Deployment and analysis of DKIM with DNSSEC / Driftsättning och analys av DKIM med DNSSEC

Bondesson, Rickard

January 2008

<p>As the email system is widely used as a communication channel, and often is crucial for the performance of organizations, it is important that users can trust the content of what is being delivered to them. A standard called <em>DomainKeys Identified Mail</em> (DKIM) has been developed by the IETF to solve the problem with authentication and integrity, by using digital signatures. This master's thesis goal is to evaluate the solution where an implementation of DKIM is extended with DNSSEC validation. DNSSEC is a solution which secures, among other, the mapping between IP addresses and domain names. The implementation of DKIM is deployed and evaluated with function testing, domain testing, threat analysis, and interoperability testing.DKIM does not need any new public-key infrastructure, thus inflicting less cost on the deployment compared with other cryptographic solutions such as S/MIME and PGP. We recommended to use DKIM together with DNSSEC to secure the transportation of the DKIM public key. The upcoming standard ADSP can inform the recipient of whether a domain is signing its email or not and thereby a possibility to detect any unauthorized signature removal. A further problem is that mailing lists often manipulate the email, thus breaking the signature. We therefore recommend to send email directly to the recipient or active DKIM signing on the mailing lists.</p>

deployment

testing

analysis

DKIM

DNSSEC

Computer science

Datalogi

Deployment and analysis of DKIM with DNSSEC / Driftsättning och analys av DKIM med DNSSEC

Bondesson, Rickard

January 2008

As the email system is widely used as a communication channel, and often is crucial for the performance of organizations, it is important that users can trust the content of what is being delivered to them. A standard called DomainKeys Identified Mail (DKIM) has been developed by the IETF to solve the problem with authentication and integrity, by using digital signatures. This master's thesis goal is to evaluate the solution where an implementation of DKIM is extended with DNSSEC validation. DNSSEC is a solution which secures, among other, the mapping between IP addresses and domain names. The implementation of DKIM is deployed and evaluated with function testing, domain testing, threat analysis, and interoperability testing.DKIM does not need any new public-key infrastructure, thus inflicting less cost on the deployment compared with other cryptographic solutions such as S/MIME and PGP. We recommended to use DKIM together with DNSSEC to secure the transportation of the DKIM public key. The upcoming standard ADSP can inform the recipient of whether a domain is signing its email or not and thereby a possibility to detect any unauthorized signature removal. A further problem is that mailing lists often manipulate the email, thus breaking the signature. We therefore recommend to send email directly to the recipient or active DKIM signing on the mailing lists.

deployment

testing

analysis

DKIM

DNSSEC

Computer Sciences

Datavetenskap (datalogi)

Email attacks : Investigation about the vulnerability of the Swedish organizations against email threats.

Kour, Jawdat, Ahmed, Hasan

January 2020

Email is an essential form of communication for organizations. Nevertheless, with so much popularity came many challenges. These emails usually carry sensitive data that might cause significant harm if they get compromised. Besides, spam and phishing emails that continually reach the employees’ inbox masquerading as a trusted entity due to the lack of authentication mechanisms are also considered a significant threat for organizations today. Such threats are phishing using email domain forgery attack, redirecting emails to a mail server that is under the attacker’s control, and connection eavesdropping. The research aimed to investigate the vulnerability of approximately 2000 organizations within Sweden against those attacks. Toward that end, the quantity and quality of the following email security mechanisms SPF, DKIM, DMARC, STARTTLS, DNSSEC, and DANE were examined through a case study. Also, the adoption of these mechanisms was investigated, whether it varies based on different factors such as organization size, sector, and location. The research findings indicated that the average adoption rate by the tested organizations was approximately 50%. Furthermore, the result demonstrated that there were no differences in the adopted mechanisms based on the studied factors that the results were quite similar among the tested groups. It concluded that there is a lack of protection mechanisms, which made the majority of the tested organizations vulnerable to different types of email attacks.

Email security

SPF

DKIM

DMARC

DNSSEC

STARTTLS

DANE

Computer Sciences

Datavetenskap (datalogi)