Peer-to-peer Sender Authentication for Email Vivek Pathak and Liviu - - PowerPoint PPT Presentation

peer to peer sender authentication for email
SMART_READER_LITE
LIVE PREVIEW

Peer-to-peer Sender Authentication for Email Vivek Pathak and Liviu - - PowerPoint PPT Presentation

Jan 11, 2024 446 likes •1.02k views

Peer-to-peer Sender Authentication for Email Vivek Pathak and Liviu Iftode Rutgers University Email Trustworthiness Sender can be spoofed Need for Sender Authentication Importance depends on sender Update on Spam Filters

slide-1
SLIDE 1

Peer-to-peer Sender Authentication for Email

Vivek Pathak and Liviu Iftode Rutgers University

slide-2
SLIDE 2

Email Trustworthiness

 Sender can be

spoofed

slide-3
SLIDE 3

Need for Sender Authentication

 Importance

depends on sender

slide-4
SLIDE 4

Update on Spam Filters

 Circumvention of

content based spam classification

 False positives

slide-5
SLIDE 5

End-to-end Issues

 Can the mail server decide

importance for the receiver?

slide-6
SLIDE 6

Characteristics of Email

 Social networks of collaborating

users

 Limited trust infrastructure

 Usability expectation

 Automatic authentication

 Asynchronous

 Delayed authentication is better than

none

slide-7
SLIDE 7

Outline

 Byzantine fault tolerant public key

authentication

 Basis of sender authentication for email

 Application to Email

 Thunderbird sender authentication plugin

 Usability

 Micro-benchmark  Simulation on University and Industry mail

trace

slide-8
SLIDE 8

Public-key Authentication Model

 Mutually authenticating peers

 Associate network end-point to

public key

 Asynchronous network

 No partitioning  Eventual delivery after

retransmissions

 Disjoint message transmission

paths

 Man-in-the-middle attack on Ø

fraction of peers

slide-9
SLIDE 9

Attack Model

 Malicious peers

 Honest majority  At most t of the n peers are faulty or

malicious peers where t = 1-6Ø/3 n

 Passive adversaries  Active adversaries

 Relax network-is-the-adversary model

 Unlimited spoofing  Limited power to prevent message delivery

slide-10
SLIDE 10

Authentication Sketch

 Challenge-response protocol

 No active attacks

 Man in the middle attack

 Limited number of attacks

 Proof of possession of Ka

{b,a,Challenge,Ka(Nb)}b , {a,b,Response, Nb}a B A KA KA(NB) NB

slide-11
SLIDE 11

Authentication Sketch

 Distributed Authentication

 Challenge response from multiple peers  Gather proofs of possession

 Lack of consensus on authenticity

 Malicious peers  Man-in-the-middle attack

 Detect and correct through Byzantine agreement

  • n authenticity of KA

C A D B F E

slide-12
SLIDE 12

Scalability of Authentication

 Authentication cost and group size

 Scale to large peer-to-peer network

 Operate on local trusted group

 Tolerate bad group selection

 Periodic recycling of group members  Eventual authentication

 Operate through epidemic algorithm

 Eliminate direct connectivity requirement  Improve messaging cost

slide-13
SLIDE 13

Outline

 Byzantine fault tolerant public key

authentication

 Basis of sender authentication for email

 Application to Email

 Thunderbird sender authentication plugin

 Usability

 Micro-benchmark  Simulation on University and Industry mail

trace

slide-14
SLIDE 14

Sender Authentication Design

 Backward Compatibility

 SMTP ignores user defined fields  Operate as an overlay on SMTP

slide-15
SLIDE 15

Overlay Limits

 Size limit 32Kb

  • n SMTP header

 High

compression for XML format protocol messages

 300 message

limit

slide-16
SLIDE 16

Authentication Load

 About 20% emails are to new peers

slide-17
SLIDE 17

Trusted Group Size

