Persistent S/MIME signature in e-mails forwarding

The e-mail is nowadays one of the primary communication mean, that still lacks some simple security possibilities. Among them, the electronic signature is a powerful technology, but it can regrettably leads to misconceptions for the users in some case. In particular, considering the forwarding of an...

Full description

Saved in:
Bibliographic Details
Main Authors: Dubos, Charles, Serhrouchni, Ahmed
Format: Conference Proceeding
Language:English
Subjects:
e-mail confidentiality
e-mail forwarding
e-mail integrity
Electronic mail
Encryption
Receivers
S/MIME
Security
signature
trust
Online Access:Request full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:The e-mail is nowadays one of the primary communication mean, that still lacks some simple security possibilities. Among them, the electronic signature is a powerful technology, but it can regrettably leads to misconceptions for the users in some case. In particular, considering the forwarding of an e-mail, the security attributes of the content set by the initial sender are not preserved. More precisely, when a signed e-mail is forwarded, the signature is lost after the forwarding. This is also misleading because, if the forwarder uses his own signature, the final receiver will see the message as signed, and will consider the signature as valid, whereas the signature is not the one of the authentic author of the e-mail. To address this problem, we propose the use of a header to indicate the forwarding of the e-mail without modifying its initial signature and content. With this simple header, the forwarding of an e-mail preserves its integrity and grants the receiver that the initial e-mail has not been modified. We also take into account the use of encrypted e-mails and propose a scheme for the proposed header to be operative. We also prove the proposed header is usable with the common e-mail providers and agents.
ISSN:2640-558X
DOI:10.1109/MobiSecServ50855.2022.9727222