Cryptographic Countermeasures

Many of the technical vulnerabilities which make mail bombing a serious threat could be significantly mitigated by enhancing the security infrastructure of the Internet. Published by Linn in 1988, RFC 1040 [13] discussed SMTP message encryption and authentication procedures. His continuing work in RFC 1115 [14] specified the cryptographic algorithms to support Privacy Enhanced Mail (PEM), including the use of public-key encryption algorithms.

Presently, the PEM specification is contained in four RFCs which are all a part of the ``Privacy Enhancement for Internet Mail'' series (RFCs 1421-1424):

Part 1:

Message and Authentication Procedures

Part 2:

Certificate-Based Key Management

Part 3:

Algorithms, Modes, and Identifiers

Part 4:

Key Certification and Related Services

The core security problem with e-mail bombs is the authentication of the originator. PEM (and similar cryptographic e-mail services) offer both symmetric and assymetric authentication, supporting a wide variety of cryptographic algorithms [16]. Methods for processing mail addressed to mailing lists are also provided; however, cryptographic authentication remains problematic for e-mail transport [17]. The reader is referred to many numerous references on the subject [16] [17] for a more detailed technical discussion.

Unfortunately, PEM provides integrity protection only on the body of a message. The header fields of an SMTP message are not protected because MTAs need to modify many of the header fields during e-mail transport [17]. As pointed out earlier, the entire SMTP infrastructure relies on a complex, heterogeneous internetwork of MTAs and MUAs. Therefore, cryptographic solutions which work robustly with intermediate systems are very difficult to design. Scalability and interoperability become complex technical issues which are very expensive to design, implement and sustain.

Scalability and interoperability concerns are also major obstacles in the global management of crytographic keys, known as the emerging Public Key Infrastructure, PKI. Combining a heterogeneous public-key infrastructure with a robust global MTA infrastructure will provide the developer community with cryptographic tools to address e-mail sender authentication. However, by no means will a PKI solve the e-mail bomb threat without MTA and MUA integration. Finally, PKI-MTA integration may not significantly mitigate the e-mail bomb problem because PKI was designed to address confidentaility, authentication, integrity, and non-repudiation and not denial of service attacks.

All technologies that present new opportunities also propagate new vulnerabilities and risks. Emerging public-key cryptosystems are traditionallly viewed as defensive mechanisms; strenthening the integrity, confidentialility, and authentication of our electronic infrastructure. However, the widespread availability of cryptosystems create potential offensive threats to the infrastructure which are normally considered after design and deployment. The interested reader is referred to an excellent paper by Young and Yung [18] which discusses cryptovirology and cryptoextortion; emerging topics which are out of the scope of this paper.