Holst-Christensen et al., 2021 - Google Patents
Security issues in SMTP-based email systemsHolst-Christensen et al., 2021
- Document ID
- 17930312688181637028
- Author
- Holst-Christensen B
- Frøkjær E
- Publication year
- Publication venue
- 2021 14th CMI International Conference-Critical ICT Infrastructures and Platforms (CMI)
External Links
Snippet
The SMTP standard was originally published in 1982 and has since then become one of the mostly used methods for data communication. Since its publication the standard has been modified with many extensions intended to handle security issues. A selection of the most …
- 238000004891 communication 0 abstract description 10
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
- H04L63/0435—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply symmetric encryption, i.e. same key used for encryption and decryption
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communication
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0819—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
- H04L63/0464—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload using hop-by-hop encryption, i.e. wherein an intermediate entity decrypts the information and re-encrypts it before forwarding it
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
- H04L63/0442—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply asymmetric encryption, i.e. different keys for encryption and decryption
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
- H04L63/045—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply hybrid encryption, i.e. combination of symmetric and asymmetric encryption
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to network resources
- H04L63/104—Grouping of entities
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/12—Applying verification of the received information
- H04L63/126—Applying verification of the received information the source of the received data
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for supporting authentication of entities communicating through a packet data network
- H04L63/0823—Network architectures or network communication protocols for network security for supporting authentication of entities communicating through a packet data network using certificates
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to network resources
- H04L63/105—Multiple levels of security
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Holz et al. | TLS in the wild: An Internet-wide analysis of TLS-based protocols for electronic communication | |
| Durumeric et al. | Neither snow nor rain nor MITM... an empirical analysis of email delivery security | |
| JP4976678B2 (en) | Validating inbound messages | |
| US8732452B2 (en) | Secure message delivery using a trust broker | |
| US8032750B2 (en) | Method for establishing a secure e-mail communication channel between a sender and a recipient | |
| KR101219862B1 (en) | System and method for establishing that a server and a correspondent have compatible secure email | |
| US7673004B1 (en) | Method and apparatus for secure IM communications using an IM module | |
| JP2006520112A (en) | Security key server, implementation of processes with non-repudiation and auditing | |
| Holst-Christensen et al. | Security issues in SMTP-based email systems | |
| Miao et al. | Transport layer security (TLS) transport mapping for Syslog | |
| Rose et al. | Trustworthy email | |
| SANCHEZ et al. | A security analysis of email communications | |
| Leshchenko et al. | Model of a Subsystem for Securing E-Mail Against Loss using Mail Transport Agents based on Containerized Environments | |
| Dolnák | Secure mutual exchange of messages between network nodes inspired by security technologies for electronic mail exchange | |
| SANCHEZ et al. | My Email Communications Security Assessment (MECSA): 2018 Results | |
| Draper-Gil et al. | My email communications security assessment (MECSA): 2018 results | |
| Zhao et al. | An add-on end-to-end secure email solution in mobile communications | |
| JP2009503963A (en) | Message transmission method and system, and encryption key generator suitable therefor | |
| Zhao | Viable Email Attacks and a Simple End-to-End Security Solution | |
| Husien et al. | Application Layer Protocols to Protect Electronic Mail from Security Threads | |
| Miao et al. | RFC 5425: Transport layer security (TLS) transport mapping for syslog | |
| Kumar et al. | A Countermeasure Technique for Email Spoofing. | |
| Miltenburg et al. | Preventing Common Attacks on Critical Infrastructure | |
| Mirian et al. | Neither Snow Nor Rain Nor MITM... An Empirical Analysis of Mail Delivery Security | |
| Rose et al. | ITL BULLETIN FOR APRIL 2018 IMPROVING THE TRUSTWORTHINESS OF EMAIL, AND BEYOND! |