Joshua Lowe and Faculty Mentor: Kent Seamons, Computer Science
While working on my undergraduate degree, I developed an interest for computer security and started working in the Internet Security Research Lab on campus. A PhD student who I had worked with before previously, had proposed a webmail system called MessageGuard as an ubiquitous web encryption extension. The idea behind the system is to be fully open sourced, very easy to use, and extremely secure. Not only was I able to help work on several aspects of this project with PHD, Master’s, and undergraduate students alike, but I was able to put in practice what I was learning in my classes. It was a very beneficial experience for me and hopefully will be beneficial to the world of computer security.
Most of the user interface was completed but the actual security hadn’t been implemented. First I had to bug test and fix the issues with the user interface before getting started. Then we had to decide on the encryption method, library, and develop them to make custom encrypted packages. I decided to implement the Stanford Javascript Crypto Library. It’s noticeable faster than other implementations and also open source. Simply put, we encrypt the data with a randomly generated key or a password. Then the user can decide what kind of encryption they want to use, and we encrypt the password with that method. I had to work on the key generation system with another undergraduate because of how large it is.
The Internet Security Research Lab plans on running tests on the system in early January so unfortunately the results won’t be available by the time this paper is due. We also plan on pushing the system out to several higher level security classes to help promote adoption.