By Ian Foster, Jon Larson, Max Masich, Alex C

Slides:

Advertisements

Similar presentations

Why Eve & Mallory Love Android

Advertisements

Cryptography and Network Security

Topic 8: Secure communication in mobile devices. Choice of secure communication protocols, leveraging SSL for remote authentication and using HTTPS for.

DNSSEC & Validation Tiger Team DHS Federal Network Security (FNS) & Information Security and Identity Management Committee (ISIMC) Earl Crane Department.

Internet Protocol Security An Overview of IPSec. Outline:  What Security Problem?  Understanding TCP/IP.  Security at What Level?  IP Security. 

Part 5:Security Network Security (Access Control, Encryption, Firewalls)

Chapter 8 Web Security.

SIMPLE MAIL TRANSFER PROTOCOL SECURITY Guided By Prof : Richard Sinn Bhavesh Jadav Mayur Mulani.

Domain Name System | DNSSEC. 2  Internet Protocol address uniquely identifies laptops or phones or other devices  The Domain Name System matches IP.

 ENGR 1110 Introduction to Engineering – Cyber Security Allison Holt, Adam Brown Auburn University.

11 SECURING INTERNET MESSAGING Chapter 9. Chapter 9: SECURING INTERNET MESSAGING2 CHAPTER OBJECTIVES  Explain basic concepts of Internet messaging. 

SYSTEM ADMINISTRATION Chapter 13 Security Protocols.

SMTP PROTOCOL CONFIGURATION AND MANAGEMENT Chapter 8.

Wireless and Security CSCI 5857: Encoding and Encryption.

Secure Electronic Transaction (SET)

Masud Hasan Secue VS Hushmail Project 2.

Protecting Internet Communications: Encryption  Encryption: Process of transforming plain text or data into cipher text that cannot be read by anyone.

Cryptography and Network Security (CS435) Part Fourteen (Web Security)

Web Security : Secure Socket Layer Secure Electronic Transaction.

Internet Security. 2 PGP is a security technology which allows us to send that is authenticated and/or encrypted. Authentication confirms the identity.

Network Security. 2 SECURITY REQUIREMENTS Privacy (Confidentiality) Data only be accessible by authorized parties Authenticity A host or service be able.

Application Security: (April 10, 2013) © Abdou Illia – Spring 2013.

Consolidating Gmail Accounts Jeff Rew, ITRT Richmond Public Schools.

XP New Perspectives on The Internet, Sixth Edition— Comprehensive Tutorial 2 1 Evaluating an Program and a Web-Based Service Basic Communication.

Copyright ©2015 WatchGuard Technologies, Inc. All Rights Reserved WatchGuard Training WatchGuard XCS What’s New in version 10.1.

SMTP Tapu Ahmed Jeremy Nunn. Basics Responsible for electronic mail delivery. Responsible for electronic mail delivery. Simple ASCII protocol that runs.

Chapter 40 Network Security (Access Control, Encryption, Firewalls)

© Copyright 2009 SSLPost 01. © Copyright 2009 SSLPost 02 a recipient is sent an encrypted that contains data specific to that recipient the data.

IPSec is a suite of protocols defined by the Internet Engineering Task Force (IETF) to provide security services at the network layer. standard protocol.

Securing Access to Data Using IPsec Josh Jones Cosc352.

IP Security (IPSec) Matt Hermanson. What is IPSec? It is an extension to the Internet Protocol (IP) suite that creates an encrypted and secure conversation.

SECURITY. Security Threats, Policies, and Mechanisms There are four types of security threats to consider 1. Interception 2 Interruption 3. Modification.

Application Layer instructors at St. Clair College in Windsor, Ontario for their slides. Special thanks to instructors at St. Clair College in Windsor,

Cryptography and Network Security Chapter 14 Fifth Edition by William Stallings Lecture slides by Lawrie Brown.

