Video Converter
Audio Converter
Image Converter
PDF Converter
File Compressor
lightweight authentication for email and web

Lightweight Authentication for Email (and Web?) Ben Adida - PowerPoint PPT Presentation

Sep 05, 2023 •124 likes •338 views

Lightweight Authentication for Email (and Web?) Ben Adida ben@mit.edu PAW/DIG Meeting June 30th, 2005 (joint work with Susan Hohenberger and Ronald L. Rivest) Distributed Phishing Friends and Colleagues Jakobsson & Young 2005

  1. Lightweight Authentication for Email (and Web?) Ben Adida ben@mit.edu PAW/DIG Meeting June 30th, 2005 (joint work with Susan Hohenberger and Ronald L. Rivest)

  8. Distributed Phishing • Friends and Colleagues • Jakobsson & Young 2005

  9. Review SMTP Today DNS foo.com 2 MX MX Record mail.foo.com wonderland.com mail.foo.com outgoing incoming 3 mail server mail server 4 1 Alice Bob

  10. Review No Proof of Origin phish.com ? wonderland.com mail.foo.com outgoing incoming mail server mail server Alice Bob

  11. Review ID-Based Crypto "bob@foo.com" keyserver MPK MSK PK bob SK bob Alice Bob

  12. New ID-based Domains MPK foo.com MPK wonderland . com wonderland.com foo.com keyserver keyserver MSK wonderland . com MSK foo.com SK bob @ foo . com SK alice @ wonderland . com Alice Bob

  13. DNS to distribute New Master Public Keys DNS wonderland.com MPK wonderland . com Publish foo.com MPK foo . com wonderland.com key server MSK wonderland . com [DomainKeys]

  14. Email-Based New Authentication SK alice @ wonderland . com wonderland.com wonderland.com keyserver incoming MSK wonderland . com mail server [Gar2003] Alice

  15. Tweaks & Optimizations • Key Revocation - expiration date in the ID string: “ ben@mit.edu - 2005-04-26” • Domain Policies immediate deletion of spoofed emails. • Alternate Keyserver bootstrap individual users. Different Trust.

  16. Repudiability Alice Bob Eve Repudiability is about Privacy

  17. Ad-Hoc Group Sigs From: Alice To: Bob Subject: Account Your monthly balance is available at: http://wonderbank.com Signed: Alice or Bob

  18. Hijacking Keys for AHGS I signed this message, OR I have your secret key - Signature or Encryption key - Factoring-, DL-, BM-based algorithms - All known keypairs work! [AHR2005]

  19. Putting it All Together [AHR2005] DNS wonderbank.com MPK bank 1 1 PUBLISH PUBLISH foo.com MPK foo wonderbank.com foo.com key server key server MPK foo 3 6 MPK bank SK A 2 4 "bob@foo.com" PK B 9 From: Alice To: Bob Subject: Account 7 "alice@wonderbank.com" Your monthly balance is available at: http://wonderbank.com Alice Bob Signed: Alice or Bob PK A Wonderbank.com foo.com 5 8 Network Network

  20. Web Authentication? Request for Resource Web Server Request for Authentication PK Alice Signature on Nonce, Repudiable Against PK

  21. Questions?

Recommend

Authentication and Data Integrity Authentication with Symmetric Key Encryption Authentication

Authentication and Data Integrity Authentication with Symmetric Key Encryption Authentication

Cryptography Authentication and Data Integrity Aims of Authentication Authentication and Data Integrity Authentication with Symmetric Key Encryption Authentication with Hash Cryptography Functions Authentication with MACs School of

1.66k views • 27 slides
Authentication and Data Integrity Authentication with Symmetric Key Encryption Authentication

Authentication and Data Integrity Authentication with Symmetric Key Encryption Authentication

Cryptography Authentication and Data Integrity Aims of Authentication Authentication and Data Integrity Authentication with Symmetric Key Encryption Authentication with Hash Cryptography Functions Authentication with MACs School of

619 views • 27 slides
HOST Authentication Overview ECE 525 Authentication Overview Authentication refers to the

HOST Authentication Overview ECE 525 Authentication Overview Authentication refers to the

HOST Authentication Overview ECE 525 Authentication Overview Authentication refers to the process of verifying the identity of the communicating principals to one another Usually sub-divided into Entity authentication Authentication

292 views • 10 slides
Web Authentication Thierry Sans Several Methods Local authentication with login and password

Web Authentication Thierry Sans Several Methods Local authentication with login and password

Web Authentication Thierry Sans Several Methods Local authentication with login and password Token-based authentication Third party authentication Local Authentication How to store and verify password? Clear Data can be hacked

