEnglish (US)
Title of host publicationSIGCOMM 2017 - Proceedings of the 2017 Conference of the ACM Special Interest Group on Data Communication
PublisherAssociation for Computing Machinery, Inc
Pages169-182
Number of pages14
ISBN (Electronic)9781450346535
DOIs
StatePublished - Aug 7 2017
Event2017 Conference of the ACM Special Interest Group on Data Communication, SIGCOMM 2017 - Los Angeles, United States
Duration: Aug 21 2017Aug 25 2017

Publication series

NameSIGCOMM 2017 - Proceedings of the 2017 Conference of the ACM Special Interest Group on Data Communication

Other

Other2017 Conference of the ACM Special Interest Group on Data Communication, SIGCOMM 2017
Country/TerritoryUnited States
CityLos Angeles
Period8/21/178/25/17

Keywords

  • Encrypted email
  • Linear classifiers
  • Secure two-party computation

ASJC Scopus subject areas

  • Computer Networks and Communications
  • Signal Processing
  • Electrical and Electronic Engineering
  • Communication

Fingerprint

Dive into the research topics of 'Pretzel: Email encryption and provider-supplied functions are compatible'. Together they form a unique fingerprint.

Cite this