Message athentication by integrity with public corroboration

Proceedings New Security Paradigms Workshop

Volumn 2006, Issue , 2006, Pages 57-63

  Van Oorschot, P C ^a  

^a CARLETON UNIVERSITY   (Canada)

Author keywords

Data origin authentication; Digital signatures; Email source authentication; Message authentication; Phishing; Security by integrity; Spam; Undetected key compromise

Indexed keywords

CRYPTOGRAPHY; DATA ACQUISITION; ELECTRONIC DOCUMENT IDENTIFICATION SYSTEMS; INFORMATION ANALYSIS; PROBLEM SOLVING;

DATA ORIGIN AUTHENTICATION; EMAIL SOURCE AUTHENTICATION; MESSAGE AUTHENTICATION; PHISHING; SECURITY BY INTEGRITY; SPAM; UNDETECTED KEY COMPROMISE;

SECURITY OF DATA;

EID: 33745603791     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: None     Document Type: Conference Paper

References (34)

1. E. Allman, J. Callas, M. Delany, M. Libbey, J. Fenton, M. Thomas, "DomainKeys Identified Mail (DKIM), Internet Draft (work in progress), draft-allman-dkim-base-00 (July 9, 2005).
2. B. Alpern, F. Schneider, "Key Exchange Using 'Keyless Cryptography' ", Information Processing Letters 16 (1983), 79-81.
3. S. Bellovin, "Spamming, Phishing, Authentication and Privacy", Inside Risks, C.ACM 47(12), Dec.2004.
4. M. Bishop, Computer Security: Art and Science, 2002, Addison-Wesley.
5. B. Blakley, G.R. Blakley, "All Sail, No Anchor II: Acceptable High-End PKI", International Journal of Information Security (2004) 2:66-77.
6. D. Boneh, M. Franklin, "Identity-Based Encryption from the Weil Pairing", SIAM Journal on Computing 32(3), 586-615, 2003.
7. D. Brumley, D. Boneh, "Remote timing attacks are practical", USENIX Security 2003.
8. F. Cohen, "Operating System Protection Through Program Evolution", Computers and Security 12(6), 1 Oct. 1993, pp. 565-584.
9. C. Collberg, C. Thomborson, D. Low, "A Taxonomy of Obfuscating Transformations", Tech. Rep. 148, Dept. Computer Science, Univ. of Auckland (July 1997).
10. M. Delany, "Domain-based Email Authentication Using Public-Keys Advertised in the DNS (DomainKeys)", Internet Draft (work in progress), draft-delany-domainkeys-base-03.txt (29 Sept. 2005). See also: http://en.wikipedia.org/wiki/Domain-keys.
11. Y. Desmedt, "Threshold Cryptography", Euro. Trans. Telecom. 5(4) 449-457, July-August 1994.
12. S. Forrest, A. Somayaji, D. H. Ackley, "Building Diverse Computer Systems", pp. 67-72, Proc. 6th Workshop on Hot Topics in Operating Systems, IEEE Computer Society Press, 1997.
13. A. Fritz, J.-F. Paris, "Maille Authentication: A Novel Protocol for Distributed Authentication", Proc. 19th IFIP Information Security Conference (SEC 2004), Toulouse, France, Aug. 2004.
14. J. von zur Gathen, "Friederich Johann Buck: Arithmetic Puzzles in Cryptography", Cryptologia, Oct. 2004.
15. S. Haber, W.S. Stornetta, "Secure Names for Bit-Strings", 4th ACM Conference on Computer and Communications Security (CCS'97), 1997.
16. M. Just, P. van Oorschot "Addressing the Problem of Undetected Signature Key Compromise", Proceedings of the Network and Distributed System Security Symposium, NDSS 1999, San Diego, California, The Internet Society 1999.
17. C. Kahn, "Tolerating Penetrations and Insider Attacks by Requiring Independent Corroboration", 1998 New Security Paradigms Workshop (NSPW'98).
18. (See also same author: "Using Independent Corroboration to Achieve Compromise Tolerance", 1998 Information Survivability Workhop (ISW) 1998.)
19. D. Kahn, The Codebreakers, MacMillan, 1967.
20. J. Klensin, "RFC 2821 - Simple Mail Transfer Protocol", IETF (Standards Track) Request for Comments, April 2001.
21. M. Lentczner, M. Wong, "Sender Policy Framework: Authorizing Use of Domains in MAIL FROM", Internet Draft (work in progress), draft-lentczner-spf-00 (Oct. 2004). See also: http://en.wikipedia.org/wiki/ Sender-Policy-Framework.
22. A.J. Menezes, P.C. van Oorschot, S.A. Vanstone, Handbook of Applied Cryptography, CRC Press, 1996. Online: http://www.cacr.math.uwaterloo.ca/hac/
23. R. Merkle, "Secure Communications over Insecure Channels", C. ACM21 (1978), 294-299.
24. R. Perlman, Network Layer Protocols with Byzantine Robustness, MIT LCS TR-429, Oct. 1988.
25. F. Petitcolas, R.J. Anderson, M.G. Kuhn, "Information Hiding - A Survey", Proc. of the IEEE (Special Issue on Protection of Multimedia Content), vol.87 no.7 (July 1999), pp.1062-1078.
26. M. Reiter, S. Stubblebine, "Toward acceptable metrics of authentication", 1997 IEEE Symposium on Security and Privacy.
27. M.K. Reiter, S.G. Stubblebine, "Path independence for authentication in large-scale systems", 4th ACM Conference on Computer and Communications Security (CCS'97), 1997.
28. P. Resnick, "RFC 2822 - Internet Message Format", IETF (Standards Track) Request for Comments 2822, April 2001.
29. T. Sander, C.F. Tschudin, "Protecting Mobile Agents Against Malicious Hosts", pp. 44-60, Mobile Agents and Security, Springer LNCS 1419 (1998).
30. A. Shamir, "Identity-based cryptosystems and signature schemes", Crypto'84 (LNCS 196), 47-53, 1985.
31. G. Simmons, "A survey of information authentication", G. Simmon (ed.), Contemporary Cryptography: The Science of Information Integrity, 379-419, IEEE Press, 1992.
32. R. Simon, M. Zurko, "Separation of Duty in Role-Based Environments", Proc. 1996 Computer Security Foundations Workshop.
33. Trusted Computing Group, http://www.trustedcomputinggroup.org/home.
34. M. Wong, W. Schlitt, "Sender Policy Framework (SPF) for Authorizing Use of Domains in E-MAIL, version 1", Internet Draft (work in progress), draft-schlitt-spf-classic-02 (June 6, 2005).