Research On Secure Mail Technology Based On Blockchain

As an indispensable communication tool in people's daily work and life,the security of email has been widely concerned.And phishing based horizontal network attack is the main mail attack method at present.Attackers use social worker method to steal or pretend to be an internal email account,and then use these accounts to send internal phishing emails to internal employees.Such mail has become an important means of APT attack,causing great harm.Traditional email security protocols and email detection technologies mainly deal with spam from external domains,and it is difficult to defend against such emails.Therefore,this article proposes a secure email architecture based on blockchain,mainly to make up for the shortcomings of traditional email security technologies in the face of such attacks and to enhance the security and credibility of emails.The main research work and results are as follows:(1)Analyze the current status of email security issues,and through the research on email security technology and blockchain technology,propose a blockchain-based security email architecture,named SMAB.It is mainly through email users uploading and querying related email certificates in the consortium chain built with ethereum.The digital signature based on the SM9 algorithm is used in the certificate to ensure the integrity and authenticity of the email content.Finally,the user reputation evaluation mechanism is used to improve the protection against malicious email authentication capability,using the immutability of data on the blockchain to enhance the traceability of mail.(2)A consensus algorithm oriented to the email security environment is proposed,which is mainly designed based on the PoA(Proof-of-authority)consensus algorithm.The secure mail gateway provider is used as the authoritative node,and the email user client is used as the ordinary node.The authoritative node verifies and packs the transaction proposed by the ordinary node.It conforms to the business logic of actual application scenarios,and solves the problems of large resource consumption and unstable block generation time faced by traditional consensus algorithms in email security application scenarios.(3)Complete the design and implementation of secure mail architecture based on blockchain,including smart contract design and functional logic of each application module.The function of the architecture is verified through experiments,the performance of the architecture is tested,the security of the architecture is analyzed,confirming the effectiveness of the architecture in defending against horizontal phishing email attacks.