Correcting Privacy Violations in Blind-Carbon-Copy (BCC) Encrypted Email

Full textClick to download.
Citation In submission.
AuthorsAdam Barth
Dan Boneh


We show that many widely deployed email encryption systems reveal the identities of Blind-Carbon-Copy (BCC) recipients. For example, encrypted email sent using Microsoft Outlook completely exposes the identity of every BCC recipient. Additionally, several implementations of PGP expose the full name and email address of BCC recipients. In this paper, we present a number of methods for providing BCC privacy while preserving the existing semantics of email. Our constructions use standard public key systems such as RSA and ElGamal and suggest that BCC privacy can be implemented efficiently without changing the underlying broadcast semantics of the email system.

Back to publications
Back to previous page