„Email remains the most widely used and presumably the most important digital communication medium on the Internet. But what is the current state of research regarding the security of emails? In this talk, I’ll present three research papers covering this topic."
1. The Security of STARTTLS in the email context.
SMTP, IMAP and POP3 are plain text protocols that were designed in the early 80s. They did not provide authenticity and confidentiality of emails. Later, in the late 90s, the protocols were extended to support TLS. For this, STARTTLS commands were introduced to the protocols. The USENIX Security 2021 paper „Why TLS is better without STARTTLS“
uncovered novel vulnerability in the STARTTLS technology.
2. Novel oracle attacks against S/MIME and OpenPGP.
Padding oracle attacks such as Bleichenbacher’s „Million Questions Attack“ or Vaudenay’s Attack against PKCS#7 padding are well-known and were used to break encryption protocols such als TLS or XML Encryption. S/MIME and OpenPGP use similar cryptographic constructions and are — at least in theory — also vulnerable to these attacks. The attacks were thought to be not exploitable in the email context because the victim would need to open encryption attacker mails, decrypt them and manually communicate the result of the encryption to the attacker. The USENIX Security study 2023 „Content-Type: multipart/oracle - Tapping into Format Oracles in Email End-to-End Encryption“ analyzes ways to practically exploit these vulnerabilities in the email context.
3. Expert usability study of email encryption using OpenPGP.
Multiple research papers in the last 20 years showed that email encryption with OpenPGP is hard to use, especially for laymen without deep technical knowledge. But are expert users able to use it properly? For example, are expert users able to detect spoofed emails that try to mimic valid signatures? In the study „"I don’t know why I check
this...'' - Investigating Expert Users' Strategies to Detect Email Signature Spoofing Attacks“ (USENIX SOUPS 2022), we confronted expert users with emails that may or may not have forged email signatures. The study uncovered that even expert users struggle to detect spoofed emails with forged digital signatures.
Bio
„Prof. Dr. Sebastian Schinzel is full professor for IT security at the University of Applied Sciences Münster and leads the IT security research group. His reasearch topics are applied cryptography, system security and medical IT security."