Misc. Security Items.

Slides:

Advertisements

Similar presentations

Grid Computing, B. Wilkinson, 20045a.1 Security Continued.

Advertisements

Cryptography Chapter 7 Part 4 Pages 833 to 874. PKI Public Key Infrastructure Framework for Public Key Cryptography and for Secret key exchange.

Lecture 5: security: PGP Anish Arora CSE 5473 Introduction to Network Security.

CS470, A.Selcuk Security1 CS 470 Introduction to Applied Cryptography Instructor: Ali Aydin Selcuk.

Lesson 7: Business, , & Personal Information Management

CSCI 530L Public Key Infrastructure. Who are we talking to? Problem: We receive an . How do we know who it’s from? address Can be spoofed.

CS 105 – Introduction to the World Wide Web  HTTP Request*  Domain Name Translation  Routing  HTTP Response*  Privacy and Cryptography  Adapted.

Information Networking Security and Assurance Lab National Chung Cheng University Guidelines on Electronic Mail Security

Cryptographic Technologies

Chapter Extension 23 SSL/TLS and //https © 2008 Pearson Prentice Hall, Experiencing MIS, David Kroenke.

Lecture 12 Security. Summary  PEM  secure  PGP  S/MIME.

Security Jonathan Calazan December 12, 2005.

S/MIME and PKI Dartmouth College PKI Lab. What Is S/MIME? RFC 2633 (S/MIME Version 3)RFC 2633 Extensions to MIME Uses PKI certificates, keys, and.

Guide to Operating System Security Chapter 10 Security.

» Explain the way that electronic mail ( ) works » Configure an client » Identify message components » Create and send messages.

 ENGR 1110 Introduction to Engineering – Cyber Security Allison Holt, Adam Brown Auburn University.

Cryptography 101 Frank Hecker

11 SECURING INTERNET MESSAGING Chapter 9. Chapter 9: SECURING INTERNET MESSAGING2 CHAPTER OBJECTIVES  Explain basic concepts of Internet messaging. 

Wireless and Security CSCI 5857: Encoding and Encryption.

Masud Hasan Secue VS Hushmail Project 2.

16.1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 16 Security at the Application Layer: PGP and.

Security Keys, Signatures, Encryption. Slides by Jyrki Nummenmaa ‘

MIME Object Security Services (MOSS). Privacy Enhanced Mail (PEM) was the first Internet standard to address security in messages. The MOSS protocol.

Chapter 9: Using and Managing Keys Security+ Guide to Network Security Fundamentals Second Edition.

Chapter 6 Electronic Mail Security MSc. NGUYEN CAO DAT Dr. TRAN VAN HOAI 1.

Module 9: Fundamentals of Securing Network Communication.

Not only business information, but a large amount of personal information too is now digitized and stored in computer connected to the internet. System.

1 Information Security Practice I Lab 5. 2 Cryptography and security Cryptography is the science of using mathematics to encrypt and decrypt data.

1. 2 Overview In Exchange security is managed by assigning permissions in Active Directory Exchange objects are secured with DACL and ACEs Permissions.

Application Security: (April 10, 2013) © Abdou Illia – Spring 2013.

Security fundamentals Topic 9 Securing internet messaging.

Bridge Certification Architecture A Brief Overview by Tim Sigmon May, 2000.

Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.

Security By Meenal Mandalia. What is ? stands for Electronic Mail. much the same as a letter, only that it is exchanged in a different.

July 19, Secure Messaging Models Co-existence and Interoperability Russell W. Chung New York, NY July 19, 2005.

and File Security With GnuPG Matt Brodeur

` ` Alice’s Mail Provider Bob’s Mail Provider Architecture Mary

Key management issues in PGP

Web Applications Security Cryptography 1

Internet Business Associate v2.0

Security is one of the most widely used and regarded network services

Cryptography and Network Security

Security Pretty Good Privacy (PGP)

Authentication Applications

CSE565: Computer Security Lectures 19, 20 Electronic Mail Security

Security Services for

CS 465 Secure Last Updated: Nov 30, 2017.

CIW Lesson 7 Part A Name: _______________________________________

S/MIME T ANANDHAN.

IS3230 Access Security Unit 9 PKI and Encryption

Amit Kulkarni February 17, 2004

Security in ebXML Messaging

Security at the Application Layer: PGP and S/MIME

Pooja programmer,cse department

Homework #5 Solutions Brian A. LaMacchia

ELECTRONIC MAIL SECURITY

Encryption in Office 365 Shobhit Sahay Technical Product Manager

ELECTRONIC MAIL SECURITY

刘振上海交通大学计算机科学与工程系电信群楼3-509

Public-Key, Digital Signatures, Management, Security

Advanced Computer Networks

September 2002 CSG Meeting Jim Jokl

Module 4 System and Application Security

刘振上海交通大学计算机科学与工程系电信群楼3-509

Slides Credit: Sogand Sadrhaghighi

MASS BOF IETF63, Paris 4 August 2005

Digital Signatures Network Security.

Presentation transcript:

Misc. Security Items

DKIM

domainkeys identified mail (dkim) Developed at and patented by Yahoo! Offers a way for a domain to claim responsibility for an email Uses public key cryptography

dkim features E-Mail body and selected headers can be covered by the DKIM signature Signed portions of the email are protected against tampering Independent of SMTP: can survive relaying

dkim problems Signing and verifying are expensive operations DKIM is done on the server where resources may be limited Many things can break the DKIM signature e.g. encoding changes, automated footers

dkim recommendations DKIM is nice to implement if you have the resources We will not be covering it in the lab

s/mime

s/mime Supports signing and encryption of E-Mail Secure Multipurpose Internet Mail Extensions Public key cryptography Supports signing and encryption of E-Mail Keys are tied to E-Mail addresses and usually an identity Performed by end-users Supported by most E-Mail clients

s/mime Uses certificate authorities, like TLS CAs act as a trusted third party Walk the certificate chain back to the CA to prove identity To my knowledge, there is no central location to find a user’s S/MIME public key

s/mime To sign mail, you must have a public/private key pair To encrypt mail, you must have the recipient’s public key To verify an email, you must have the sender’s public key

pgp

pretty good privacy Public key cryptography Performed by end users Supports signing and encrypting E-Mail Keys are tied to E-Mail addresses and usually an identity Performed by end users Client support is not as common as S/MIME

pretty good privacy No central certificate authority Relies on ‘web of trust’ instead Gnu Privacy Guard (gpg) is open-source equivalent

pgp: web of trust If you trust someone you can sign their public key (e.g. verify their identity) You have a list of keys you trust Everyone who you trust has a list of keys they trust, and so on Trust can be established by finding a path of trust between two keys Think seven degrees of Kevin Bacon

pgp: key servers Public keys can be looked up using key servers e.g. pgp.mit.edu Allows out-of-band retrieval of keys Public keys contain web of trust information

s/mime and pgp recommendations S/MIME and PGP only sign and encrypt the body of an email. Headers (e.g. To, From, Subject are not encrypted) Only work if you communicate with other people who use it If you lose the key, you lose access to all encrypted email Sometime plausible deniability is a good thing

other solutions spamassassian amavis, clamav procmail evaluate E-Mail and score the likelihood of it being spam amavis, clamav scan incoming E-Mail for viruses procmail act on E-Mail (e.g. move, delete) based on header information can use headers set by SPF, spamassassian, and antivirus