skip to main content
10.1145/1066677.1066752acmconferencesArticle/Chapter ViewAbstractPublication PagessacConference Proceedingsconference-collections
Article

SELS: a secure e-mail list service

Published:13 March 2005Publication History

ABSTRACT

Exchange of private information content among a large number of users via E-mail List Services is becoming increasingly common. In this paper we address security requirements in that setting and develop a new protocol, SELS (a Secure E-mail List Service) that provides confidentiality, integrity, and authentication for e-mails exchanged via lists. In addition, SELS also protects against the use of lists for e-mail spamming. We have developed a prototype of SELS in Java, and integrated it with the Eudora e-mail client.

References

  1. M. Abadi, N. Glew, B. Horne, B. Pinkas, "Certified Email with a Light On-line Trusted Third Party:Design and Implementation", in proceedings of the 11th International World Wide Web Conference, May 2002. Google ScholarGoogle ScholarDigital LibraryDigital Library
  2. M. Abadi, A. Birrell, M. Burrows, F. Dabek, and T. Wobber, "Bankable Postage for Network Services", in Proceedings of the 8th Asian Computing Science Conference, Mumbai, India, December 2003.Google ScholarGoogle ScholarCross RefCross Ref
  3. J. Allen, The CERT Guide to System and Network Security Practices, Carnegie Mellon Software Engineering Institute, Addison Wesley, Indianapolis, 2001. ISBN 0-2-1-73723-X.Google ScholarGoogle Scholar
  4. I. Androutsopoulos et al., "An Experimental Comparison of Naive Bayesian and Keyword-Based Anti-Spam Filtering with Personal E-mail Messages", in Proceedings of the 23rd Annual International ACM SIGIR Conference on Research and Development in Information Retrieval, Greece, July 2000. Google ScholarGoogle ScholarDigital LibraryDigital Library
  5. R. Anderson and R. Needham, "Robustness principles for public key protocols", in Advances in Cryptology (CRYPTO 95), 1995. Google ScholarGoogle ScholarDigital LibraryDigital Library
  6. M. Bellare, R. Canetti, and H. Krawczyk, "Message authentication using hash functions: The HMAC construction", RSA Laboratories' CryptoBytes, Vol. 2, No. 1, Spring 1996.Google ScholarGoogle Scholar
  7. M. Blaze, G. Bleumer, and M. Strauss, "Divertible protocols and atomic proxy cryptography", in Eurocrypt'98, LNCS 1403, Springer-Verlag, 1998.Google ScholarGoogle Scholar
  8. C. Blundo, S. Cimato, and R. D. Prisco, "Certified Email: Design and Implementation of a New Optimistic Protocol", in proceedings of the Eighth IEEE International Symposium on Computers and Communications, June 30 - July 03, Turkey, 2003. Google ScholarGoogle ScholarDigital LibraryDigital Library
  9. D. Boneh, X. Ding, G. Tsudik and B. Wong, "Fast Revocation of Security Capabilities", in Proceedings of the Usenix Security Symposium, August 2001. Google ScholarGoogle ScholarDigital LibraryDigital Library
  10. D. Boneh and M. Franklin, "Identity based encryption from the Weil pairing", SIAM Journal of Computing, Vol. 32, No. 3, pp. 586--615, 2003. Google ScholarGoogle ScholarDigital LibraryDigital Library
  11. Catalist, the official catalog of LISTSERV lists, http://www.Isoft.com/catalist.html.Google ScholarGoogle Scholar
  12. R. Clayton and M. Bond, "Experience Using a Low-Cost FPGA Design to Crack DES Keys", in Proceedings of the Workshop on Cryptographic Hardware and Embedded Systems (CHES), 2002. Google ScholarGoogle ScholarDigital LibraryDigital Library
  13. L. Cranor and B. LaMacchia, "Spam!", Communications of the ACM 41, 8 (August 1998), 74--83. Google ScholarGoogle ScholarDigital LibraryDigital Library
  14. X. Ding and G. Tsudik, "Simple Identity-Based Cryptography with Mediated RSA", in Proceedings of the RSA Conference, Cryptographer's Track, 2003. Google ScholarGoogle ScholarDigital LibraryDigital Library
  15. C. Dwork, M. Naor, "Pricing via Processing or Combatting Junk Mail", in Proceedings of CRYPTO'92, 1993, pp. 137--147. Google ScholarGoogle ScholarDigital LibraryDigital Library
  16. C. Dwork, A. Goldberg, and M. Naor, "On Memory-Bound Functions for Fighting Spam", in advances of Cryptology (CRYPTO 2003,) August 2003.Google ScholarGoogle Scholar
