r e reliable email
play

R E : Reliable Email Michael Kaminsky (Intel Research Pittsburgh) - PowerPoint PPT Presentation

May 26, 2023 •20 likes •530 views

R E : Reliable Email Michael Kaminsky (Intel Research Pittsburgh) Scott Garriss (CMU) Michael Freedman (NYU/Stanford) Brad Karp (University College London) David Mazires (Stanford) Haifeng Yu (Intel Research Pittsburgh/CMU) Motivation

  1. R E : Reliable Email Michael Kaminsky (Intel Research Pittsburgh) Scott Garriss (CMU) Michael Freedman (NYU/Stanford) Brad Karp (University College London) David Mazières (Stanford) Haifeng Yu (Intel Research Pittsburgh/CMU)

  2. Motivation • Spam is a huge problem today – More than 50% of email traffic is spam. – Large investment by users/IT organizations ($2.3b in 2003 on increased server capacity) • But, more importantly…

  3. Email is no longer reliable • Users can't say what they want any more – Ex: Intel job offer goes to spam folder – Ex: Discussion about spam filtering Goal: Improve email's reliability

  4. Outline • Background / Related Work • Design – Social networks and Attestations – Preserving Privacy • Re: in Practice • Evaluation • Implementation • Conclusion

  5. Basic Terminology • False Positives (FP) – Legitimate email marked as spam – Can lose important mail – Email less reliable • False Negatives (FN) – Spam marked as legitimate email – Annoying and/or offensive

  6. A Typical Spam Defense System Accept Incoming Mail Whitelist Rejection Inbox System System Default Default Path Path Reject Spam

  7. Related Work • People use a variety of techniques – Content filters (SpamAssassin, Bayesian) – Payment/proof-of-work schemes – Sender verification Idea: Whitelist friends of friends – Blacklists – Human-based (collaborative) filtering – Whitelists Re: is complementary to existing systems.

  8. Traditional Whitelist Systems Alice Bob From: Charlie Traditional WLs suffer from two problems: 1) Spammers can forge sender addresses

  9. Traditional Whitelist Systems Whitelist Use anti-forgery mechanism to handle � Debby Alice Bob From: Alice (1), similar to existing techniques. � Tom Handle (2) with social networks Traditional WLs suffer from two problems: 1) Spammers can forge sender addresses 2) Whitelists don’t help with strangers

  10. Approach: Use Social Networks Bob (B) Accept! Attestation : B A A is a friend of B trust B trusts A not to Alice (A) send him spam • Bob whitelists people he trusts • Bob signs attestation B A – No one can forge attestations from Bob – Bob can share his attestations

  11. Approach: Use Social Networks Bob (B) Accept? FoF trust relationship trust trust Charlie (C) Alice (A) • What if sender & recipient are not friends? – Note that B A and A C – B trusts C because he's a friend-of-friend (FoF)

  12. Find FoFs: Attestation Servers Note: no changes to SMTP, incremental Charlie (C) deployment Bob (B) A C Charlie’s Recipient (Bob) queries sender’s Attestation attestation server for mutual friends… Server (AS) Sharing attestations reveals Sharing attestations reveals your correspondents! your correspondents!

  13. Privacy Goals Charlie (C) Bob (B) XX X B’s list of friends Charlie’s AS FoF Query C’s list of friends Debby • Email recipients never reveal their friends • Email senders only reveal specific friends queried for by recipients • Only users who have actually received mail from the sender can query the sender for attestations

  14. Outline • Background / Related Work • Design – Social networks and Attestations – Preserving Privacy • Re: in Practice • Evaluation • Implementation • Conclusion

  15. Cryptographic Private Matching Sender (S)’s AS Recipient (R) encrypted friends friends friends A S A R A PM PM Evaluate Encrypt C S B R B D S C R C E S A S A S encrypted C S mutual C S PM mutual friends Decrypt ? friends ? ? ?

