Computer Science
Computer Science
bullet Gourds will fly: Rowan University American Society of Mechanical Engineers to host fifth annual Pumpkin Chunkin’ | More

bullet Hail to the Profs! Homecoming 2014 in pictures | More

bullet Second biennial ScholarFest to celebrate Rowan research | More

bullet Rowan hosts talk on “Controlling Ebola Virus Outbreaks: A New Strategy to Block Virus Transmission and Spread” | More

bullet Prof pride: Alumni flock to campus for Homecoming | More

Technical Report Number TR1995-1

Title
Can You Trust Your Email?


Authors
Kyle Cassidy
Office of Academic Computing
Rowan College of New Jersey
Glassboro, NJ 08028

A. Michael Berman
Department of Computer Science
Rowan College of New Jersey
Glassboro, NJ 08028

Abstract

Everyday, millions of electronic mail messages (email) pass through
the Internet. Most academics depend upon email to do their
jobs. However, email is not trustworthy. Specifically, it is almost
never possible to verify, using the email alone, that a received
message has come from the apparent sender. The problem can come from
at least three sources: the design of the Internet mail protocol;
specific attacks designed and distributed by hackers; and generally
lax security standards, particularly at academic institutions. The
issue of trust in communications is not entirely new -- after all,
forgery has been recognized as a crime almost since the invention of
writing. However, the lack of general understanding of this new
medium, combined with the lack of non-digital information associated
with paper mail (in particular, the signature) have created an
environment in which forged messages are easy to send and hard to
recognize. We discuss two specific actions academics ought to take
that can help the situation: user education and improved system
security. Finally we briefly describe a technical approach -- the
digital signature -- that promises to greatly reduce the problem in
the future.