Lightweight Email Signatures (Extended Abstract)

  • Ben Adida
  • David Chau
  • Susan Hohenberger
  • Ronald L. Rivest
Part of the Lecture Notes in Computer Science book series (LNCS, volume 4116)


We present Lightweight Email Signatures (LES), a simple cryptographic architecture for authenticating email. LES is an extension of DKIM, the recent IETF effort to standardize domain-based email signatures. LES shares DKIM’s ease of deployment: they both use the DNS to distribute a single public key for each domain. Importantly, LES supports common uses of email that DKIM jeopardizes: multiple email personalities, firewalled ISPs, incoming-only email forwarding services, and other common uses that often require sending email via a third-party SMTP server. In addition, LES does not require DKIM’s implied intra-domain mechanism for authenticating users when they send email.

LES provides these features using identity-based signatures. Each domain authority generates a master keypair, publishes the public component in the DNS, and stores the private component securely. Using this private component, the authority delivers to each of its users, via email, an individual secret key whose identity string corresponds to the user’s email address. A sender then signs messages using this individual secret key. A recipient verifies such a signature by querying the appropriate master public key from the DNS, computing the sender’s public key, and verifying the signature accordingly. As an added bonus, the widespread availability of user-level public keys enables deniable authentication, such as ring signatures. Thus, LES provides email authentication with optional repudiability.

We built a LES prototype to determine its practicality. Basic user tests show that the system is relatively easy to use, and that cryptographic performance, even when using deniable authentication, is well within acceptable range.


