暂无分享,去创建一个
Jeremy Clark | Daniel Zappala | Scott Ruoti | Paul C. van Oorschot | Kent E. Seamons | Jeremy Clark | P. V. Oorschot | K. Seamons | D. Zappala | Scott Ruoti
[1] Susan Young,et al. Anatomy of an Attack , 2003 .
[2] Jeremy Clark,et al. 2013 IEEE Symposium on Security and Privacy SoK: SSL and HTTPS: Revisiting past challenges and evaluating certificate trust model enhancements , 2022 .
[3] Christopher Hadnagy,et al. Social Engineering: The Art of Human Hacking , 2010 .
[4] He Liu,et al. Click Trajectories: End-to-End Analysis of the Spam Value Chain , 2011, 2011 IEEE Symposium on Security and Privacy.
[5] Randall Gellens,et al. Message Submission for Mail , 2006, RFC.
[6] Seny Kamara. Encrypted Search , 2015, XRDS.
[7] Jim Fenton,et al. Analysis of Threats Motivating DomainKeys Identified Mail (DKIM) , 2006, RFC.
[8] Ramaswamy Chandramouli,et al. NIST Special Publication 800-177: Trustworthy Email , 2016 .
[9] Yevgeniy Vorobeychik,et al. Optimal Personalized Filtering Against Spear-Phishing Attacks , 2015, AAAI.
[10] Michael J. Freedman,et al. CONIKS: Bringing Key Transparency to End Users , 2015, USENIX Security Symposium.
[11] G. Loewenstein,et al. Privacy and human behavior in the age of information , 2015, Science.
[12] Steven M. Bellovin. Easy Email Encryption , 2016, IEEE Secur. Priv..
[13] Blake Ramsdell,et al. S/MIME Version 3 Message Specification , 1999, RFC.
[14] Mark Ryan,et al. Enhanced Certificate Transparency and End-to-End Encrypted Mail , 2014, NDSS.
[15] Stefan Savage,et al. An inquiry into the nature and causes of the wealth of internet miscreants , 2007, CCS '07.
[16] Sean Turner,et al. Secure/Multipurpose Internet Mail Extensions (S/MIME) Version 4.0 Message Specification , 2019, RFC.
[17] Mohammad Maifi Hasan Khan,et al. Why Do They Do What They Do?: A Study of What Motivates Users to (Not) Follow Computer Security Advice , 2016, SOUPS.
[18] Ada Lerner,et al. Confidante: Usable Encrypted Email: A Case Study with Lawyers and Journalists , 2017, 2017 IEEE European Symposium on Security and Privacy (EuroS&P).
[19] Daiping Liu,et al. All Your DNS Records Point to Us: Understanding the Security Threats of Dangling DNS Records , 2016, CCS.
[20] Peter G. Neumann,et al. The risks of key recovery, key escrow, and trusted third-party encryption , 1997, World Wide Web J..
[21] J. Alex Halderman,et al. Neither Snow Nor Rain Nor MITM...: An Empirical Analysis of Email Delivery Security , 2015, Internet Measurement Conference.
[22] Ian Goldberg,et al. Privacy-Enhancing Technologies for the Internet, II: Five Years Later , 2002, Privacy Enhancing Technologies.
[23] Ben Laurie,et al. Certificate transparency , 2014, Commun. ACM.
[24] John C. Klensin,et al. Simple Mail Transfer Protocol , 2001, RFC.
[25] Thomas A. Peters,et al. Privacy on the line: The politics of wiretapping and encryption , 1998 .
[26] Shari Lawrence Pfleeger,et al. Going Spear Phishing: Exploring Embedded Training and Awareness , 2014, IEEE Security & Privacy.
[27] Thomas D. Wu. The Secure Remote Password Protocol , 1998, NDSS.
[28] Harry Halpin,et al. LEAP: A Next-Generation Client VPN and Encrypted Email Provider , 2016, CANS.
[29] Kurt Andersen,et al. Recommended Usage of the Authenticated Received Chain (ARC) , 2016 .
[30] William L. Simon,et al. The Art of Deception: Controlling the Human Element of Security , 2001 .