 Authentication messages per email

 System limitation 300

 Peers to authenticate per email

 Mailbox observation 1/5

 Quota of 1500 messages per peer

 Protocol messaging cost analysis  Trusted group size limit 75

slide-18
SLIDE 18

Sender Authentication Plugin

 Thunderbird mail client

 XPCOM layer

 Implements Public-key authentication

 Javascript layer

 Transfer protocol messages to and from

SMTP extension fields

slide-19
SLIDE 19

Sender Authentication Plugin

Scripted Extension Access

Shared Object

Byzantine Fault Tolerant Authentication Library Authentication Adapter XPCOM

nsISupports Authentication Data Events

Thunderbird Mail Client User Interface

Authentication Interface

slide-20
SLIDE 20

Bootstrapping Trusted Group

 University mail trace shows Receiving

bias

slide-21
SLIDE 21

Bootstrapping Trusted Group

 Required for

automatic

  • peration

 Select trusted

group

 Two-way  Outgoing

 Selected 53 peers

with 10 or more trusted peers using Two-way rule

slide-22
SLIDE 22

Implementation Status

 Email application

 Automatic sender authentication  Overlay authentication protocol on

SMTP

 Available as Thunderbird extension

module

 Tested on 32bit and 64bit Linux  http://discolab.rutgers.edu/sam

slide-23
SLIDE 23

Implementation Screenshot

slide-24
SLIDE 24

Outline

 Byzantine fault tolerant public key

authentication

 Basis of sender authentication for email

 Application to Email

 Thunderbird sender authentication plugin

 Usability

 Micro-benchmark  Simulation on University and Industry mail

trace

slide-25
SLIDE 25

Micro-benchmarks

 Record the processing time

  • verhead

 Average over multiple messages

 Operational parameters

 Public key length  Trusted group size

slide-26
SLIDE 26

Overhead with Trusted Group Size

 Increasing on Sender

 Serialization and compression of larger

messages

slide-27
SLIDE 27

Overhead with Key Length

 Increasing on receiver

 Digital signature verification  Responding to challenges

slide-28
SLIDE 28

Micro-benchmark Summary

 Sending path overhead of 250ms  Receiving path overhead of 500ms

 Can be done asynchronously

 Acceptable level of overhead

slide-29
SLIDE 29

Simulation Study

 Process the entire email trace on a

single machine

 Anonymous log records from mail server  Exact times have been removed

 University trace of 92 days and 1.19M

messages

 Industry trace of 56 days and 2.5M

messages

slide-30
SLIDE 30

Overhead on Email Size

 Recover the designed 10KB overhead

slide-31
SLIDE 31

Disk Space Usage

Epidemic algorithm overhead

Trusted group size is 100

Overhead about 10MB per peer

slide-32
SLIDE 32

Completion of Authentication University Trace

 Partial completion on 92 day trace

 About 40% of peers authenticated

slide-33
SLIDE 33

Completion of Authentication Industry Trace

 Reduced progress

 Trace collected upstream of spam filter  Effectiveness of Authentication is near 40%

slide-34
SLIDE 34

Trace Analysis Study

 Achieve 40% completion on about

3 months of email traffic

 Using two way bootstrapping group  Effectiveness depends on

bootstrapping group selection

 Modest cache overhead  Message overhead is respected as

designed

slide-35
SLIDE 35

Conclusion

 Implemented and evaluated

automatic sender authentication for email

 Future work

 Data collection from deployment  Improve bootstrapping group

selection

 Address authenticity vs. importance

slide-36
SLIDE 36

Q&A

slide-37
SLIDE 37

Peer-to-peer Sender Authentication for Email Extra Slides

slide-38
SLIDE 38

Extra Slides Outline

 Authentication protocol details

 Distributed Authentication  Byzantine Agreement  Trust Groups  Public Key Infection

