Fast correlation attacks on certain stream ciphers
Journal of Cryptology
Security-control methods for statistical databases: a comparative study
ACM Computing Surveys (CSUR)
Equivalence-preserving first-order unfold/fold transformation systems
Theoretical Computer Science - Selected papers of the Second International Conference on algebraic and logic programming, Nancy, France, October 1–3, 1990
Information leakage of boolean functions and its relationship to other cryptographic criteria
CCS '94 Proceedings of the 2nd ACM Conference on Computer and communications security
Complexity and expressive power of logic programming
ACM Computing Surveys (CSUR)
The predicate elimination strategy in theorem proving
STOC '70 Proceedings of the second annual ACM symposium on Theory of computing
A Theory of Dictionary Attacks and its Complexity
CSFW '04 Proceedings of the 17th IEEE workshop on Computer Security Foundations
Email feedback: a policy-based approach to overcoming false positives
Proceedings of the 2005 ACM workshop on Formal methods in security engineering
BPEL orchestration of secure webmail
Proceedings of the 3rd ACM workshop on Secure web services
Hi-index | 0.00 |
In this paper we identify an undesirable side-effect of combining different email-control mechanisms for protection from unwanted messages, namely, leakage of recipients' private information to message senders. The problem arises because some email-control mechanisms like bonds, graph-turing tests, etc., inherently leak information, and without discontinuing their use, leakage channels cannot be closed. We formalize the capabilities of an attacker and show how she can launch guessing attacks on recipient's mail acceptance policy that utilizes leaky mechanism in an effort to avoid unwanted mail. The attacker in our model guesses the contents of a recipient's private information. The recipients' use of leaky mechanisms allow the sender to verify her guess. We assume a constraint logic programming based policy language for specification and evaluation of mail acceptance criteria and present two different program transformations that can prevent guessing attacks while allowing recipients to utilize any email-control mechanism in their policies.