Signature Scheme Ring Signature Mailing List Deniable Authentication Ring Signature Scheme 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Adida, B., Hohenberger, S., Rivest, R.L.: Ad-hoc-group signatures from hijacked keypairs (2005),
  2. 2.
    American Banking Association. Beware of Internet Scrooges this Holiday,
  3. 3.
    Anti-Phishing Working Group,
  4. 4.
    Anti-Phishing Working Group. Digital Signatures to Fight Phishing Attacks,
  5. 5.
    Bellare, M., Namprempre, C., Neven, G.: Security proofs for identity-based identification and signature schemes. In: Stern, J. (ed.) EUROCRYPT 1999. LNCS, vol. 1592, pp. 268–286. Springer, Heidelberg (1999)Google Scholar
  6. 6.
    Bellovin, S.M.: Spamming, phishing, authentication, and privacy. Inside Risks, Communications of the ACM 47(12) (December 2004)Google Scholar
  7. 7.
    Borisov, N., Goldberg, I., Brewer, E.: Off-the-record communication, or, why not to use PGP. In: WPES 2004, pp. 77–84. ACM Press, New York (2004)CrossRefGoogle Scholar
  8. 8.
    Brown, D.R.: Deniable authentication with rsa and multicasting. In Cryptology ePrint Archive, Report 2005/056 (2005)Google Scholar
  9. 9.
    Cramer, R., Damgård, I.B., Schoenmakers, B.: Proof of partial knowledge and simplified design of witness hiding protocols. In: Desmedt, Y.G. (ed.) CRYPTO 1994. LNCS, vol. 839, pp. 174–187. Springer, Heidelberg (1994)Google Scholar
  10. 10.
    Crispin, M.: RFC 1730: Internet Mail Access Protocol - Version (December 4, 1994)Google Scholar
  11. 11.
    Dhamija, R., Tygar, J.D.: Phish and hIPs: Human interactive proofs to detect phishing attacks. In: Baird, H.S., Lopresti, D.P. (eds.) HIP 2005. LNCS, vol. 3517, pp. 127–141. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  12. 12.
    Damiani, E., et al.: Spam Attacks: P2P to the Rescue. In: WWW 2004, pp. 358–359 (2004)Google Scholar
  13. 13.
    M.C., et al.: Internet X.509 Public Key Infrastructure (latest draft). IETF Internet Drafts (January 2005)Google Scholar
  14. 14.
    Garfinkel, S.L.: Email-Based Identification and Authentication: An Alternative to PKI? IEEE Security & Privacy 1(6), 20–26 (2003)CrossRefGoogle Scholar
  15. 15.
    Guillou, L.C., Quisquater, J.-J.: A “Paradoxical” identity-based signature scheme resulting from zero-knowledge. In: Goldwasser, S. (ed.) CRYPTO 1988. LNCS, vol. 403, pp. 216–231. Springer, Heidelberg (1990)Google Scholar
  16. 16.
    Herzberg, A.: Controlling spam by secure internet content selection. In: Blundo, C., Cimato, S. (eds.) SCN 2004. LNCS, vol. 3352, pp. 337–350. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  17. 17.
    Hoffman, P.: SMTP Service Exten. for Secure SMTP over Transport Layer Security. Internet Mail Consortium RFC,
  18. 18.
    IETF: The DKIM Working Group,
  19. 19.
    IETF. MTA Authorization Records in DNS (MARID) (June 2004),
  20. 20.
    Jakobsson, M.: Modeling and Preventing Phishing Attacks. In: S. Patrick, A., Yung, M. (eds.) FC 2005. LNCS, vol. 3570, p. 89. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  21. 21.
    Jakobsson, M., Sako, K., Impagliazzo, R.: Designated verifier proofs and their applications. In: EUROCRYPT 1996. LNCS, vol. 1233. Springer, Heidelberg (1996)Google Scholar
  22. 22.
    Krawczyk, H., Rabin, T.: Chameleon signatures. In: Network and Distributed System Security (NDSS) (2000)Google Scholar
  23. 23.
    Levine, J., DeKok, A., et al.: Lightweight MTA Authentication Protocol (LMAP) Discussion and Comparison (February 2004),
  24. 24.
    Levine, J.R.: A Flexible Method to Validate SMTP Senders in DNS (2004),
  25. 25.
    MAPS. RBL - Realtime Blackhole List (1996),
  26. 26.
    Mason, J.: Filtering Spam with SpamAssassin. In: HEANet Conference (2002)Google Scholar
  27. 27.
    MessageLabs. Annual Email Security Report (December 2004),
  28. 28.
    Meyer, T., Whateley, B.: SpamBayes: Effective open-source, Bayesian based, email classification system. In: Conference on Email and Anti-Spam (July 2004)Google Scholar
  29. 29.
    Microsoft. Phishing Scams: 5 Ways to Help Protect Your Identity,
  30. 30.
  31. 31.
    Myers, J.: RFC 1939: Post Office Protocol - Version 3 (May 1996)Google Scholar
  32. 32.
  33. 33.
    Rivest, R.L., Shamir, A., Tauman, Y.: How to leak a secret. In: Boyd, C. (ed.) ASIACRYPT 2001. LNCS, vol. 2248, pp. 552–565. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  34. 34.
    Sahami, M., Dumais, S., Heckerman, D., Horvitz, E.: A Bayesian Approach to Filtering Junk E-Mail. In: Learning for Text Categorization (May 1998)Google Scholar
  35. 35.
    Schneier, B.: Safe Personal Computing. Schneier On Security Weblog (December 2004),
  36. 36.
    Shamir, A.: Identity-based cryptosystems and signature schemes. In: Blakely, G.R., Chaum, D. (eds.) CRYPTO 1984. LNCS, vol. 196, pp. 47–53. Springer, Heidelberg (1985)CrossRefGoogle Scholar
  37. 37.
    Smetters, D., Durfee, G.: Domain-based administration of identity-based cryptosystems for secure email and IPSEC. In: USENIX Security Symposium (2003)Google Scholar
  38. 38.
    The Spamhaus Project. The Spamhaus Block List,
  39. 39.
    Tumbleweed Communications. Digitally-Signed Emails to Protect Against Phishing Attacks,
  40. 40.
    Zimmerman, P.: Pretty Good Privacy,

Copyright information

© Springer-Verlag Berlin Heidelberg 2006

Authors and Affiliations

  • Ben Adida
    • 1
  • David Chau
    • 1
  • Susan Hohenberger
    • 2
  • Ronald L. Rivest
    • 1
  1. 1.CSAIL, Massachusetts Institute of TechnologyCambridgeUSA
  2. 2.Zurich Research LaboratoryIBM ResearchRüschlikon

Personalised recommendations