Presentation is loading. Please wait.

Presentation is loading. Please wait.

By Ian Foster, Jon Larson, Max Masich, Alex C

Published byErica Mills Modified over 6 years ago

Similar presentations

Presentation on theme: "By Ian Foster, Jon Larson, Max Masich, Alex C"— Presentation transcript:

1 Security by Any other Name: On the Effectiveness of Provider Based Email Security
By Ian Foster, Jon Larson, Max Masich, Alex C. Snoeren, Stefan Savage, and Kirill Levchenko Presented by Yi Yuan

2 Outline Introduction Threat Model Background Measurement Methodology
Result Related Word Discussion Conclusion

3 Introduction how to make guarantees about integrity, authenticity, or confidentiality? encrypt and sign message contents using tools like PGP message tampering, forgery, eavesdropping use of lower-layer security mechanisms: TLS, SPF, DKIM Google recently reported 59% adoption of TLS by sending and 79% by receiving servers. TLS, and DKIM with DNSSEC can protect against active network-based man-in-the-middle attack, when used correctly and enforced. requiring trusting the provider

4 Research Question Whether the current deployment of TLS,DKIM, and SPF provides these level of security possible under ideal conditions? measuring the level of support for TLS, DKIM, and SPF among top providers. determining whether they enforce correct protocol use. measuring the use of DNSSEC among providers.

5 Contributions A methodology for determining TLS use along the full message path between two providers. An analysis of current state of TLS, DKIM, SPF and DNSSEC deployment. how correct use of the above protocols can provide message confidentiality and integrity in a relaxed treat model.

6 Threat Model network-based attack Active Passive Peer
an active attacker ( man-in-the-middle attacker), can observe and modify all packets, and inject arbitrary packets Passive A passive attacker can observe but not modify the traffic between a target and the rest of the Internet. Peer A network peer is an ordinary host connected to the Internet, capable of sending arbitrary packets and receiving packets for which it is the destination.

7 Background Security Properties Mail Path
Confidentiality: Can an attacker read a message? Authenticity: Can an attacker forge a message? Integrity:Can an attacker modify a message? Mail Path

8 Background Confidentiality network-based eavesdropper passive attacker
the standard protocols (HTTP,SMTP,IMAP,POP) use along the mail path defend against eavesdropping using TLS encryption. passive attacker it is sufficient to use TLS on all attacker accessible links, provided a strong cipher suite is sued. active attacker requiring the sender to verify the identity of the receiver. attacker will be able to impersonate the receiver and gain access to the message attacker can gain control of any hop along the message path either TLS is not used on that hop or TLS is used without server certificate verification

9 Background Authenticity SPF DKIM DNSSEC
protect against forgery by a peer attacker by only allowing certain network hosts to send on behalf of a domain DKIM rely on a digital signature to protect the message, including the sender address DNSSEC If the sending provider uses DNSSEC, the receiving provider can obtain the DKIM signing key securely or receive signed confirmation that a record does not exist. DKIM & DNSSEC can be used to defend against forgery of signed messages.

10 Background Integrity Enforcement Implications
DKIM signatures can be used to protect message from tampering in transit Enforcement SPF & DKIM were developed primarily as a means to fight spam DKIM signing policies can be enforced aggressively GMail will not accept from eBay or PayPal if it is not signed Implications

11 Measurement Methodology
Subject Selection path uniqueness characteristics of TLS use along the path did not change during the measurement period provider list create the set of popular providers based on the top 1 million address domains occurring in the leaked Adobe user data set of September 2013 generator list create a list of generators by attempting to create an account with each service in the Alexa Top 100 list.

12 Measurement Methodology
Incoming MTA Behavior Connect EHLO ESMTP ESMTP Options STARTTLS TLS handshake Mail transfer

13 Measurement Methodology
Outcoming MTA Behavior HELO/EHLO ESMTP Options STARTTLS TLS handshake Mail transfer

14 Measurement Methodology
SMTP MAS Behavior obtain mail submission configuration info from 22 providers 15/22 providers instruct the user to configure their mail reader to use TLS POP and IMAP Behavior all 22 provider offer POP and IMAP support

15 Measurement Methodology
Webmail Behavior all 22 providers support this option Report TLS Use map TLS use on the internal hops (b) and (d) Cross-Provider Validation sent message between all pairs of provider on the select provider list

16 Measurement Methodology
Certificates check if the certificate was revoked or expired DKIM examine the messages used in the outgoing MTA measurement to determine if a DKIM signature is present SPF, ADSP,DMARC, and DNSSEC query the name server of providers on the provider list for DNS TXT record used by each protocol make note of whether the provider’s mail server supported DNSSEC and returned signed records

17 Results Submission and Delivery SMTP,POP, and IMAP
6/22 providers use a server certificates that did not match the server host name web interface all 22 provides offer web mail interface, 3 of them do not offer TLS support

18 Results

19 Results TLS support at incoming MTAs Pairwise TLS Support

20 Results SPF and DKIM DNSSEC,DMARC,and ADSP

21 Related Work Facebook Study Google Study
reported 76% of incoming MTAs for unique MX records offered STARTTLS when sending s to their users, and about half of the certificates pass validation. 58% of Facebook’s outgoing notification used TLS [1] Google Study Google reported 46% of outbound and 40% of inbound messages used TLS at the time of our second measurement (February 2015). Durumeric et al. reported TLS use for 80% of incoming connections [2] Durumeric et al. reported that 74% of incoming mail at GMail does not have a DMARC policy [2].