  17. E. Gabber et al., "Curbing junk e-mail via secure classification", in Proceedings of Financial Cryptography, 1998. Google ScholarGoogle ScholarDigital LibraryDigital Library
  18. T. E. Gamal, "A Public Key Cryptosystem and a Signature Scheme Based on the Discrete Logarithm", IEEE Transactions of Information Theory, pages 31(4): 469--472, 1985.Google ScholarGoogle ScholarDigital LibraryDigital Library
  19. The GNU Privacy Guard, http://gnupg.org.Google ScholarGoogle Scholar
  20. J. loannidis, "Fighting spam by encapsulating policy in email addresses", in Proceedings of the Symposium on Network and Distributed Systems Security, 2003.Google ScholarGoogle Scholar
  21. A. Ivan and Y. Dodis, "Proxy Cryptography Revisited", in Proceedings of the Network and Distributed System Security Symposium (NDSS), February 2003.Google ScholarGoogle Scholar
  22. Y. Kim, A. Perrig and G. Tsudik, "Simple and Fault-Tolerant Key Agreement for Dynamic Collaborative Groups", in Proceedings of 7th ACM Conference on Computer and Communication Security (CCS), 2000. Google ScholarGoogle ScholarDigital LibraryDigital Library
  23. J. Linn, "Privacy Enhancement for Internet Electronic Mail: Part I: Message Encryption and Authentication Procedures", IETF PEM WG RFC 21, 1993.Google ScholarGoogle Scholar
  24. LISTSERV, http://www.Isoft.com.Google ScholarGoogle Scholar
  25. T. Loder, M. V. Alstyne, and R. Wash, "An Economic Answer to Unsolicited Communication", in proceedings of the 5th ACM conference on Electronic Commerce, May 2004. Google ScholarGoogle ScholarDigital LibraryDigital Library
  26. Mailman, the GNU mailing list manager. http://www.list.org.Google ScholarGoogle Scholar
  27. Majordomo, http://www.greatcircle.com/majordomo.Google ScholarGoogle Scholar
  28. M. Mambo and E. Okamoto, "Proxy Cryptosystems: Delegation of the Power to Decrypt Ciphertexts", IEICE Transactions on Fundamentals, vol. E80-A, No. 1, 1997.Google ScholarGoogle Scholar
  29. S. Mittra, "lolus: A Framework for Scalable Secure Multicasting", in proceedings of ACM SIGCOMM 1997. Google ScholarGoogle ScholarDigital LibraryDigital Library
  30. Ostermiller Java Utilities, http://ostermiller.org/utils.Google ScholarGoogle Scholar
  31. T. Tompkins and D. Handley, "Giving e-mail back to the users: Using digital signatures to solve the spam problem", First Monday, 8(9), September 2003.Google ScholarGoogle Scholar
  32. US Department of Energy Computer Incident Advisory, January 26 2000. http://ciac.llnl.gov/ciac/bulletins/k-020.shtml.Google ScholarGoogle Scholar
  33. C. K. Wong, M. G. Gouda, S. S. Lam, "Secure group communications using key graphs", IEEE/ACM Transactions on Networking 8(1): 16--30, 2000. Google ScholarGoogle ScholarDigital LibraryDigital Library
  34. P. Zimmerman, The Official PGP User's Guide, MIT Press, ISBN: 0-262-74017-6, May 1995. Google ScholarGoogle ScholarDigital LibraryDigital Library

Index Terms

  1. SELS: a secure e-mail list service

        Recommendations

        Comments

        Login options

        Check if you have access through your login credentials or your institution to get full access on this article.

        Sign in
        • Published in

          cover image ACM Conferences
          SAC '05: Proceedings of the 2005 ACM symposium on Applied computing
          March 2005
          1814 pages
          ISBN:1581139640
          DOI:10.1145/1066677

          Copyright © 2005 ACM

          Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

          Publisher

          Association for Computing Machinery

          New York, NY, United States

          Publication History

          • Published: 13 March 2005

          Permissions

          Request permissions about this article.

          Request Permissions

          Check for updates

          Qualifiers

          • Article

          Acceptance Rates

          Overall Acceptance Rate1,650of6,669submissions,25%

          Upcoming Conference

          SAC '24

        PDF Format

        View or Download as a PDF file.

        PDF

        eReader

        View online with eReader.

        eReader