[31] Arvind Narayanan,et al. I never signed up for this! Privacy implications of email tracking , 2018, Proc. Priv. Enhancing Technol..
[32] Adam Back,et al. Hashcash - A Denial of Service Counter-Measure , 2002 .
[33] David A. Wagner,et al. Privacy-enhancing technologies for the Internet , 1997, Proceedings IEEE COMPCON 97. Digest of Papers.
[34] Volker Roth,et al. Security and usability engineering with particular attention to electronic mail , 2005, Int. J. Hum. Comput. Stud..
[35] Daniel Zappala,et al. Private Webmail 2.0: Simple and Easy-to-Use Secure Email , 2016, UIST.
[36] Nathaniel S. Borenstein,et al. Multipurpose Internet Mail Extensions (MIME) Part One: Format of Internet Message Bodies , 1996, RFC.
[37] Moni Naor,et al. Pricing via Processing or Combatting Junk Mail , 1992, CRYPTO.
[38] Stephen T. Kent,et al. Internet Privacy Enhanced Mail , 1993, CACM.
[39] Scott Kitterman,et al. Sender Policy Framework (SPF) for Authorizing Use of Domains in Email, Version 1 , 2014, RFC.
[40] Kurt Andersen,et al. Authenticated Received Chain (ARC) , 2016 .
[41] David Shaw,et al. OpenPGP Message Format , 1998, RFC.
[42] Nick Mathewson,et al. Tor: The Second-Generation Onion Router , 2004, USENIX Security Symposium.
[43] Paul C. van Oorschot,et al. An Administrator's Guide to Internet Password Research , 2014, LISA.
[44] Ian Brown,et al. Security against compelled disclosure , 2000, Proceedings 16th Annual Computer Security Applications Conference (ACSAC'00).
[45] 白石 善明,et al. "Confused Johnny: When Automatic Encryption Leads to Confusion and Mistakes"の紹介 , 2013 .
[46] Alfred Menezes,et al. Handbook of Applied Cryptography , 2018 .
[47] J. Doug Tygar,et al. Why Johnny Can't Encrypt: A Usability Evaluation of PGP 5.0 , 1999, USENIX Security Symposium.
[48] D. H. Crocker,et al. Standard for the format of arpa intemet text messages , 1982 .
[49] Arnt Gulbrandsen,et al. IMAP Extension for Simple Authentication and Security Layer (SASL) Initial Client Response , 2007, RFC.
[50] Paul F. Syverson,et al. Onion routing , 1999, CACM.
[51] Burton S. Kaliski. Privacy Enhancement for Internet Electronic Mail: Part IV: Key Certification and Related Services , 1993, RFC.
[52] Mahdi N. Al-Ameen,et al. When the Weakest Link is Strong: Secure Collaboration in the Case of the Panama Papers , 2017, USENIX Security Symposium.
[53] Ian Goldberg,et al. SoK: Secure Messaging , 2015, 2015 IEEE Symposium on Security and Privacy.
[54] Markus Jakobsson,et al. Designated Verifier Proofs and Their Applications , 1996, EUROCRYPT.
[55] Gianluca Stringhini,et al. The Tricks of the Trade: What Makes Spam Campaigns Successful? , 2014, 2014 IEEE Security and Privacy Workshops.
[56] Matthew Smith,et al. An Empirical Study of Textual Key-Fingerprint Representations , 2016, USENIX Security Symposium.
[57] Benjamin Livshits,et al. ConScript: Specifying and Enforcing Fine-Grained Security Policies for JavaScript in the Browser , 2010, 2010 IEEE Symposium on Security and Privacy.
[58] Doowon Kim,et al. An Inconvenient Trust: User Attitudes toward Security and Usability Tradeoffs for Key-Directory Encryption Systems , 2016, SOUPS.
[59] David Cooper,et al. Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile , 2008, RFC.
[60] Daniel Zappala,et al. "We're on the Same Page": A Usability Study of Secure Email Using Pairs of Novice Users , 2015, CHI.
[61] Ben Laurie,et al. “ Proof-of-Work ” Proves Not to Work version 0 . 2 , 2004 .
