Lightweight Authentication for Email (and Web?) Ben Adida - - PowerPoint PPT Presentation

▶

Sep 05, 2023 124 likes •339 views

Lightweight Authentication for Email (and Web?) Ben Adida ben@mit.edu PAW/DIG Meeting June 30th, 2005 (joint work with Susan Hohenberger and Ronald L. Rivest) Distributed Phishing Friends and Colleagues Jakobsson & Young 2005

SLIDE 1

Lightweight Authentication for Email (and Web?)

Ben Adida

ben@mit.edu

PAW/DIG Meeting June 30th, 2005

(joint work with Susan Hohenberger and Ronald L. Rivest)

SLIDE 2

SLIDE 3

SLIDE 4

SLIDE 5

SLIDE 6

SLIDE 7

SLIDE 8

Distributed Phishing

Friends and Colleagues
Jakobsson &

Young 2005

SLIDE 9

DNS

foo.com MX Record mail.foo.com Alice Bob

wonderland.com

utgoing

mail server

mail.foo.com

incoming mail server MX

2 1 3 4

SMTP Today

Review

SLIDE 10

No Proof of Origin

Review

Alice Bob

wonderland.com

utgoing

mail server

mail.foo.com

incoming mail server

phish.com

?

SLIDE 11

ID-Based Crypto

Review

keyserver

Alice Bob

MSK MPK "bob@foo.com" PKbob SKbob

SLIDE 12

ID-based Domains

Bob Alice

New

SKalice@wonderland.com SKbob@foo.com MPKwonderland.com MPKfoo.com

wonderland.com

keyserver

MSKwonderland.com

foo.com

keyserver

MSKfoo.com

SLIDE 13

DNS to distribute Master Public Keys

New

wonderland.com key server

MSKwonderland.com DNS

wonderland.com foo.com

MPKwonderland.com MPKfoo.com

Publish

[DomainKeys]

SLIDE 14

Email-Based Authentication

[Gar2003] New

Alice

wonderland.com

incoming mail server

wonderland.com

keyserver

MSKwonderland.com SKalice@wonderland.com

SLIDE 15

Tweaks & Optimizations

Key Revocation - expiration date in the ID string:
Domain Policies

immediate deletion of spoofed emails.

Alternate Keyserver

bootstrap individual users. Different Trust.

“ben@mit.edu - 2005-04-26”

SLIDE 16

Repudiability

Bob Alice

Eve

Repudiability is about Privacy

SLIDE 17

Ad-Hoc Group Sigs

From: Alice To: Bob Subject: Account Your monthly balance is available at: http://wonderbank.com Signed:

Alice or Bob

SLIDE 18

Hijacking Keys for AHGS

I signed this message, OR I have your secret key

Signature or Encryption key
Factoring-, DL-, BM-based algorithms
All known keypairs work!

[AHR2005]

SLIDE 19

foo.com Network

foo.com

key server

Bob

Wonderbank.com Network

wonderbank.com

key server

Alice

Putting it All Together

MPKfoo

3 4

"bob@foo.com" PKB

SKA

From: Alice To: Bob Subject: Account Your monthly balance is available at: http://wonderbank.com Signed:

Alice or Bob

PUBLISH

DNS

wonderbank.com foo.com

MPKbank

PUBLISH

MPKfoo

1 1

MPKbank

6 7

"alice@wonderbank.com" PKA

[AHR2005]

SLIDE 20

Web Authentication?

Web Server PK

Alice Request for Authentication Request for Resource Signature on Nonce, Repudiable Against PK

SLIDE 21

Lightweight Authentication for Email (and Web?)

Ben Adida

Distributed Phishing

Young 2005

SMTP Today

Review

No Proof of Origin

Review

?

ID-Based Crypto

Review

ID-based Domains

New

DNS to distribute Master Public Keys

New

[DomainKeys]

Email-Based Authentication

[Gar2003] New

Tweaks & Optimizations

immediate deletion of spoofed emails.

bootstrap individual users. Different Trust.

“ben@mit.edu - 2005-04-26”

Repudiability

Repudiability is about Privacy

Ad-Hoc Group Sigs

Hijacking Keys for AHGS

I signed this message, OR I have your secret key

[AHR2005]

Putting it All Together

[AHR2005]

Web Authentication?

Questions?