On Email Spamming Under the Shadow of Large Scale Use of Identity-Based Encryption

  • Christian Veigner
  • Chunming Rong
Part of the Lecture Notes in Computer Science book series (LNCS, volume 4158)


In 1984 Adi Shamir requested a solution for a novel public-key encryption scheme, called identity-based encryption (IBE). The original motivation for IBE was to help the deployment of a public-key infrastructure. The idea of an IBE scheme is that the public key can be any arbitrary string, for example, an email address, a name or a role. An IBE scheme does not need to download certificates to authenticate public keys as in a public-key infrastructure (PKI). A public key in an identity-based cryptosystem is simply the receiver’s identity, e.g. an email address. As often, when new technology occurs, the focus is on the functionality of the technology and not on its security. In this paper we briefly review about identity-based encryption and decryption. Later on we show that IBE schemes used for secure emailing render spamming far easier for spammers compared to if a PKI certificate approach is used.


Wireless Sensor Network Destination Node Advance Encryption Standard Certificate Authority Data Encryption Standard 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Shamir, A.: Identity-based cryptography and signature schemes. In: Blakely, G.R., Chaum, D. (eds.) CRYPTO 1984. LNCS, vol. 196, pp. 47–53. Springer, Heidelberg (1985)CrossRefGoogle Scholar
  2. 2.
    Feige, U., Fiat, A., Shamir, A.: Zero-knowledge proofs of identity. J. Cryptology 1, 77–94 (1988)MATHCrossRefMathSciNetGoogle Scholar
  3. 3.
    Fiat, A., Shamir, A.: How to prove yourself: practical solutions to identification and signa-ture problems. In: Odlyzko, A.M. (ed.) CRYPTO 1986. LNCS, vol. 263, pp. 186–194. Springer, Heidelberg (1987)Google Scholar
  4. 4.
    Boneh, D., Franklin, M.: Identity-based encryption from the Weil pairing. In: Kilian, J. (ed.) CRYPTO 2001. LNCS, vol. 2139, pp. 213–229. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  5. 5.
    Boyen, X.: Multipurpose Identity-based signcryption, a Swiss army knife for identity-based cryptography. In: Boneh, D. (ed.) CRYPTO 2003. LNCS, vol. 2729, pp. 383–399. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  6. 6.
    Chen, L., Kudla, C.: Identity-based authenticated key agreement protocols from pairings, Cryptology ePrint Archive, Report 2002/184 (2002),
  7. 7.
    Lynn, B.: Authenticated identity-based encryption, Cryptology ePrint Archive, Report 2002/072 (2002),
  8. 8.
    Waters, B.R.: Efficient Identity-Based Encryption Without Random Oracles, Cryptology ePrint Archive, Report 2004/180 (2004),
  9. 9.
    Voltage security, E-mail Security – The IBE Advantage (2004)Google Scholar
  10. 10.
    Veigner, C., Rong, C.: Identity-Based Key Agreement and Encryption for Wireless Sensor Networks (in preprint)Google Scholar
  11. 11.
    Veigner, C., Rong, C.: Simulating Identity-Based Key Agreement For Wireless Sensor Networks (in preprint)Google Scholar
  12. 12.
    Data Encryption Standard (DES), FIPS 46-2,
  13. 13.
    Advanced Encryption Standard (AES), FIPS 197,
  14. 14.
  15. 15.
  16. 16.
  17. 17.
  18. 18.
  19. 19.
    Schlegel, R., Vaudenay, S.: Enforcing Email Addresses Privacy Using Tokens. In: Feng, D., Lin, D., Yung, M. (eds.) CISC 2005. LNCS, vol. 3822, pp. 91–100. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  20. 20.
  21. 21.
    Roman, R., Zhou, J., Lopez, J.: Protection against Spam using Pre-Challenges. In: Security and Privacy in the Age of Ubiquitous Computing IFIP TC11, 20th International Information Security Conference (Sec 2005), pp. 281–294. Springer, Heidelberg (2005)Google Scholar
  22. 22.
    Harris, E.: The Next Step in the Spam Control War: Graylisting (2003),
  23. 23.
    Delany, M.: Domain-based Email Authentication Using Public-Keys Advertised in the DNS (DomainKeys). IETF Draft (2005)Google Scholar
  24. 24.
    Ioannidis, J.: Fighting Spam by Encapsulating Policy in Email Addresses. In: Symposium on Network and Distributed Systems Security (NDSS 2003) (February 2003)Google Scholar
  25. 25.
    Cranor, L.F., LaMacchia, B.A.: SPAM! Communications of the ACM 41(8), 74–83 (1998)CrossRefGoogle Scholar
  26. 26.
    Abadi, M., Birrell, A., Burrows, M., Dabek, F., Wobber, T.: Bankable Postage for Network Services. In: Saraswat, V.A. (ed.) ASIAN 2003. LNCS, vol. 2896, pp. 72–90. Springer, Heidelberg (2003)CrossRefGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2006

Authors and Affiliations

  • Christian Veigner
    • 1
  • Chunming Rong
    • 1
  1. 1.University of StavangerStavangerNorway

Personalised recommendations