  16. PM Details • First implementation & use of PM protocol • Based on our previous work [Freedman04] • Attestations encoded in encrypted polynomial • Uses Homomorphic Encryption – Ex: Paillier, ElGamal variant – enc(m1+m2) = enc(m1) � enc(m2) – enc(c � m1) = enc(m1) c

  17. Restricting FoF Queries Signed authentication token Sender (S) Recipient (R) • Sender can use token to restrict FoF query – Users have a public/secret key pair

  18. Restricting FoF Queries Sender (S) Recipient (R) Sender’s FoF Query Attestation Server (AS) • Sender can use token to restrict FoF query – Users have a public/secret key pair • Recipient can use token to detect forgery

  19. Outline • Background / Related Work • Design – Social networks and Attestations – Preserving Privacy • Re: in Practice • Evaluation • Implementation • Conclusion

  20. Scenario 1: Valid Mail Rejected Alice Bob “mortgage... Mail Mail Client Server Spam Assassin

  21. Scenario 2: Direct Acceptance Alice Bob Bob’s Friends “mortgage... Mail Mail � Alice Hit! Client Server � Tom auth. token Attestation Re: Server Token OK Spam Assassin

  22. Scenario 3: FoF Acceptance Charlie Bob Bob’s Friends Mail Mail “mortgage... � Alice Client Server � Tom auth. token & FoF query Attestation Re: No Direct Server token OK & Hit E(?) Mutual friend: E(Alice) Alice Charlie is a friend of Spam Assassin � John � Alice

  23. Outline • Background / Related Work • Design – Social networks and Attestations – Preserving Privacy • Re: in Practice • Evaluation • Implementation • Conclusion

  24. Evaluation • How often do content filters produce false positives? • How many opportunities for FoF whitelisting beyond direct whitelisting? • Would Re: eliminate actual false positives?

  25. Trace Data • For each message: – Sender and recipient (anonymized) – Spam or not as assessed by content-based spam filter • Corporate trace – One month – 47 million messages total (58% spam)

  26. False Positive Data • Corporate mail server bounces spam • Bounce allows sender to report FP • Server admin validates reports and decides whether to whitelist sender • We have a list of ~300 whitelisted senders – 2837 messages in trace from these senders that were marked as spam by content filter – These are almost certainly false positives

  27. Opportunities for FoF Whitelisting • FoF relationships help most when receiving mail from strangers . • When user receives non-spam mail from a stranger, how often do they share a mutual correspondent? – 18% of mail from strangers – Only counts mutual correspondents in trace • Opportunity: when correspondents = friends

  28. Saved FPs: Ideal Experiment • Ideally: run Re: & content filter side-by-side – Measure how many FPs avoided by Re: List of whitelisted Re: messages Compare List of List of Content spam FPs Filter

  29. Saved FPs: Trace-Driven Experiment • We have an implementation, but unfortunately, no deployment yet • No social network data for traces – Infer friendship from previous non-spam messages • Recall that 2837 messages were from people who reported FPs • How many of these would Re: whitelist? Re: would have saved 87% of these FPs (71% direct, 16% FoF)

  30. Implementation • Prototype implementation in C++/libasync – Attestation Server – Private Matching (PM) implementation – Client & administrative utilities – 4500 LoC + XDR protocol description • Integration – Mutt and Thunderbird mail clients – Mail Avenger SMTP server – Postfix mail client

  31. Performance • Direct attestations are cheap • Friend-of-friend is somewhat slower – PM performance bottleneck is on sender’s AS • Ex: intersecting two 40-friend sets takes 2.8 sec versus 0.032 sec for the recipient – But… • Many messages accepted by direct attestation • Can be parallelized • Performance improvements possible

  32. Nuances • Audit Trails – Recipients always know why they accepted a message (e.g., the mutual friend) • Mailing Lists – Attest to list – Rely on moderator to eliminate spam • Profiles – Senders use only a subset of possible attestations when answering FoF queries

  33. Conclusion • Email is no longer reliable because of FPs Idea: Whitelist friends of friends • Preserve privacy using PM protocol • Opportunity for FoF whitelisting • Re: could eliminate up to 87% of real FPs • Acceptable performance cost

