End-to-end header protection in signed S/MIME

Authors:
Lijun Liao;Jörg Schwenk
Affiliations:
Horst-Görtz Institute of IT-Security, Ruhr-University Bochum, Germany;Horst-Görtz Institute of IT-Security, Ruhr-University Bochum, Germany
Venue:
OTM'07 Proceedings of the 2007 OTM confederated international conference on On the move to meaningful internet systems: CoopIS, DOA, ODBASE, GADA, and IS - Volume Part II
Year:
2007

Citing 0
Cited 1

A survey of emerging approaches to spam filtering

ACM Computing Surveys (CSUR)

Quantified Score

Hi-index	0.00

Visualization

Abstract

S/MIME has been widely used to provide the end-to-end authentication, integrity and non-repudiation. S/MIME has the significant drawback that headers are unauthentic. DKIM protects specified headers, but only between the sending server and the receiver. These lead to possible impersonation attacks and profiling of the email communication, and encourage spam and phishing activities. In this paper we propose an approach to extend S/MIME to support end-to-end integrity of email headers. This approach is fully compatible with S/MIME. Under some reasonable assumption our approach can help reduce spam efficiently.