 Simulation results

 Group size  Malicious peers

slide-39
SLIDE 39

Authentication Model

 Challenge-response protocol

 No active attacks

 Man in the middle attack

 Limited number of attacks

 Proof of possession of Ka

{b,a,Challenge,Ka(r)}b , {a,b,Response,r}a

B A KA KA(NB) NB

slide-40
SLIDE 40

Authentication Model

 Distributed Authentication

 Challenge response from multiple peers  Gather proofs of possession

 Lack of consensus on authenticity

 Malicious peers  Man-in-the-middle attack

C A D B F E C A D B F E

slide-41
SLIDE 41

Authentication Correctness

 Validity of proofs of possession

 {e,a,Challenge,Ka(r)}e , {a,e,Response,r}a

 All messages are signed

 Required for proving malicious behavior  Recent proofs stored by the peers

C A D B F E

PB PB PF PE PD PC From A PF PE PD PC From peers

slide-42
SLIDE 42

Byzantine Agreement Overview

Publicize lack of consensus

Authenticating peer sends proofs of possession to peers

Each peer tries to authenticate A

Sends its proof-of-possession vector to every peer

Byzantine agreement on authenticity of KA

Majority decision at every peer

Identify malicious peers

Complete authentication

1 1 1 1 From F 1 1 1 1 From E 1 1 1 1 1 From D 1 1 1 1 1 From C 1 1 1 1 From B

slide-43
SLIDE 43

Byzantine Agreement Correctness Overview

 Consider proofs received at a peer P

Set of Peers of P t malicious peers Φn on compromised path to A Φn on compromised path to P

slide-44
SLIDE 44

Byzantine Agreement Correctness Overview

 t + 2Øn may not arrive

 P receives at least n-t-2Øn proofs

 t + 2Øn may be faulty

 P receives at least n-2t-4Øn correct agreeing

proofs

 P decides correctly by majority if n-2t-4Øn > t +

2Øn

 Agreement is correct if t < 1-6Ø/3 n

slide-45
SLIDE 45

Trust Groups

 Execute Authentication on smaller Trust groups

 Quadratic messaging cost  Peer interest

 Trusted group

 Authenticated public keys  Not (overtly) malicious

 Probationary group  Un-trusted group

 Known to be malicious

slide-46
SLIDE 46

Growth of Trust Groups

 Governed by

communication patterns

 Discovery of new

peers

 Authentication of

discovered peers

 Addition to trusted set

 Discovery of un-

trusted peers

slide-47
SLIDE 47

Evolution of Trust Groups

 Covertly malicious peers

 May wait until honest majority is violated  Lead to incorrect authentication

 Periodic pruning of trusted group

 Unresponsive peers  Remove older trusted peers from trust group

 Reduce messaging cost  Randomize trusted group membership

 Group migration event

 Probability of violating honest majority

slide-48
SLIDE 48

Bootstrapping Trust Group

 Authentication needs an honest

trust group

 Initialize a Bootstrapping trust group  Needed for cold start  Authenticate each bootstrapping peer

 Size of bootstrapping trust group

 Recover from trusting a malicious

peer n > 3/1-6Ø

slide-49
SLIDE 49

Public Key Infection

 Optimistic trust

 Lazy authentication  Reduced messaging cost

 Cache of undelivered messages

 Use peers for epidemic propagation of messages  Anti-entropy sessions eventually deliver messages  Infect peers with new undelivered messages

slide-50
SLIDE 50

Public Key Infection

 Use logical and vector timestamps

 Determine messages to exchange for

anti-entropy

 Detect message delivery

 Double exponential drop in

number of uninfected peers with time

 Number of cached messages is in

O(nlogn)

slide-51
SLIDE 51

Extra Slides Outline

 Authentication protocol details

 Distributed Authentication  Byzantine Agreement  Trust Groups  Public Key Infection

 Simulation results

 Group size  Malicious peers

slide-52
SLIDE 52

Simulation

 Implemented Byzantine Fault

Tolerant Authentication as a C++ library

 Simulation program

 Make library calls and keeps counters  Study effects of

 Group size  Malicious peers

slide-53
SLIDE 53

Effects of Group Size

 Constant Cost for

trusted peers

 Probationary

peers process O(n2) messages

 Trust graph does

not affect the cost

 Randomized

trusted sets from Bi-directional trust

slide-54
SLIDE 54

Effects of Malicious Peers

 Rapid increase of

messaging cost

 With group size  With proportion of

malicious peers

 Byzantine

agreement has quadratic messaging cost

slide-55
SLIDE 55

Conclusion

 Autonomous authentication without trusted third

party

 Incremental approach to security  Suited for low value peer-to-peer systems

 Tolerate malicious peers

 Suited for applications spanning multiple administrative

domains

 Scalable to large peer-to-peer systems  Eliminate total trust and single point of failure  Made feasible by using stronger network

assumptions

 Network adversary is not all powerful