  34. Backup Slides

  35. Coverage Tradeoff • Trusting a central authority can get you more coverage (DQE) – Ex: random grad student Trusted Central Authority

  36. Coverage Tradeoff • Social relationships can help avoid the need to trust a central authority (Re:) – Ex: friends, colleagues

  37. Forgery Protection Signed authentication token Sender (S) Recipient (R) { Sender , Recipient , Timestamp , MessageID } SK(Sender) • Users have a public/secret key pair • Sender attaches a signed authentication token to each outgoing email message

  38. Forgery Protection Sender (S) Recipient (R) Sender’s Authentication token check Attestation Server (AS) • Recipient asks sender's AS to verify token – Assume: man-in-the-middle attack is difficult – Advantage: Don't need key distribution/PKI • Sender can use token to restrict FoF query

  39. Revocation • What if A’s key is lost or compromised? • Two things are signed – Authentication tokens – Attestations • Authentication tokens – User uploads new PK to AS – AS rejects tokens signed with the old key

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Reliable Power Reliable Markets AESO Rule Consultation Loss Factors Rule 9.2 and Appendix 7

Reliable Power Reliable Markets AESO Rule Consultation Loss Factors Rule 9.2 and Appendix 7

Reliable Power Reliable Markets AESO Rule Consultation Loss Factors Rule 9.2 and Appendix 7 Reliable People October 4, 2007 Delta Bow Valley, 08:00-11:00 Agenda 8:00-11:00 Introductions Short Overview Timeline Major Issues

399 views • 8 slides
Strong Privilege Management #MicroFocusCyberSummit What are the crown jewels for IT? Email

Strong Privilege Management #MicroFocusCyberSummit What are the crown jewels for IT? Email

Protecting the Crown Jewels through Strong Privilege Management #MicroFocusCyberSummit What are the crown jewels for IT? Email People Customer Data 3 How will you do it? 4 Role of IT in 2018 To securely build and deliver reliable,

242 views • 20 slides
Focus Area: Secure and Reliable Secure and Reliable Computing Base Presenter: Sean Smith,

Focus Area: Secure and Reliable Secure and Reliable Computing Base Presenter: Sean Smith,

Trustworthy Cyber Infrastructure for the Power Grid Presentations Focus Area: Secure and Reliable Secure and Reliable Computing Base Presenter: Sean Smith, Dartmouth College TCIP Industry Day October 17, 2007 University of Illinois

310 views • 16 slides
The Power of Dynamic Testing reliable reliable competent innovative innovative Center of

The Power of Dynamic Testing reliable reliable competent innovative innovative Center of

The Power of Dynamic Testing reliable reliable competent innovative innovative Center of Competence chassis connection connection technology Exhaust systems Internal bogie Stearing systems pressure springs connections bearings

546 views • 22 slides
Relief Email www.REIVault.com Email problem and solution EMAIL OVERLOAD Things falling

Relief Email www.REIVault.com Email problem and solution EMAIL OVERLOAD Things falling

Relief Email www.REIVault.com Email problem and solution EMAIL OVERLOAD Things falling through the cracks You cant use email effectively since its completely unusable for you (so you revert to text or other means of

885 views • 37 slides
ConvertKit Rockstars Week 1 What is email marketing? Email marketing is the act of sending a

ConvertKit Rockstars Week 1 What is email marketing? Email marketing is the act of sending a

ConvertKit Rockstars Week 1 What is email marketing? Email marketing is the act of sending a commercial message, typically to a group of people, using email. In its broadest sense, every email sent to a potential or current customer could be

278 views • 11 slides
1 rdt2.0: FSM specification rdt2.0: operation with no errors rdt_send(data) rdt_send(data)

1 rdt2.0: FSM specification rdt2.0: operation with no errors rdt_send(data) rdt_send(data)

Principles of Reliable data transfer important in app., transport, link layers top-10 list of important networking topics! Reliable Data Transfer characteristics of unreliable channel will determine complexity of reliable data transfer