22 Discussion Passive Eavesdropping attacks Peer Forgery Attack
best case worst case Peer Forgery Attack Active Eavesdropping attacks Active Tampering attacks

23 Discussion Recommendations Use TLS Fix Certificates
Verify certificates Require TLS Certificate Pinning Use DKIM and DMARC Enforce SPF and DKIM policy Use DNSSEC

24

25 Referenced List M. Adkins. The Current State of SMTP STARTTLS Deployment. May 2014. Z. Durumeric, D. Adrian, A. Mirian, J. Kasten, E. Bursztein, N. Lidzborski, K. Thomas, V. Eranti, M. Bailey, and J. A. Halderman. Neither Snow Nor Rain Nor MITM An Empirical Analysis of Mail Delivery Security. In Proceedings of the 2015 Internet Measurement Conference (IMC), 2015.

26 Quiz Name one type of network attackers.
what will happen when failure to verify the server's certificate of the MDA? Any limitation for the approach?

27 Thanks

Download ppt "By Ian Foster, Jon Larson, Max Masich, Alex C"

Similar presentations

Why Eve & Mallory Love Android

Why Eve & Mallory Love Android
Cryptography and Network Security

Cryptography and Network Security
Topic 8: Secure communication in mobile devices. Choice of secure communication protocols, leveraging SSL for remote authentication and using HTTPS for.

Topic 8: Secure communication in mobile devices. Choice of secure communication protocols, leveraging SSL for remote authentication and using HTTPS for.
DNSSEC & Email Validation Tiger Team DHS Federal Network Security (FNS) & Information Security and Identity Management Committee (ISIMC) Earl Crane Department.

DNSSEC & Validation Tiger Team DHS Federal Network Security (FNS) & Information Security and Identity Management Committee (ISIMC) Earl Crane Department.
Internet Protocol Security An Overview of IPSec. Outline:  What Security Problem?  Understanding TCP/IP.  Security at What Level?  IP Security. 

Internet Protocol Security An Overview of IPSec. Outline:  What Security Problem?  Understanding TCP/IP.  Security at What Level?  IP Security. 
Part 5:Security Network Security (Access Control, Encryption, Firewalls)

Part 5:Security Network Security (Access Control, Encryption, Firewalls)
Chapter 8 Web Security.

Chapter 8 Web Security.
SIMPLE MAIL TRANSFER PROTOCOL SECURITY Guided By Prof : Richard Sinn Bhavesh Jadav Mayur Mulani.

SIMPLE MAIL TRANSFER PROTOCOL SECURITY Guided By Prof : Richard Sinn Bhavesh Jadav Mayur Mulani.
Domain Name System | DNSSEC. 2  Internet Protocol address uniquely identifies laptops or phones or other devices  The Domain Name System matches IP.

Domain Name System | DNSSEC. 2  Internet Protocol address uniquely identifies laptops or phones or other devices  The Domain Name System matches IP.
 ENGR 1110 Introduction to Engineering – Cyber Security Allison Holt, Adam Brown Auburn University.

 ENGR 1110 Introduction to Engineering – Cyber Security Allison Holt, Adam Brown Auburn University.
11 SECURING INTERNET MESSAGING Chapter 9. Chapter 9: SECURING INTERNET MESSAGING2 CHAPTER OBJECTIVES  Explain basic concepts of Internet messaging. 

11 SECURING INTERNET MESSAGING Chapter 9. Chapter 9: SECURING INTERNET MESSAGING2 CHAPTER OBJECTIVES  Explain basic concepts of Internet messaging. 
SYSTEM ADMINISTRATION Chapter 13 Security Protocols.

SYSTEM ADMINISTRATION Chapter 13 Security Protocols.
SMTP PROTOCOL CONFIGURATION AND MANAGEMENT Chapter 8.

SMTP PROTOCOL CONFIGURATION AND MANAGEMENT Chapter 8.
Wireless and Email Security CSCI 5857: Encoding and Encryption.

Wireless and Security CSCI 5857: Encoding and Encryption.
Secure Electronic Transaction (SET)

Secure Electronic Transaction (SET)
Masud Hasan 03-60-475 SecueEmail VS Hushmail Project 2.

Masud Hasan Secue VS Hushmail Project 2.
Protecting Internet Communications: Encryption  Encryption: Process of transforming plain text or data into cipher text that cannot be read by anyone.

Protecting Internet Communications: Encryption  Encryption: Process of transforming plain text or data into cipher text that cannot be read by anyone.
Cryptography and Network Security (CS435) Part Fourteen (Web Security)

Cryptography and Network Security (CS435) Part Fourteen (Web Security)
Web Security : Secure Socket Layer Secure Electronic Transaction.

Web Security : Secure Socket Layer Secure Electronic Transaction.
Internet Security. 2 PGP is a security technology which allows us to send email that is authenticated and/or encrypted. Authentication confirms the identity.

Internet Security. 2 PGP is a security technology which allows us to send that is authenticated and/or encrypted. Authentication confirms the identity.

Similar presentations

Ads by Google