All Things Email

About | Contact

Email-Based Identification and Authentication: An Alternative to PKI?

by Simson L. Garfinkel

IEEE, 2003-11
Language: English

External links

Full text: PDF

Information about this paper, Information about this paper

Abstract

Email-Based Identification and Authentication (EBIA) is an emerging alternative to Public Key Infrastructure (PKI). Although EBIA has obvious weaknesses, it can still provide functional security when used within a limited context. This article presents background on personal identifiers and authentication techniques, shows why the misuse of the Social Security Number (SSN) as an authenticator has led in part to the emergence of identity theft, argues why EBIA overcomes many of the problems inherent in the use of SSNs without imposing the cost or usability burden associated with PKI, and presents best practices for using EBIA in a business or government context.

Creative Commons. Some Rights Reserved.
Copyright © 2004 Jochen Topf
Unless otherwise noted the contents on this site are licensed under the
Creative Commons Attribution-ShareAlike License.