621 views • 14 slides
The Authentication Jungle An overview of all sorts of authentication technologies Karol Babioch

The Authentication Jungle An overview of all sorts of authentication technologies Karol Babioch

The Authentication Jungle An overview of all sorts of authentication technologies Karol Babioch Security Engineer kbabioch@suse.de New authentication standards ... 2 Some authentication technologies ... 3 - Authentication theory -

1.28k views • 88 slides
Web Services Web Services Towards Web Services Towards Web Services Towards Web Services A

Web Services Web Services Towards Web Services Towards Web Services Towards Web Services A

Web Services Web Services Towards Web Services Towards Web Services Towards Web Services A long way to get here What is a Web Service? What is a Web Service? What is a Web Service? Web Services Web Services Software service :

553 views • 33 slides
Lightweight Cryptography and and RFID Security Svetla Nikova COSIC KUL COSIC, KULeuven and

Lightweight Cryptography and and RFID Security Svetla Nikova COSIC KUL COSIC, KULeuven and

Lightweight Cryptography and and RFID Security Svetla Nikova COSIC KUL COSIC, KULeuven and UTwente d UT t Overview Lightweight cryptography - state of the art Comparison Standard vs. Lightweight Comparison Standard vs. Lightweight

600 views • 39 slides
The lightweight beam for Heavyweight applications The impact of this lightweight beam concept

The lightweight beam for Heavyweight applications The impact of this lightweight beam concept

The lightweight beam for Heavyweight applications The impact of this lightweight beam concept will revolutionise the aviation industry Tony Zaccarini and Dr Patrick OBrien The lightweight beam for Heavyweight applications Patent Applied For

484 views • 12 slides
The lightweight beam for Heavyweight applications The impact of this lightweight steel beam will

The lightweight beam for Heavyweight applications The impact of this lightweight steel beam will

The lightweight beam for Heavyweight applications The impact of this lightweight steel beam will revolutionise the international high-rise construction industry Tony Zaccarini and Dr Patrick OBrien The lightweight beam for Heavyweight

419 views • 12 slides
Its time to Think Lightweight! www.thinklightweight.com TO D A Y S TO P IC S 1.

Its time to Think Lightweight! www.thinklightweight.com TO D A Y S TO P IC S 1.

Its time to Think Lightweight! www.thinklightweight.com TO D A Y S TO P IC S 1. About Think Lightweight 2. What are Lightweight Structures? 3. Industry Applications 4. Product Line Review 5. Think Lightweight Component

835 views • 43 slides
AUTHENTICATION AUTHENTICATION Authentication is the process by which you decide that someone is

AUTHENTICATION AUTHENTICATION Authentication is the process by which you decide that someone is

SECURITY TOPICS PART 2 AUTHENTICATION AUTHENTICATION Authentication is the process by which you decide that someone is who they say they are and therefore permitted to access the requested resources: getting entrance to a computer lab

839 views • 44 slides
THE STATE OF AUTHENTICATION Chad Spensky Allthenticate OUTLINE Who am I? Authentication

THE STATE OF AUTHENTICATION Chad Spensky Allthenticate OUTLINE Who am I? Authentication

THE STATE OF AUTHENTICATION Chad Spensky Allthenticate OUTLINE Who am I? Authentication overview Current state of Authentication The future of authentication MY JOURNEY 2012-2015 2004-2011 2015-Present 1998-2004 Staff at MIT

457 views • 34 slides
Authentication Most technical security safeguards have Authentication authentication as a

Authentication Most technical security safeguards have Authentication authentication as a

Authentication Most technical security safeguards have Authentication authentication as a precondition How to authenticate: Something you know Password, Secrets Something you have Smart Card, Token Something you are Biometrie

608 views • 4 slides
References Message Authentication Codes (MACs) Message Authentication Codes (MACs), Chapter

References Message Authentication Codes (MACs) Message Authentication Codes (MACs), Chapter

Message Authentication Codes (MACs) Message Authentication Codes (MACs) References Message Authentication Codes (MACs) Message Authentication Codes (MACs), Chapter 12 of Understanding Cryptography by Paar & Pelzl Jim Royer Message

225 views • 3 slides
Outline Introduction Authentication Basic authentication mechanisms CS 239

Outline Introduction Authentication Basic authentication mechanisms CS 239

Outline Introduction Authentication Basic authentication mechanisms CS 239 Authentication on a single machine Computer Security Authentication across a network February 21, 2007 Lecture 9 Lecture 9 Page 1 Page 2 CS 236,

302 views • 8 slides
IT350 Web and Internet Programming SlideSet #18: HTTP Authentication