229 views • 6 slides
Email Marketing Foundations for Success By Nicole Delma Email Marketing - Intro Email Marketing

Email Marketing Foundations for Success By Nicole Delma Email Marketing - Intro Email Marketing

Email Marketing Foundations for Success By Nicole Delma Email Marketing - Intro Email Marketing has been a remarkably powerful lever for marketers since the early days of batch and blast sends. Aware of its power to drive revenue and response,

248 views • 20 slides
Mailfence Reclaim your email privacy A SECURE AND PRIVATE EMAIL Mohammad Salman Nadeem

Mailfence Reclaim your email privacy A SECURE AND PRIVATE EMAIL Mohammad Salman Nadeem

Mailfence Reclaim your email privacy A SECURE AND PRIVATE EMAIL Mohammad Salman Nadeem Information security analyst Mailfence 31 March 2017 Why did email encryption never take off? Why email data needs to be protected? Email

362 views • 10 slides
Reliable Security Always Q3 2019 FINANCIAL RESULTS & COMMENTARY October 29, 2019 Reliable

Reliable Security Always Q3 2019 FINANCIAL RESULTS & COMMENTARY October 29, 2019 Reliable

Reliable Security Always Q3 2019 FINANCIAL RESULTS & COMMENTARY October 29, 2019 Reliable Security Always 1 | Page ATEN Q3 2019 Financial Results Conference Call Tuesday, October 29, 2019 CAUTIONARY STATEMENTS & DISCLOSURES

380 views • 27 slides
How to Identify a Phishing Email Brought to you by Information Security Services An email address

How to Identify a Phishing Email Brought to you by Information Security Services An email address

How to Identify a Phishing Email Brought to you by Information Security Services An email address that tries to disguise itself as legitimate A generic greeting An email that demands immediate action CWU warning message indicates the email

268 views • 8 slides
Email Features and Functions What we will cover What is Email What is Gmail Why do we

Email Features and Functions What we will cover What is Email What is Gmail Why do we

Email Features and Functions What we will cover What is Email What is Gmail Why do we have this new account Features of our accounts Hands on Tasks Why use Email? More productive: Comes with an address book, instant

397 views • 23 slides
Elements of Email Quick tips you can use right away to improve the essentials of your email

Elements of Email Quick tips you can use right away to improve the essentials of your email

Elements of Email Quick tips you can use right away to improve the essentials of your email marketing Hygiene Compliance Segmentation Elements of Email Design Content 2 Elements of Email Compliance 3 Risk Management How to navigate

1.43k views • 97 slides
The Reliable Bridge Q-Gate is a cost-efgective and very powerful Ethernet gateway which provides a

The Reliable Bridge Q-Gate is a cost-efgective and very powerful Ethernet gateway which provides a

The Reliable Bridge Q-Gate is a cost-efgective and very powerful Ethernet gateway which provides a fast and reliable connection between your home/offjce and your mobile phone, tablet or computer . 3 How It Works Q-Plug HOME MANAGER Your Device

381 views • 8 slides
Engaging Email Newsletters Strategy and Tactics Email is one of the biggest opportunities in the

Engaging Email Newsletters Strategy and Tactics Email is one of the biggest opportunities in the

Engaging Email Newsletters Strategy and Tactics Email is one of the biggest opportunities in the digital space and most people arent talking about it. Lets discuss... Why should I invest in email? How do I make emails that

517 views • 35 slides
Concurrency Bugs Ben Liblit with Guoliang Jin and Shan Lu We need reliable software Peoples

Concurrency Bugs Ben Liblit with Guoliang Jin and Shan Lu We need reliable software Peoples

Automated Repair of Concurrency Bugs Ben Liblit with Guoliang Jin and Shan Lu We need reliable software Peoples daily life now depends on reliable software Software companies spend lots of resources on debugging More than 50% effort

792 views • 55 slides
Join the conversation! Use our special hashtag, #G #GivingUSA2019 Sponsored by What is Giving USA

Join the conversation! Use our special hashtag, #G #GivingUSA2019 Sponsored by What is Giving USA

