[15687] in cryptography@c2.net mail archive
Using crypto against Phishing, Spoofing and Spamming...
daemon@ATHENA.MIT.EDU (Amir Herzberg)
Sun Jul 4 14:22:50 2004
X-Original-To: cryptography@metzdowd.com
X-Original-To: cryptography@metzdowd.com
Date: Sun, 04 Jul 2004 12:30:21 +0200
From: Amir Herzberg <amir@herzberg.name>
To: cryptography@metzdowd.com
Following some of our discussions on this list, I tried to think more=20
seriously on how crypto could be used for the basic current security=20
threats of spoofing, phishing and spamming. Preliminary write-ups of the =
results are available in the following (or from my homepage):
# Protecting (even) Na=EFve Web Users, or: Preventing Spoofing and=20
Establishing Credentials of Web Sites, at=20
http://www.cs.biu.ac.il/~herzbea/Papers/ecommerce/trusted%20credentials%2=
0area.PDF
# Controlling Spam by Secure Internet Content Selection, at=20
http://www.cs.biu.ac.il/~herzbea/Papers/ecommerce/spam.pdf
I believe many of you will find some interest in (criticizing?) the new=20
ideas and proposals, and I'll be very grateful for any feedback; the=20
works already benefited a lot from some discussions on this list,=20
including some of you who asked me essentially to `write up your ideas`.
I am also very interested in working with potential implementors; I am=20
already working on implementations with students, but, additional and=20
potentially more experienced developers may help us turn some of these=20
ideas into reality.
BTW, I'm already using the anti-spamming mechanism (trusted logo and=20
credentials area) we developed for Mozilla, and it works great; I hope=20
we'll feel soon confident enough with the code so we'll be able to put=20
it in the public domain. Experienced Mozilla developers who will be=20
willing to help test and evaluate the code are invited to contact me.
--=20
Best regards,
Amir Herzberg
Associate Professor, Computer Science Dept., Bar Ilan University
http://AmirHerzberg.com (information and lectures in cryptography &=20
security)
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
