Improving email trustworthiness through social-group key authentication

The increasing use of email for phishing and unsolicited marketing has reduced the trustworthiness of email as a communication medium. Sender authentication is a known defense against these attacks. Existing proposals for sender authentication either require infrastructural support or break compatibility with existing email infrastructure. We propose, implement, and evaluate social-group key authentication, an incrementally deployable and backward compatible sender authentication mechanism for email. Our solution requires honest majority instead of trust infrastructure or human input for correctness. In accordance with the end-to-end principle, authentication is implemented at the mail client by executing our previously proposed Byzantine fault tolerant public key authentication protocol [12] as an overlay on top of the mail transport protocol. We evaluated the authentication overhead by instrumenting our Thunderbird authentication plugin with synthetic data and found a user visible latency increase of about 200ms. Real life usability of the authentication mechanism is investigated with two anonymized email traces. Our results show that about 40 % of the peers can be authenticated over the 92 day trace period without adding any new messages to the email network. Adding a small fraction of extra email messages permits more than 90 % of the peers to be authenticated within a week.