Computer-Assisted Verification of a Protocol for Certified Email

Abadi, Martı́n; Blanchet, Bruno

doi:10.1007/3-540-44898-5_17

Cited by 36 publications

(26 citation statements)

References 16 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…We do not build a formal model for MaraDNS because it does not cache the authority and additional sections of responses containing an answer RRset and does not use trust levels for overwriting existing records. We do show attacks against all three implementations, including MaraDNS, in Table 4 We use the ProVerif protocol analysis tool, due to its success in practical formal verification of security protocols (e.g., [2]). The details of ProVerif are beyond the scope of this paper and can be found in [6].…”

Section: Modeling Methodologymentioning

confidence: 99%

The Hitchhiker’s Guide to DNS Cache Poisoning

Son

Shmatikov

2010

Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering

View full text Add to dashboard Cite

Abstract. DNS cache poisoning is a serious threat to today's Internet. We develop a formal model of the semantics of DNS caches, including the bailiwick rule and trust-level logic, and use it to systematically investigate different types of cache poisoning and to generate templates for attack payloads. We explain the impact of the attacks on DNS resolvers such as BIND, MaraDNS, and Unbound and their implications for several defenses against DNS cache poisoning.

show abstract

Section: Modeling Methodologymentioning

confidence: 99%

The Hitchhiker’s Guide to DNS Cache Poisoning

Son

Shmatikov

2010

Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering

View full text Add to dashboard Cite

show abstract

“…Abadi et al [7] have designed a protocol for certified e-mail delivery that appears to have many practical advantages. Although it requires a trusted third party (TTP), this TTP is stateless and lightweight; it never has access to the clear-text of the transmitted messages.…”

Section: Literature Surveymentioning

confidence: 99%

Smart Mailing System for Secure Transmissions

Acharya¹,

Gomes²,

Suvarna³

et al. 2014

IJCA

View full text Add to dashboard Cite

Email system has become the widely preferred means of information transfer in the modern business. Conventional email system is secured by a password system leading to a single layer of protection which is insufficient for guaranteed security. Modern businesses are more relying on electronic mail for communication with their clients and colleagues revealing the need for more privacy of sensitive information. The email is connected through many routers and mail servers on its way to the recipient by becoming vulnerable to both physical as well as virtual eavesdropping. The current industry standards do not place much emphasis on security as the information is transferred in plain text and the mail servers will be regularly performing the backups of the emails passing through. This leaves a digital paper trail that can be easily inspected months or years later which can be read by any cracker who gains access to an unprotected router. The proposed system helps to secure the sensitive information sent through email by providing a three layer authentication mechanism.

show abstract

“…This approach has been followed in modeling many protocols (e.g., [3,4,9,13,18,19,37,39]). Techniques from the programming-language literature, such as typing, have been employed for proofs, sometimes with substantial extensions or variations; specialpurpose techniques have also been developed and exploited, as in the tool ProVerif on which we rely below (e.g., [2,10,23,24,28,33,36]).…”

Section: The Wmf Protocol In the Pi Calculusmentioning

confidence: 99%