[62] Alexey Melnikov,et al. SMTP Service Extension for Authentication , 2007, RFC.
[63] Ian Goldberg,et al. Leading Johnny to Water: Designing for Usability and Trust , 2015, SOUPS.
[64] Craig Gentry,et al. A fully homomorphic encryption scheme , 2009 .
[65] Nikita Borisov,et al. Off-the-record communication, or, why not to use PGP , 2004, WPES '04.
[66] Rob Miller,et al. Johnny 2: a user test of key continuity management with S/MIME and Outlook Express , 2005, SOUPS '05.
[67] Wouter Joosen,et al. WebJail: least-privilege integration of third-party components in web mashups , 2011, ACSAC '11.
[68] Amit A. Levy,et al. Vanish: Increasing Data Privacy with Self-Destructing Data , 2009, USENIX Security Symposium.
[69] Brent Waters,et al. Defeating Vanish with Low-Cost Sybil Attacks Against Large DHTs , 2010, NDSS.
[70] Simson L. Garfinkel,et al. How to make secure email easier to use , 2005, CHI.
[71] Stefan Savage,et al. Security by Any Other Name: On the Effectiveness of Provider Based Email Security , 2015, CCS.
[72] Gianluca Stringhini,et al. B@bel: Leveraging Email Delivery for Spam Mitigation , 2012, USENIX Security Symposium.
[73] Daniel Zappala,et al. Weighing Context and Trade-offs: How Suburban Adults Selected Their Online Security Posture , 2017, SOUPS.
[74] Dawn Xiaodong Song,et al. Practical techniques for searches on encrypted data , 2000, Proceeding 2000 IEEE Symposium on Security and Privacy. S&P 2000.
[75] Paul E. Hoffman,et al. SMTP Service Extension for Secure SMTP over Transport Layer Security , 2002, RFC.
[76] Philip Zimmermann,et al. PGP source code and internals , 1995 .
[77] John Linn,et al. Privacy enhancement for Internet electronic mail: Part II - certificate-based key management , 1987, Request for Comments.
[78] Urs Gasser,et al. Don't Panic: Making Progress on the "Going Dark" Debate , 2016 .
[79] Raph Levien,et al. MIME Security with OpenPGP , 2001, RFC.
[80] M. Angela Sasse,et al. Obstacles to the Adoption of Secure Communication Tools , 2017, 2017 IEEE Symposium on Security and Privacy (SP).
[81] Apu Kapadia. A Case (Study) For Usability in Secure Email Communication , 2007, IEEE Security & Privacy.
[82] Mohamed Ali Kâafar,et al. TLS in the Wild: An Internet-wide Analysis of TLS-based Protocols for Electronic Communication , 2015, NDSS.
[83] Lorrie Faith Cranor,et al. A Framework for Reasoning About the Human in the Loop , 2008, UPSEC.
[84] Craig Partridge,et al. The Technical Development of Internet Email , 2008, IEEE Annals of the History of Computing.
[85] Mat Ford. DANE: Taking TLS Authentication to the Next Level Using DNSSEC , 2011 .
[86] Edward W. Felten,et al. Secrecy, flagging, and paranoia: adoption criteria in encrypted email , 2006, CHI.
[87] Melanie Volkamer,et al. Why Doesn't Jane Protect Her Privacy? , 2014, Privacy Enhancing Technologies.
[88] Daniel Zappala,et al. Why Johnny Still, Still Can't Encrypt: Evaluating the Usability of a Modern PGP Client , 2015, ArXiv.
[89] David Lacey,et al. Death by a Thousand Facts: Criticising the Technocratic Approach to Information Security Awareness , 2012, Inf. Manag. Comput. Secur..
[90] Youssef Iraqi,et al. Phishing Detection: A Literature Survey , 2013, IEEE Communications Surveys & Tutorials.
[91] Nick Mathewson,et al. Anonymity Loves Company: Usability and the Network Effect , 2006, WEIS.
[92] A. Narayanan. What happened to the crypto dream?, Part 2 , 2013, IEEE Security & Privacy.
