05273071

a

05273071 Liao, Lijun Schwenk, J\"org End-to-end header protection in signed S/MIME. Meersman, Robert (ed.) et al., On the move to meaningful internet systems 2007: CoopIS, DOA, ODBASE, GADA, and IS. OTM confederated international conferences CoopIS, DOA, ODBASE, GADA, and IS 2007, Vilamoura, Portugal, November 25--30, 2007, Proceedings, Part II. Berlin: Springer (ISBN 978-3-540-76835-7/pbk). Lecture Notes in Computer Science 4804, 1646-1658 (2007). 2007 Berlin: Springer EN

doi:10.1007/978-3-540-76843-2_37

Summary: S/MIME has been widely used to provide the end-to-end authentication, integrity and non-repudiation. S/MIME has the significant drawback that headers are unauthentic. DKIM protects specified headers, but only between the sending server and the receiver. These lead to possible impersonation attacks and profiling of the email communication, and encourage spam and phishing activities. In this paper we propose an approach to extend S/MIME to support end-to-end integrity of email headers. This approach is fully compatible with S/MIME. Under some reasonable assumption our approach can help reduce spam efficiently.