1 Network Security. 2 Security Services Confidentiality: protection of any information from being exposed to unintended entities. –Information content.

Presented by Phani Krishna P

The Secure Sockets Layer (SSL) Protocol

Chapter 5 Network Security Protocols in Practice Part I

Network Security Presented by: JAISURYA BANERJEA MBA, 2ND Semester.

USAGE OF CRYPTOGRAPHY IN NETWORK SECURITY

Cryptography and Network Security

Secure Sockets Layer (SSL)

Practical Censorship Evasion Leveraging Content Delivery Networks

Misc. Security Items.

CS 465 Secure Last Updated: Nov 30, 2017.

SSOScan: Automated Testing of Web Applications for Single Sign-On Vulnerabilities Yuchen Zhou, and David Evans 23rd USENIX Security Symposium, August,

Originally by Yu Yang and Lilly Wang Modified by T. A. Yang

Using SSL – Secure Socket Layer

Cryptography and Network Security

* Essential Network Security Book Slides.

Pooja programmer,cse department

Goals Introduce the Windows Server 2003 family of operating systems

Cryptography and Network Security

The Secure Sockets Layer (SSL) Protocol

Introduction to Network Security

Kai Bu 05 Secure Connection The topic to be covered this week is secure connection. Apparently, the.

Unit 8 Network Security.

Advanced Computer Networks

Module 4 System and Application Security

 Zone in name space  DNS IN THE INTERNET  Generic domains :There are fourteen generic domains, each specifying an organization type.

Computer Networks Protocols

Slides Credit: Sogand Sadrhaghighi

How We Fight Against Scam

Cryptography and Network Security

Digital Signatures Network Security.

NFD Tunnel Authentication

Presentation transcript:

Security by Any other Name: On the Effectiveness of Provider Based Email Security By Ian Foster, Jon Larson, Max Masich, Alex C. Snoeren, Stefan Savage, and Kirill Levchenko Presented by Yi Yuan

Outline Introduction Threat Model Background Measurement Methodology Result Related Word Discussion Conclusion

Introduction how to make guarantees about Email integrity, authenticity, or confidentiality? encrypt and sign message contents using tools like PGP message tampering, forgery, eavesdropping use of lower-layer security mechanisms: TLS, SPF, DKIM Google recently reported 59% adoption of TLS by sending and 79% by receiving servers. TLS, and DKIM with DNSSEC can protect against active network-based man-in-the-middle attack, when used correctly and enforced. requiring trusting the provider

Research Question Whether the current deployment of TLS,DKIM, and SPF provides these level of security possible under ideal conditions? measuring the level of support for TLS, DKIM, and SPF among top email providers. determining whether they enforce correct protocol use. measuring the use of DNSSEC among providers.

Contributions A methodology for determining TLS use along the full message path between two providers. An analysis of current state of TLS, DKIM, SPF and DNSSEC deployment. how correct use of the above protocols can provide message confidentiality and integrity in a relaxed treat model.

Threat Model network-based attack Active Passive Peer an active attacker ( man-in-the-middle attacker), can observe and modify all packets, and inject arbitrary packets Passive A passive attacker can observe but not modify the traffic between a target and the rest of the Internet. Peer A network peer is an ordinary host connected to the Internet, capable of sending arbitrary packets and receiving packets for which it is the destination.

Background Security Properties Mail Path Confidentiality: Can an attacker read a message? Authenticity: Can an attacker forge a message? Integrity:Can an attacker modify a message? Mail Path

Background Confidentiality network-based eavesdropper passive attacker the standard protocols (HTTP,SMTP,IMAP,POP) use along the mail path defend against eavesdropping using TLS encryption. passive attacker it is sufficient to use TLS on all attacker accessible links, provided a strong cipher suite is sued. active attacker requiring the sender to verify the identity of the receiver. attacker will be able to impersonate the receiver and gain access to the message attacker can gain control of any hop along the message path either TLS is not used on that hop or TLS is used without server certificate verification

Background Authenticity SPF DKIM DNSSEC protect against forgery by a peer attacker by only allowing certain network hosts to send email on behalf of a domain DKIM rely on a digital signature to protect the message, including the sender address DNSSEC If the sending provider uses DNSSEC, the receiving provider can obtain the DKIM signing key securely or receive signed confirmation that a record does not exist. DKIM & DNSSEC can be used to defend against forgery of signed messages.