Join the conversation! Use our special hashtag, #G #GivingUSA2019 Sponsored by What is Giving USA ? The longest-running annual report on U.S. charitable giving Estimates for: Sources of giving Amounts received by type of

603 views • 23 slides
Hello and welcome to the Recordings at Risk Recipient Informational Webinar. Well start with

Hello and welcome to the Recordings at Risk Recipient Informational Webinar. Well start with

Hello and welcome to the Recordings at Risk Recipient Informational Webinar. Well start with introducing the staff on the call today: My name is Kristen Blair, Program at CLIR and Ill be moderating this webinar today. Im joined by our

663 views • 45 slides
Welcome to the Webinar! Human Genome Editing: Latest Developments and Advancements Thursday,

Welcome to the Webinar! Human Genome Editing: Latest Developments and Advancements Thursday,

Welcome to the Webinar! Human Genome Editing: Latest Developments and Advancements Thursday, February 22, 2018 at 10:30am PT/1:30pm ET Co-hosted by: The National Academy of Sciences (NAS) and the National Academy of Medicine (NAM) and

559 views • 30 slides
ATL in Mogamulizmab: a pan-T cell lymphoma drug Kunihiro Tsukasaki, M.D., Ph.D. Department of

ATL in Mogamulizmab: a pan-T cell lymphoma drug Kunihiro Tsukasaki, M.D., Ph.D. Department of

20152018. T-Cell Lymphomas; We are close to the finaliza?on Bologna Royal Hotel Carlton May 7-9, 2018 ATL in Mogamulizmab: a pan-T cell lymphoma drug Kunihiro Tsukasaki, M.D., Ph.D. Department of Hematology International Medical Center,

379 views • 22 slides
Nothings Finer Than a Compliant I-9er Logan C. Geen, Esq. Bond, Schoeneck & King, PLLC

Nothings Finer Than a Compliant I-9er Logan C. Geen, Esq. Bond, Schoeneck & King, PLLC

Nothings Finer Than a Compliant I-9er Logan C. Geen, Esq. Bond, Schoeneck & King, PLLC Agenda Background Joint Employment Review Risks Best Practices Enforcement Advice Next Steps Background Me: o Health care

650 views • 22 slides
Medicaid'Managed'Care'Enrollment'Process'Overview:' OASAS'Designated'Title'14'NYCRR'Part'820'

Medicaid'Managed'Care'Enrollment'Process'Overview:' OASAS'Designated'Title'14'NYCRR'Part'820'

Medicaid'Managed'Care'Enrollment'Process'Overview:' OASAS'Designated'Title'14'NYCRR'Part'820' Residential'Treatment'Programs May$11,$2018 May$11,$2018 2 OASAS$Title$14$NYCRR$Part$820$Residential$Treatment$ Programs.

290 views • 12 slides
TEACHERS PERSPECTIVE ON STUDENTS ASSESSMENT Carla Matoso Agrupamento de Escolas D. Dinis

TEACHERS PERSPECTIVE ON STUDENTS ASSESSMENT Carla Matoso Agrupamento de Escolas D. Dinis

UNIVERSIDADE DE LISBOA INSTITUTO DE EDUCAO BLACK TIDE - OIL IN THE WATER: A TEACHERS PERSPECTIVE ON STUDENTS ASSESSMENT Carla Matoso Agrupamento de Escolas D. Dinis Odivelas, Portugal SAILS Case Study Topic : Black tide oil in the

827 views • 20 slides
Remote Side-Channel Attacks on Anonymous Transactions In Zcash & Monero Florian Tramr and

Remote Side-Channel Attacks on Anonymous Transactions In Zcash & Monero Florian Tramr and

Remote Side-Channel Attacks on Anonymous Transactions In Zcash & Monero Florian Tramr and Dan Boneh and Kenny Paterson USENIX Security Symposium Meet Alice the Anonymous Activist Blogger PK A anonymous 2 Alices Lack of Privacy Send

395 views • 21 slides

More recommend