Skip to main content
Article
Some common attacks against certified email protocols and the countermeasures
Computer Communications
  • Min-Hua Shao, National Pingtung University of Science and Technology, Taiwan
  • Guilin Wang, University of Wollongong
  • Jianying Zhou, Institute for Infocomm Research, Singapore
Document Type
Journal Article
Publication Date
1-1-2006
Abstract
Certified email is a value-added service for standard email systems, which guarantees the fairness, i.e., the intended recipient gets the mail content if and only if the mail originator receives a non-repudiation receipt showing that the message has been received by the recipient. As far as security is concerned, fairness is the most important requirements, though some other properties are also desirable in practice. Recently, a number of certified email protocols have been proposed. However, most of those schemes have more or less weaknesses and/or security flaws. In the worst case, fairness cannot be achieved since one dishonest party can mount some attacks to cheat the honest party such that the latter cannot get the expected items. In this paper, we analyze two latest certified email protocols to demonstrate some common attacks, and then propose some improvements to avoid those security problems. We further give several informal but useful guidelines to counter those common attacks in the design of certified email protocols.
RIS ID
41036
Citation Information
Min-Hua Shao, Guilin Wang and Jianying Zhou. "Some common attacks against certified email protocols and the countermeasures" Computer Communications Vol. 29 Iss. 15 (2006) p. 2759 - 2769
Available at: http://works.bepress.com/gwang/2/