@ -175,80 +175,21 @@ of association with the owning entity"
## Security Threats and Requirements
### Confidentiality
### Spoofing and entity authentication
An adversary can spoof and impersonate a profile of a user. It may attempt to send or receive a message on behalf of a legitimate user. An adversary can be a user of the system gaining access as an imposter sending or receiving a message. For example, an adversary can impersonate a valid sender of a message and send it on their behalf. The capabilities of an adversary are usually local controlling one entity or a set of entities, in the sense that each spoofed identity will be used to communicate with different end users. To mitigate spoofing threats is essential to have entity authentication mechanisms safeguarding that a user is the legitimate owner of a messaging service account. For example, it can prove that he/she knows something such as passwords, posses something such as public key and have specific features such as biometrics.
An adversary may attempt to disclose information about users and the
system aiming to illegally collect the information stored and
exchanged within the system such as through a user's device. For
instance, an adversary may attempt to retrieve information about the
content of an email potentially private by eavesdropping to
messages. Therefore, confidentiality of messages exchanged in the
system should be guaranteed with the use of encryption schemes such as
symmetric and public key encryption.
### Information disclosure and confidentiality
An adversary aims to retrieve and disclose information about the content of a message. It can attempt to perform a man-in-the-middle attack (MitM) eavesdropping and forwarding messages as an intermediary between the communicating users. For example, an adversary can try to position itself between two communicating parties such as the messaging server and remain undetectable collecting information transmitted to the intended users. The capabilities of an adversary can be from local controlling one point of the communication channel such as an entity or a communication link of the network. It can also be a global adversary controlling several entities and communication links of the channel, gaining the capability of correlating traffic such as in timing attacks even for end-to-end communication systems~\cite{torwebsite:timing-attacks}. Therefore, \textbf{confidentiality} of messages exchanged in the system should be guaranteed with the use of encryption schemes such as symmetric, asymmetric, or homomorphic encryption.
### End-to-end encryption / Link Encryption
"Email providers have adopted methods for encrypting email while it
is in transit between mail servers or between a mail server and a
client. We call this link encryption to distinguish it from end-to-end
encryption, which occurs between the email sender and recipient. Link
encryption is designed to prevent eavesdropping and tampering by third
parties that may own untrusted routers along the path that email is
being delivered \[\[TODO: fix reference \]\]." Clark et al.
### Tampering with data and Data authentication
"Only the inteded recipients are able to read a message. Specifically,
the message must not be readable by a server operator that is not a
coversation participant." Unger et al.
An adversary can tamper with the messages aiming to modify the information stored or exchanged between the communication entities in the system. For instance, an adversary may attempt to alter an email or an instant message by changing the content of them. It can be anyone but the users who are communicating such as the message operators, the network node, and third parties. The capabilities of an adversary can be local controlling an entity that can alter messages usually performing MitM attack for an encrypted channel. Therefore, no honest party should accept a message that was modified in transit. Data authentication of messages needs to be guaranteed such as with the use of MAC algorithms and digital signatures.
### Repudiation and accountability (non-repudiation)
### Data authentication (Integrity)
"No honest party will accept a message that has been modified in transit."
An adversary may attempt to tamper with the data aiming to modify the
information stored and exchanged within the system such as through a
user's device. For instance, an adversary may attempt to alte an email
by changing the content of an email message. Therefore, data
authentication of messages needs to be guaranteed such as with the use
of MAC algorithms and digital signatures.
### Entity Authentication
In a nutshell, an adversary may attempt to spoof and illegally access
a legitimate user through a user's device such as desktop or
laptop. For instance, an adversary may attempt to impersonate a
profile and send or recieve an email on behalf of a legitimate
user. Therefore, it is important to have entity authentication
mechanisms that a user can prove that he/she knows something such as
passwords, posses something such as access tokens and/or have specific
features such as biometrics.
### Domain Authentication / Sender authentication / user authentication
"Each participant in the coversation receive proof of possession of a
known long-term sercre from all other participants that they belive to
be participating in the coversation. In additon, eachparticipant is
able to verify that a message was sent from the claimed source." Clark
et al.
"Each participant in the coversation receive proof of possession of a
known long-term sercre from all other participants that they belive to
be participating in the coversation. In additon, eachparticipant is
able to verify that a message was sent from the claimed source." Unger
et al.
### Non-Repudiation (I)
An adversary may attempt to repudiate an email send or received aiming
to provide falsified information in the system such as through a
user's device. For instance, an adversary may attempt to state
inaccurate information about an action performed such as about sending
or receiving an email. Therefore, non-repudiation of actions performed
in the system must be guaranteed with the use of cryptographic schemes
such as digital signatures and audit trails such as timestamps.
An adversary can repudiate an email sent or received by providing falsified information about the status of the message to users of the system. For instance, an adversary may attempt to state inaccurate information about an action performed such as about sending or receiving an email. An adversary can be anyone who is involved in communicating such as the users of the system, the message operators, and the network nodes. To mitigate repudiation threats, accountability and non-repudiation of actions performed must be guaranteed. Non-repudiation of action can be of origin, submission, delivery, and receipt providing proof of actions performed to the intended recipient. It can be achieved with the use of cryptographic schemes such as digital signatures and audit trails such as timestamps.
