{"id":"https://openalex.org/W3107581703","doi":"https://doi.org/10.1145/3372297.3417878","title":"Mitigation of Attacks on Email End-to-End Encryption","display_name":"Mitigation of Attacks on Email End-to-End Encryption","publication_year":2020,"publication_date":"2020-10-30","ids":{"openalex":"https://openalex.org/W3107581703","doi":"https://doi.org/10.1145/3372297.3417878","mag":"3107581703"},"language":"en","primary_location":{"id":"doi:10.1145/3372297.3417878","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3372297.3417878","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2020 ACM SIGSAC Conference on Computer and Communications Security","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5053201224","display_name":"J\u00f6rg Schwenk","orcid":"https://orcid.org/0000-0001-9315-7354"},"institutions":[{"id":"https://openalex.org/I904495901","display_name":"Ruhr University Bochum","ror":"https://ror.org/04tsk2644","country_code":"DE","type":"education","lineage":["https://openalex.org/I904495901"]}],"countries":["DE"],"is_corresponding":false,"raw_author_name":"J\u00f6rg Schwenk","raw_affiliation_strings":["Ruhr University Bochum, Bochum, Germany"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Ruhr University Bochum, Bochum, Germany","institution_ids":["https://openalex.org/I904495901"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5101417857","display_name":"Marcus Brinkmann","orcid":"https://orcid.org/0000-0001-5649-6357"},"institutions":[{"id":"https://openalex.org/I904495901","display_name":"Ruhr University Bochum","ror":"https://ror.org/04tsk2644","country_code":"DE","type":"education","lineage":["https://openalex.org/I904495901"]}],"countries":["DE"],"is_corresponding":false,"raw_author_name":"Marcus Brinkmann","raw_affiliation_strings":["Ruhr University Bochum, Bochum, Germany"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Ruhr University Bochum, Bochum, Germany","institution_ids":["https://openalex.org/I904495901"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5082564851","display_name":"Damian Poddebniak","orcid":null},"institutions":[{"id":"https://openalex.org/I63274643","display_name":"FH M\u00fcnster","ror":"https://ror.org/00pv45a02","country_code":"DE","type":"education","lineage":["https://openalex.org/I63274643"]}],"countries":["DE"],"is_corresponding":false,"raw_author_name":"Damian Poddebniak","raw_affiliation_strings":["M\u00fcnster University of Applied Sciences, M\u00fcnster, Germany"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"M\u00fcnster University of Applied Sciences, M\u00fcnster, Germany","institution_ids":["https://openalex.org/I63274643"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5101617193","display_name":"Jens M\u00fcller","orcid":"https://orcid.org/0000-0001-9875-3534"},"institutions":[{"id":"https://openalex.org/I904495901","display_name":"Ruhr University Bochum","ror":"https://ror.org/04tsk2644","country_code":"DE","type":"education","lineage":["https://openalex.org/I904495901"]}],"countries":["DE"],"is_corresponding":false,"raw_author_name":"Jens M\u00fcller","raw_affiliation_strings":["Ruhr University Bochum, Bochum, Germany"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Ruhr University Bochum, Bochum, Germany","institution_ids":["https://openalex.org/I904495901"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5091741421","display_name":"Juraj Somorovsky","orcid":"https://orcid.org/0000-0002-3593-7720"},"institutions":[{"id":"https://openalex.org/I206945453","display_name":"Paderborn University","ror":"https://ror.org/058kzsd48","country_code":"DE","type":"education","lineage":["https://openalex.org/I206945453"]}],"countries":["DE"],"is_corresponding":false,"raw_author_name":"Juraj Somorovsky","raw_affiliation_strings":["Paderborn University, Paderborn, Germany"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Paderborn University, Paderborn, Germany","institution_ids":["https://openalex.org/I206945453"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5044292628","display_name":"Sebastian Schinzel","orcid":null},"institutions":[{"id":"https://openalex.org/I63274643","display_name":"FH