IT350 Web and Internet Programming SlideSet #18: HTTP Authentication

IT350 Web and Internet Programming SlideSet #18: HTTP Authentication http://www.httpwatch.com/httpgallery/authentication/ http://httpd.apache.org/docs/2.2/howto/auth.html Outline HTTP Basic Authentication HTTP Digest Authentication 1

350 views • 8 slides
App App App App App App App App App App App App App App App App App App App App App App

App App App App App App App App App App App App App App App App App App App App App App

App App App App App App App App App App App App App App App App App App App App App App App App App App App App App App App App App App App App App Making Data-Driven Porting Decisions with Tuscan Kareem Khazem Earl T. Barr

1.18k views • 103 slides
On The Use Of An Algebraic Language Interface For Waveform Definition Michael L Dickens and

On The Use Of An Algebraic Language Interface For Waveform Definition Michael L Dickens and

On The Use Of An Algebraic Language Interface For Waveform Definition Michael L Dickens and J Nicholas Laneman WINNF11US 2011-Dec-02 Thursday, November 17, 2011 Overview ! Blocks versus Buffers ! Problem ! Saline Implementation !

476 views • 43 slides
B A C D B A The existential question Why OSGi? Hello World is not a

B A C D B A The existential question Why OSGi? Hello World is not a

OSGi enRoute An Development Chain for OSGi B A C D B A The existential question Why OSGi? Hello World is not a benchmark Dev Chain Language Small versus Large dynamic Java & languages OSGi cost of change

880 views • 71 slides
Resumable Java Bytecode Process Mobility for the JVM Jan Pedersen and Brian Kauke Overview The

Resumable Java Bytecode Process Mobility for the JVM Jan Pedersen and Brian Kauke Overview The

Resumable Java Bytecode Process Mobility for the JVM Jan Pedersen and Brian Kauke Overview The ProcessJ language Transparent process mobility Implementing mobility in the Java/JCSP translation Intro to ProcessJ ProcessJ is a new

287 views • 25 slides
GNU Emacs A guide to packaging add-ons Presented by Arun S.A.G Package maintainer, Fedora

GNU Emacs A guide to packaging add-ons Presented by Arun S.A.G Package maintainer, Fedora

GNU Emacs A guide to packaging add-ons Presented by Arun S.A.G Package maintainer, Fedora project. GNU Free documentation License Emacs I am not going to lie, Emacs sucks! Some of us tolerate it, but i can't tell you if YOU'LL be able to.

688 views • 21 slides
Templates and Namespaces Visual Computing in OpenCV: Seminar 1 Hannes Ovrn Department of

Templates and Namespaces Visual Computing in OpenCV: Seminar 1 Hannes Ovrn Department of

Templates and Namespaces Visual Computing in OpenCV: Seminar 1 Hannes Ovrn Department of Electrical Engineering Computer Vision Laboratory Linkping University August 23, 2012 Outline 1. Namespaces Introduction Namespaces in your

353 views • 16 slides
Stefan Plantikow, Neo4j 2017 Stefan Plantikow, Neo4j 2 2017 Stefan Plantikow, Neo4j

Stefan Plantikow, Neo4j 2017 Stefan Plantikow, Neo4j 2 2017 Stefan Plantikow, Neo4j

Stefan Plantikow, Neo4j 2017 Stefan Plantikow, Neo4j 2 2017 Stefan Plantikow, Neo4j 2017 Stefan Plantikow, Neo4j 4 2017 Stefan Plantikow, Neo4j 5

917 views • 49 slides
HIGH SCHOOL MEDIA. VERSION 10.0 The student newspaper has long been a cherished tradition at

HIGH SCHOOL MEDIA. VERSION 10.0 The student newspaper has long been a cherished tradition at

HIGH SCHOOL DIGITAL NETWORK HIGH SCHOOL MEDIA. VERSION 10.0 The student newspaper has long been a cherished tradition at many of the nations top high schools, one that allowed students to take initiative and hone their writing skills

438 views • 10 slides

More recommend

Explore More Topics

Stay informed with curated content and fresh updates.

animals pets art culture automotive transportation business finance computer internet construction architecture education-career electronics communication

Logo Sambuz

Unleash a World of Digital Possibilities—Browse, Share, and Explore Content Without Boundaries

Useful Links

About Us Privacy Services FAQ's Contact

Newsletter

Stay Informed & Inspired—Subscribe for the Latest Updates, Tips, and Exclusive Content Directly to Your Inbox.

Mail Us

mail@sambuz.com

2026 SAMBUZ, All right reserved.