Background Integrity Enforcement Implications DKIM signatures can be used to protect message from tampering in transit Enforcement SPF & DKIM were developed primarily as a means to fight spam DKIM signing policies can be enforced aggressively GMail will not accept email from eBay or PayPal if it is not signed Implications

Measurement Methodology Subject Selection path uniqueness characteristics of TLS use along the path did not change during the measurement period provider list create the set of popular email providers based on the top 1 million email address domains occurring in the leaked Adobe user data set of September 2013 generator list create a list of email generators by attempting to create an account with each service in the Alexa Top 100 list.

Measurement Methodology Incoming MTA Behavior Connect EHLO ESMTP ESMTP Options STARTTLS TLS handshake Mail transfer

Measurement Methodology Outcoming MTA Behavior HELO/EHLO ESMTP Options STARTTLS TLS handshake Mail transfer

Measurement Methodology SMTP MAS Behavior obtain mail submission configuration info from 22 providers 15/22 providers instruct the user to configure their mail reader to use TLS POP and IMAP Behavior all 22 provider offer POP and IMAP support

Measurement Methodology Webmail Behavior all 22 providers support this option Report TLS Use map TLS use on the internal hops (b) and (d) Cross-Provider Validation sent message between all pairs of provider on the select provider list

Measurement Methodology Certificates check if the certificate was revoked or expired DKIM examine the messages used in the outgoing MTA measurement to determine if a DKIM signature is present SPF, ADSP,DMARC, and DNSSEC query the name server of providers on the provider list for DNS TXT record used by each protocol make note of whether the provider’s mail server supported DNSSEC and returned signed records

Results Submission and Delivery SMTP,POP, and IMAP 6/22 providers use a server certificates that did not match the server host name web interface all 22 provides offer web mail interface, 3 of them do not offer TLS support

Results

Results TLS support at incoming MTAs Pairwise TLS Support

Results SPF and DKIM DNSSEC,DMARC,and ADSP

Related Work Facebook Study Google Study reported 76% of incoming MTAs for unique MX records offered STARTTLS when sending emails to their users, and about half of the certificates pass validation. 58% of Facebook’s outgoing notification email used TLS [1] Google Study Google reported 46% of outbound and 40% of inbound messages used TLS at the time of our second measurement (February 2015). Durumeric et al. reported TLS use for 80% of incoming connections [2] Durumeric et al. reported that 74% of incoming mail at GMail does not have a DMARC policy [2].

Discussion Passive Eavesdropping attacks Peer Forgery Attack best case worst case Peer Forgery Attack Active Eavesdropping attacks Active Tampering attacks

Discussion Recommendations Use TLS Fix Certificates Verify certificates Require TLS Certificate Pinning Use DKIM and DMARC Enforce SPF and DKIM policy Use DNSSEC

Referenced List M. Adkins. The Current State of SMTP STARTTLS Deployment. https://www.facebook.com/notes/1453015901605223, May 2014. Z. Durumeric, D. Adrian, A. Mirian, J. Kasten, E. Bursztein, N. Lidzborski, K. Thomas, V. Eranti, M. Bailey, and J. A. Halderman. Neither Snow Nor Rain Nor MITM . . . An Empirical Analysis of Mail Delivery Security. In Proceedings of the 2015 Internet Measurement Conference (IMC), 2015.

Quiz Name one type of network attackers. what will happen when failure to verify the server's certificate of the MDA? Any limitation for the approach?

Thanks