Authentication by Email Reception

نویسنده

  • Don Libes
چکیده

In this paper, I describe the use of email reception as an authentication mechanism for public access servers, such as emailand Web-based servers in untrusted and low-risk environments [DoD]. Even the simplest implementation provides security that is significantly better than trust and requires significant power to crack. Despite its security limitations, this type of authentication should be attractive for a large percentage of servers that are now currently trust-based. In particular, the system administration cost is near zero because initial and subsequent reregistrations (e.g., dealing with forgotten passwords) is totally automated. Problem detection and resolution is also automated to a high degree. It is this high degree of automation and corresponding low cost that is the motivating factor for this work.

برای دانلود رایگان متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

منابع مشابه

Improving Email Trustworthiness through Social-Group Key Authentication

The increasing use of email for phishing and unsolicited marketing has reduced the trustworthiness of email as a communication medium. Sender authentication is a known defense against these attacks. Existing proposals for sender authentication either require infrastructural support or break compatibility with existing email infrastructure. We propose, implement, and evaluate social-group key au...

متن کامل

Improving Email Trustworthiness through Peer-to-peer Sender Authentication

The increasing use of email for phishing and unsolicited marketing has reduced the trustworthiness of email as a communication medium. Sender authentication is a known defense against these attacks. The existing proposals for sender authentication either require infrastructural support or break compatibility with existing email infrastructure. We propose, implement, and evaluate Peer-toPeer Sen...

متن کامل

Message Authentication Using Hash Functions| the Hmac Construction

Two parties communicating across an insecure channel need a method by which any attempt to modify the information sent by one to the other, or fake its origin, is detected. Most commonly such a mechanism is based on a shared key between the parties, and in this setting is usually called a MAC, or Message Authentication Code. (Other terms include Integrity Check Value or Cryptographic Checksum)....

متن کامل

Measuring the Comprehensibility of Metaphors for Configuring Backup Authentication

Backup authentication systems verify the identity of users who are unable to perform primary authentication—usually as a result of forgetting passwords. The two most common authentication mechanisms used for backup authentication by webmail services, personal authentication questions and email-based authentication, are insufficient. Many webmail users cannot benefit from email-based authenticat...

متن کامل

Domain-Based Email Authentication Using Public Keys Advertised

DomainKeys" creates a domain-level authentication framework for email by using public-key technology and the DNS to prove the provenance and contents of an email. This document defines a framework for digitally signing email on a per-domain basis. The ultimate goal of this framework is to unequivocally prove and protect identity while retaining the semantics of Internet email as it is known tod...

متن کامل

ذخیره در منابع من

ذخیره در منابع من قبلا به منابع من ذحیره شده

{@ msg_add @}


  با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید

عنوان ژورنال:

دوره   شماره 

صفحات  -

تاریخ انتشار 1996