CFP last date
20 January 2025
Call for Paper
February Edition
IJCA solicits high quality original research papers for the upcoming February edition of the journal. The last date of research paper submission is 20 January 2025

Submit your paper
Know more
Reseach Article

Spam Control Mechanism using Identity based Message Admission

by Mahesh P, Basappa B. Kodada, Shivakumar K. M
International Journal of Computer Applications
Foundation of Computer Science (FCS), NY, USA
Volume 74 - Number 3
Year of Publication: 2013
Authors: Mahesh P, Basappa B. Kodada, Shivakumar K. M
10.5120/12865-9696

Mahesh P, Basappa B. Kodada, Shivakumar K. M . Spam Control Mechanism using Identity based Message Admission. International Journal of Computer Applications. 74, 3 ( July 2013), 24-31. DOI=10.5120/12865-9696

@article{ 10.5120/12865-9696,
author = { Mahesh P, Basappa B. Kodada, Shivakumar K. M },
title = { Spam Control Mechanism using Identity based Message Admission },
journal = { International Journal of Computer Applications },
issue_date = { July 2013 },
volume = { 74 },
number = { 3 },
month = { July },
year = { 2013 },
issn = { 0975-8887 },
pages = { 24-31 },
numpages = {9},
url = { https://ijcaonline.org/archives/volume74/number3/12865-9696/ },
doi = { 10.5120/12865-9696 },
publisher = {Foundation of Computer Science (FCS), NY, USA},
address = {New York, USA}
}
%0 Journal Article
%1 2024-02-06T21:41:15.352599+05:30
%A Mahesh P
%A Basappa B. Kodada
%A Shivakumar K. M
%T Spam Control Mechanism using Identity based Message Admission
%J International Journal of Computer Applications
%@ 0975-8887
%V 74
%N 3
%P 24-31
%D 2013
%I Foundation of Computer Science (FCS), NY, USA
Abstract

Spammers have a tremendous financial incentive to compromise user Email accounts. Many approaches to curb spam have been developed. In the traditional DKIM signature approach no Certificate Authority is used. Survey tells that most of the DNS are exploited to DNS cache poisoning attack. Further smaller keys are exposed to Wiener attack. Also DKIM does not verify the author and does not provide security after signature generation/verification. An attacker can be able to trick the recipient by masquerading as a legitimate sender and insert malicious information and send as spam Mails to other recipients. Therefore this paper addresses the issues by allowing sender to indicate that their emails are signed and encrypted using ID based mediated RSAA technique based on user identity. This system use Certificate Authority and a key Mediator in its architecture. During decryption the Key mediator does partial decryption and the recipient does full decryption of message. If original message is recovered and verified the sender message is accepted else rejected or blocked as spam message.

References
  1. L. Cranor and B. LaMacchia, "Spam!" Communications of the ACM, vol. 41, no. 8, pp. 74–83, August 1998.
  2. B. Hayes, "SPAM, SPAM, SPAM, LOVELY SPAM," American Scientist, vol. 91, no. 3, pp. 200–204, May–June 2003.
  3. S. M. Kerner. The cost of phishing hits $1. 2 billion. [Online]. Available: http: //www. internetnews. com/ec-news/article. php/3350891. August 2007.
  4. C. C. Zou, W. Gong, and D. Towsley, "Feedback email worm defense system for enterprise networks," University of Massachuset, Technical Report TR-04-CSE-05, April 2004.
  5. The Spamhaus Project. The definition of spam. http://www. spamhaus. org/definition. html
  6. Anti-Phishing Working Group. Phishing archive. http://www. antiphishing. org/.
  7. Yahoo. Domainkeys: Proving and protecting email sender identity. http://antispam. yahoo. com/domainkeys
  8. Meng Wong and Wayne Schlitt. Rfc 4408 - sender policy framework (spf) for authorizing use of domains in e-mail, version 1, April 2006.
  9. William Leibzon. Message enhancements for transmission authorization. http://www. metasignatures. org/
  10. Mutual Internet Practices Association. Certified server validation. http://mipassoc. org/csv/.
  11. E. Allman ,Sendmail, Inc. ;J. Callas, PGP Corporation; M. Delany M. Libbey Yahoo! Inc. ; J. Fenton M. Thomas Cisco Systems, Inc; Network Working Group; Request for Comments: 4871 ;May 2007.
  12. D. Eastlake 3rd; Motorola; RSA/SHA-1 SIGs and RSA KEYs in the Domain Name System (DNS); Request for Comments: 3110; May 2001;
  13. J. Jonsson, B. Kaliski; RSA Laboratories; Public-Key Cryptography Standards (PKCS) #1: RSA Cryptography Specifications Version 2. 1; Request for Comments: 3447; February 2003.
  14. Johannes Blomer, Alexander May; A Generalized Wiener Attack on RSA.
  15. D. Boneh. Twenty Years of Attacks on the RSA Cryptosystem. Notices of the American Mathematical Society, 46(2):203--213, 1999.
  16. A. Shamir, N. van Someren. Playing hide and seek with stored keys; Lectures in computer science, 1998; http://www. simovits. com/archive/keyhide2. pdf.
  17. Sooel Son and Vitaly Shmatikov, The Hitchhiker's Guide to DNS Cache Poisoning,
  18. D. Atkins and R. Austein. Threat Analysis of the Domain Name System (DNS). RFC 3833 (Informational), August 2004.
  19. M. Wiener, "Cryptanalysis of short RSA secret exponents", IEEE Transactions on Information Theory, Vol. 36, pp. 553-558, 1998.
  20. M. Kutylowski, P. Kubiak; M. Tabor, D. Wachnik; Mediated RSA cryptography specification for additive private key splitting (mRSAA); Internet Draft; November 14, 2011.
  21. Xuhua Ding and Gene Tsudik, Simple identity based cryptography with mediated RSA, in: The Cryptographers Track RSA Conference, San Francisco, USA, 2003.
  22. Jean Claude Bajard, Heinrich Hördegen ; Pseudo-Random Generator Based on Chinese Remainder Theorem;, Advanced Signal Processing Algorithms, Architectures, and Implementations XIX, San-Diego; 2009.
  23. M. Bellare, A. Boldyreva, and S. Micali. Public-key encryption in a multi-user setting: Security proofs and improvements. In Preneel (18), pages 259–274.
  24. Xuhua Ding and Gene Tsudik, Simple identity based cryptography with mediated RSA, in: The Cryptographers Track RSA Conference, San Francisco, USA, 2003.
  25. E. Fujisaki, T. Okamoto, D. Pointcheval, and J. Stern. RSA-OAEP is secure under the rsa assumption. In Kilian (15), pages 260–274.
  26. E. Fujisaki, T. Okamoto, D. Pointcheval, and J. Stern. RSA-OAEP is secure under the rsa assumption. In Kilian (15), pages 260–274.
Index Terms

Computer Science
Information Sciences

Keywords

Spam control DKIM Wiener attack DNS cache poisoning and Identity based mediated-RSAA