[93] L. Jean Camp. Mental models of privacy and security , 2009, IEEE Technology and Society Magazine.
[94] Murray S. Kucherawy,et al. Domain-based Message Authentication, Reporting, and Conformance (DMARC) , 2015, RFC.
[95] John Linn,et al. Privacy Enhancement for Internet Electronic Mail: Part I: Message Encryption and Authentication Procedures , 1987, RFC.
[96] Matt Blaze,et al. Transparent Internet E-mail Security , 1996 .
[97] Markus Huber,et al. No Need for Black Chambers: Testing TLS in the E-mail Ecosystem at Large , 2015, 2016 11th International Conference on Availability, Reliability and Security (ARES).
[98] Matthew Green,et al. Keys under doormats , 2015, J. Cybersecur..
[99] Russ Housley,et al. Cryptographic Message Syntax (CMS) , 2002, RFC.
[100] Gianluca Stringhini,et al. The harvester, the botmaster, and the spammer: on the relations between the different actors in the spam landscape , 2014, AsiaCCS.
[101] Stefan Savage,et al. PharmaLeaks: Understanding the Business of Online Pharmaceutical Affiliate Programs , 2012, USENIX Security Symposium.
[102] Chris Newman,et al. Using TLS with IMAP, POP3 and ACAP , 1999, RFC.
[103] Yael Tauman Kalai,et al. How to Leak a Secret: Theory and Applications of Ring Signatures , 2001, Essays in Memory of Shimon Even.
[104] Bruce Schneier,et al. An improved e-mail security protocol , 1997, Proceedings 13th Annual Computer Security Applications Conference.
[105] Hung-Min Sun,et al. A Study of User-Friendly Hash Comparison Schemes , 2009, 2009 Annual Computer Security Applications Conference.
[106] Robert Siemborski,et al. The Post Office Protocol (POP3) Simple Authentication and Security Layer (SASL) Authentication Mechanism , 2007, RFC.
[107] Laura A. Dabbish,et al. "My Data Just Goes Everywhere: " User Mental Models of the Internet and Implications for Privacy and Security , 2015, SOUPS.
[108] Carlisle Adams,et al. Understanding PKI: Concepts, Standards, and Deployment Considerations , 1999 .
[109] Paul E. Hoffman,et al. The DNS-Based Authentication of Named Entities (DANE) Transport Layer Security (TLS) Protocol: TLSA , 2012, RFC.
[110] David Chaum,et al. Designated Confirmer Signatures , 1994, EUROCRYPT.
[111] Hilarie Orman. Encrypted Email: The History and Technology of Message Privacy , 2015 .
[112] Sean W. Smith,et al. ABUSE: PKI for Real-World Email Trust , 2009, EuroPKI.
[113] Sebastian Günther. Folk Models of Home Computer Security , 2012 .
[114] John Linn,et al. Privacy enhancement for Internet electronic mail: Part III - algorithms, modes, and identifiers , 1989, RFC.
[115] Murray S. Kucherawy,et al. DomainKeys Identified Mail (DKIM) Signatures , 2011, RFC.
[116] Markus Huber,et al. When SIGNAL hits the Fan: On the Usability and Security of State-of-the-Art Secure Mobile Messaging , 2016 .
[117] David Chaum,et al. Untraceable electronic mail, return addresses, and digital pseudonyms , 1981, CACM.
[118] Phillip M. Hallam-Baker,et al. DomainKeys Identified Mail (DKIM) Service Overview , 2009, RFC.
[119] Ian Goldberg,et al. Privacy Enhancing Technologies for the Internet III : Ten Years Later ∗ , 1997 .
[120] Ian Goldberg,et al. A pseudonymous communications infrastructure for the internet , 2000 .
[121] S. D. Wolthusen. A distributed multipurpose mail guard , 2003, IEEE Systems, Man and Cybernetics SocietyInformation Assurance Workshop, 2003..
[122] Ralf Sasse,et al. ARPKI: Attack Resilient Public-Key Infrastructure , 2014, CCS.
[123] Stephen Farrell. Why Don't We Encrypt Our Email? , 2009, IEEE Internet Computing.