A Blockchain-based Approach with zk-SNARKs for Secure Email Applications

• Published in: International Journal of Networking and Computing Vol. 14; no. 2; pp. 225 - 247
• Main Authors: Rahayu, Maya, Ali, Md. Arshad, Kodera, Yuta, Huda, Samsul, Nogami, Yasuyuki, Hossain, Md. Biplob
• Format: Journal Article
• Language: English
• Published: IJNC Editorial Committee 2024
• Subjects: Blockchain; Email security; Pretty Good Privacy (PGP); zk-SNARKs
• ISSN: 2185-2839; 2185-2847; 2185-2847
• DOI: 10.15803/ijnc.14.2_225

Email serves as the primary mode of communication in today’s interconnected digital world, encompassing business, education, and interpersonal relationships. However, email’s reliance on shared media makes it susceptible to interception and misuse of confidential data. Pretty Good Privacy (PGP) protects the privacy of email contents to address this problem. While PGP offers encryption, its key sharing has weaknesses. Blockchain technology is characterized by its immutability feature. Once information is stored in the blockchain, altering it becomes extremely difficult. This characteristic serves as a valuable defense against weaknesses in the PGP key sharing system. Furthermore, the implementation of smart contracts eliminates the need for a Man-in-the-Middle when sharing keys, thereby improving the security of key sharing and fostering trust among individuals. Blockchain and smart contracts improve security, but privacy remains a concern. To further bolster privacy protection, in this paper we propose the integration of Zero-Knowledge Succinct Non-Interactive Argument of Knowledge (zk-SNARKs) and blockchain into PGP key sharing mechanism. zk-SNARKs enable efficient verification of encrypted data without revealing sensitive information, thus preventing exposure of user privacy. Additionally, we employ Elliptic Curve Cryptography (ECC) in order to guarantee the confidentiality of the PGP key. Through this holistic integration, the security of the PGP key is enhanced, ensuring both confidentiality and integrity while safeguarding user privacy. Furthermore, gas consumption and transaction costs were evaluated with and without zk-SNARKs. The results demonstrate that the proposed mechanism minimizes gas consumption and transaction costs.