Skip to main content
Presentation
SEFAP: An Email System for Anti-Phishing
Faculty of Informatics - Papers (Archive)
  • Qoing Ren, University of Wollongong
  • Yi Mu, University of Wollongong
  • Willy Susilo, University of Wollongong
RIS ID
22550
Publication Date
11-7-2007
Publication Details

This conference paper was originally published as Qoing Ren, Yi Mu, Susilo, W., SEFAP: An Email System for Anti-Phishing, 6th IEEE/ACIS International Conference on Computer and Information Science ICIS 2007, 11-13 Jul, 782-787.

Abstract
More and more users are suffering from email-based phishing attacks over the past years. Despite the use of various technologies for anti-phishing, phishing is still one of most serious attacks against Internet users. Email phishing attacks fabricate the email’s origin. Unfortunately, current email server systems can not authenticate the genuineness of in-coming emails. In this paper, we present a novel antiphishing mechanism: Signed Email for Anti-Phishing (SEFAP), designed to automatically identify an email’s origin to mitigate email phishing attacks. The SEFAP system is an extendable secure cryptographic system that accommodates multiple signature schemes. SEFAP can adopt any signature scheme which has two properties: Identity-based and repudiability. Identity-based property removes the unrealistic full PKI infrastructure deployment requirement and the repudiability property protects sender’s privacy. We describe how to integrate the SEFAP system into a standard SMTP server. We also proposed an efficient implementation based on a novel ID-based ring signature scheme.
Citation Information
Qoing Ren, Yi Mu and Willy Susilo. "SEFAP: An Email System for Anti-Phishing" (2007)
Available at: http://works.bepress.com/ymu/1/