Presentation is loading. Please wait.

Presentation is loading. Please wait.

Misc. Security Items.

Published byMae Walton Modified over 5 years ago

Similar presentations

Presentation on theme: "Misc. Security Items."— Presentation transcript:

1 Misc. Security Items

2 DKIM

3 domainkeys identified mail (dkim)
Developed at and patented by Yahoo! Offers a way for a domain to claim responsibility for an Uses public key cryptography

4 dkim features body and selected headers can be covered by the DKIM signature Signed portions of the are protected against tampering Independent of SMTP: can survive relaying

5 dkim problems Signing and verifying are expensive operations
DKIM is done on the server where resources may be limited Many things can break the DKIM signature e.g. encoding changes, automated footers

6 dkim recommendations DKIM is nice to implement if you have the resources We will not be covering it in the lab

7 s/mime

8 s/mime Supports signing and encryption of E-Mail
Secure Multipurpose Internet Mail Extensions Public key cryptography Supports signing and encryption of Keys are tied to addresses and usually an identity Performed by end-users Supported by most clients

9 s/mime Uses certificate authorities, like TLS
CAs act as a trusted third party Walk the certificate chain back to the CA to prove identity To my knowledge, there is no central location to find a user’s S/MIME public key

10 s/mime To sign mail, you must have a public/private key pair
To encrypt mail, you must have the recipient’s public key To verify an , you must have the sender’s public key

11 pgp

12 pretty good privacy Public key cryptography Performed by end users
Supports signing and encrypting Keys are tied to addresses and usually an identity Performed by end users Client support is not as common as S/MIME

13 pretty good privacy No central certificate authority
Relies on ‘web of trust’ instead Gnu Privacy Guard (gpg) is open-source equivalent

14 pgp: web of trust If you trust someone you can sign their public key
(e.g. verify their identity) You have a list of keys you trust Everyone who you trust has a list of keys they trust, and so on Trust can be established by finding a path of trust between two keys Think seven degrees of Kevin Bacon

15 pgp: key servers Public keys can be looked up using key servers
e.g. pgp.mit.edu Allows out-of-band retrieval of keys Public keys contain web of trust information

16 s/mime and pgp recommendations
S/MIME and PGP only sign and encrypt the body of an . Headers (e.g. To, From, Subject are not encrypted) Only work if you communicate with other people who use it If you lose the key, you lose access to all encrypted Sometime plausible deniability is a good thing

17 other solutions spamassassian amavis, clamav procmail
evaluate and score the likelihood of it being spam amavis, clamav scan incoming for viruses procmail act on (e.g. move, delete) based on header information can use headers set by SPF, spamassassian, and antivirus

Download ppt "Misc. Security Items."

Similar presentations

Grid Computing, B. Wilkinson, 20045a.1 Security Continued.

Grid Computing, B. Wilkinson, 20045a.1 Security Continued.
Cryptography Chapter 7 Part 4 Pages 833 to 874. PKI Public Key Infrastructure Framework for Public Key Cryptography and for Secret key exchange.

Cryptography Chapter 7 Part 4 Pages 833 to 874. PKI Public Key Infrastructure Framework for Public Key Cryptography and for Secret key exchange.
Lecture 5: Email security: PGP Anish Arora CSE 5473 Introduction to Network Security.

Lecture 5: security: PGP Anish Arora CSE 5473 Introduction to Network Security.
CS470, A.SelcukE-mail Security1 CS 470 Introduction to Applied Cryptography Instructor: Ali Aydin Selcuk.

CS470, A.Selcuk Security1 CS 470 Introduction to Applied Cryptography Instructor: Ali Aydin Selcuk.
Lesson 7: Business, , & Personal Information Management

Lesson 7: Business, , & Personal Information Management
CSCI 530L Public Key Infrastructure. Who are we talking to? Problem: We receive an e-mail. How do we know who it’s from? E-Mail address Can be spoofed.

CSCI 530L Public Key Infrastructure. Who are we talking to? Problem: We receive an . How do we know who it’s from? address Can be spoofed.
CS 105 – Introduction to the World Wide Web  HTTP Request*  Domain Name Translation  Routing  HTTP Response*  Privacy and Cryptography  Adapted.

CS 105 – Introduction to the World Wide Web  HTTP Request*  Domain Name Translation  Routing  HTTP Response*  Privacy and Cryptography  Adapted.
Information Networking Security and Assurance Lab National Chung Cheng University Guidelines on Electronic Mail Security

Information Networking Security and Assurance Lab National Chung Cheng University Guidelines on Electronic Mail Security
Cryptographic Technologies

Cryptographic Technologies
Chapter Extension 23 SSL/TLS and //https © 2008 Pearson Prentice Hall, Experiencing MIS, David Kroenke.

Chapter Extension 23 SSL/TLS and //https © 2008 Pearson Prentice Hall, Experiencing MIS, David Kroenke.
Lecture 12 e-mail Security. Summary  PEM  secure email  PGP  S/MIME.

Lecture 12 Security. Summary  PEM  secure  PGP  S/MIME.
Email Security Jonathan Calazan December 12, 2005.

Security Jonathan Calazan December 12, 2005.
S/MIME Email and PKI Dartmouth College PKI Lab. What Is S/MIME? RFC 2633 (S/MIME Version 3)RFC 2633 Extensions to MIME Uses PKI certificates, keys, and.

S/MIME and PKI Dartmouth College PKI Lab. What Is S/MIME? RFC 2633 (S/MIME Version 3)RFC 2633 Extensions to MIME Uses PKI certificates, keys, and.
Guide to Operating System Security Chapter 10 E-mail Security.

Guide to Operating System Security Chapter 10 Security.
» Explain the way that electronic mail (e-mail) works » Configure an e-mail client » Identify e-mail message components » Create and send e-mail messages.

» Explain the way that electronic mail ( ) works » Configure an client » Identify message components » Create and send messages.
 ENGR 1110 Introduction to Engineering – Cyber Security Allison Holt, Adam Brown Auburn University.

 ENGR 1110 Introduction to Engineering – Cyber Security Allison Holt, Adam Brown Auburn University.
Cryptography 101 Frank Hecker

Cryptography 101 Frank Hecker
11 SECURING INTERNET MESSAGING Chapter 9. Chapter 9: SECURING INTERNET MESSAGING2 CHAPTER OBJECTIVES  Explain basic concepts of Internet messaging. 

11 SECURING INTERNET MESSAGING Chapter 9. Chapter 9: SECURING INTERNET MESSAGING2 CHAPTER OBJECTIVES  Explain basic concepts of Internet messaging. 
Wireless and Email Security CSCI 5857: Encoding and Encryption.

Wireless and Security CSCI 5857: Encoding and Encryption.
Masud Hasan 03-60-475 SecueEmail VS Hushmail Project 2.

Masud Hasan Secue VS Hushmail Project 2.

Similar presentations

Ads by Google