M\u00fcnster","ror":"https://ror.org/00pv45a02","country_code":"DE","type":"education","lineage":["https://openalex.org/I63274643"]}],"countries":["DE"],"is_corresponding":false,"raw_author_name":"Sebastian Schinzel","raw_affiliation_strings":["M\u00fcnster University of Applied Sciences, M\u00fcnster, Germany"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"M\u00fcnster University of Applied Sciences, M\u00fcnster, Germany","institution_ids":["https://openalex.org/I63274643"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":6,"corresponding_author_ids":[],"corresponding_institution_ids":[],"apc_list":null,"apc_paid":null,"fwci":0.9479,"has_fulltext":false,"cited_by_count":10,"citation_normalized_percentile":{"value":0.81638056,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":91,"max":97},"biblio":{"volume":null,"issue":null,"first_page":"1647","last_page":"1664"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10237","display_name":"Cryptography and Data Security","score":0.9995999932289124,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10237","display_name":"Cryptography and Data Security","score":0.9995999932289124,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10951","display_name":"Cryptographic Implementations and Security","score":0.9990000128746033,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.9986000061035156,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7525216341018677},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.7184234857559204},{"id":"https://openalex.org/keywords/interoperability","display_name":"Interoperability","score":0.6257731318473816},{"id":"https://openalex.org/keywords/encryption","display_name":"Encryption","score":0.5917736887931824},{"id":"https://openalex.org/keywords/email-authentication","display_name":"Email authentication","score":0.5742719173431396},{"id":"https://openalex.org/keywords/exploit","display_name":"Exploit","score":0.4543537199497223},{"id":"https://openalex.org/keywords/flexibility","display_name":"Flexibility (engineering)","score":0.41625383496284485},{"id":"https://openalex.org/keywords/computer-network","display_name":"Computer network","score":0.3659818768501282},{"id":"https://openalex.org/keywords/internet-privacy","display_name":"Internet privacy","score":0.3555753529071808},{"id":"https://openalex.org/keywords/world-wide-web","display_name":"World Wide Web","score":0.2849029004573822},{"id":"https://openalex.org/keywords/authentication","display_name":"Authentication (law)","score":0.23405751585960388},{"id":"https://openalex.org/keywords/authentication-protocol","display_name":"Authentication protocol","score":0.06673073768615723}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7525216341018677},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.7184234857559204},{"id":"https://openalex.org/C20136886","wikidata":"https://www.wikidata.org/wiki/Q749647","display_name":"Interoperability","level":2,"score":0.6257731318473816},{"id":"https://openalex.org/C148730421","wikidata":"https://www.wikidata.org/wiki/Q141090","display_name":"Encryption","level":2,"score":0.5917736887931824},{"id":"https://openalex.org/C550791530","wikidata":"https://www.wikidata.org/wiki/Q5368811","display_name":"Email authentication","level":5,"score":0.5742719173431396},{"id":"https://openalex.org/C165696696","wikidata":"https://www.wikidata.org/wiki/Q11287","display_name":"Exploit","level":2,"score":0.4543537199497223},{"id":"https://openalex.org/C2780598303","wikidata":"https://www.wikidata.org/wiki/Q65921492","display_name":"Flexibility (engineering)","level":2,"score":0.41625383496284485},{"id":"https://openalex.org/C31258907","wikidata":"https://www.wikidata.org/wiki/Q1301371","display_name":"Computer network","level":1,"score":0.3659818768501282},{"id":"https://openalex.org/C108827166","wikidata":"https://www.wikidata.org/wiki/Q175975","display_name":"Internet privacy","level":1,"score":0.3555753529071808},{"id":"https://openalex.org/C136764020","wikidata":"https://www.wikidata.org/wiki/Q466","display_name":"World Wide Web","level":1,"score":0.2849029004573822},{"id":"https://openalex.org/C148417208","wikidata":"https://www.wikidata.org/wiki/Q4825882","display_name":"Authentication (law)","level":2,"score":0.23405751585960388},{"id":"https://openalex.org/C21564112","wikidata":"https://www.wikidata.org/wiki/Q4825885","display_name":"Authentication protocol","level":3,"score":0.06673073768615723},{"id":"https://openalex.org/C194699767","wikidata":"https://www.wikidata.org/wiki/Q7878662","display_name":"Multi-factor authentication","level":4,"score":0.0},{"id":"https://openalex.org/C33923547","wikidata":"https://www.wikidata.org/wiki/Q395","display_name":"Mathematics","level":0,"score":0.0},{"id":"https://openalex.org/C105795698","wikidata":"https://www.wikidata.org/wiki/Q12483","display_name":"Statistics","level":1,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1145/3372297.3417878","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3372297.3417878","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2020 ACM SIGSAC Conference on Computer and Communications Security","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":36,"referenced_works":["https://openalex.org/W18112494","https://openalex.org/W156706870","https://openalex.org/W1485200701","https://openalex.org/W1519919627","https://openalex.org/W1602957389","https://openalex.org/W1642192185","https://openalex.org/W1652324086","https://openalex.org/W1653446932","https://openalex.org/W1774758602","https://openalex.org/W1909457994","https://openalex.org/W1985795489","https://openalex.org/W1996182770","https://openalex.org/W2016853412","https://openalex.org/W2091797419","https://openalex.org/W2149320726","https://openalex.org/W2165214731","https://openalex.org/W2167976277","https://openalex.org/W2220632610","https://openalex.org/W2255369088","https://openalex.org/W2265760381","https://openalex.org/W2270964349","https://openalex.org/W2280332707","https://openalex.org/W2287563896","https://openalex.org/W2397911851","https://openalex.org/W2563485765","https://openalex.org/W2772525418","https://openalex.org/W2888937667","https://openalex.org/W2916867898","https://openalex.org/W2917112630","https://openalex.org/W2937339343","https://openalex.org/W2962986238","https://openalex.org/W2984768292","https://openalex.org/W3029774017","https://openalex.org/W4210467114","https://openalex.org/W4298921906","https://openalex.org/W4300576901"],"related_works":["https://openalex.org/W17155033","https://openalex.org/W3207760230","https://openalex.org/W1496222301","https://openalex.org/W1590307681","https://openalex.org/W2536018345","https://openalex.org/W4312814274","https://openalex.org/W4285370786","https://openalex.org/W2296488620","https://openalex.org/W2358353312","https://openalex.org/W2353836703"],"abstract_inverted_index":{"OpenPGP":[0],"and":[1,42,81,93,114],"S/MIME":[2],"are":[3,107],"two":[4],"major":[5],"standards":[6,70],"for":[7],"securing":[8],"email":[9,35,48,61,88,97,118],"communication":[10],"introduced":[11],"in":[12,68],"the":[13,30,33,43,47,72,116],"early":[14],"1990s.":[15],"Three":[16],"recent":[17],"classes":[18],"of":[19,32,46,74,102],"attacks":[20],"exploit":[21],"weak":[22],"cipher":[23],"modes":[24],"(EFAIL":[25,37],"Malleability":[26],"Gadgets,":[27],"or":[28,40],"EFAIL-MG),":[29],"flexibility":[31],"MIME":[34],"structure":[36],"Direct":[38],"Exfiltration,":[39],"EFAIL-DE),":[41],"Reply":[44],"action":[45],"client":[49],"(REPLY":[50],"attacks).":[51],"Although":[52],"all":[53],"three":[54],"break":[55],"message":[56],"confidentiality":[57],"by":[58,87],"using":[59],"standardized":[60],"features,":[62],"only":[63,108],"EFAIL-MG":[64],"has":[65],"been":[66,85],"mitigated":[67],"IETF":[69],"with":[71],"introduction":[73],"AEAD":[75],"algorithms.":[76],"So":[77],"far,":[78],"no":[79],"uniform":[80],"reliable":[82],"countermeasures":[83,105],"have":[84],"adopted":[86],"clients":[89,98],"to":[90],"prevent":[91],"EFAIL-DE":[92],"REPLY":[94],"attacks.":[95],"Instead,":[96],"implement":[99],"a":[100],"variety":[101],"different":[103],"ad-hoc":[104],"which":[106],"partially":[109],"effective,":[110],"cause":[111],"interoperability":[112],"problems,":[113],"fragment":[115],"secure":[117],"ecosystem.":[119]},"counts_by_year":[{"year":2025,"cited_by_count":1},{"year":2024,"cited_by_count":2},{"year":2023,"cited_by_count":3},{"year":2022,"cited_by_count":2},{"year":2021,"cited_by_count":2}],"updated_date":"2026-06-11T09:08:48.828518","created_date":"2025-10-10T00:00:00"}