Presentation is loading. Please wait.

Presentation is loading. Please wait.

ELECTRONIC MAIL SECURITY

Published byClaude Casey Modified over 5 years ago

Similar presentations

Presentation on theme: "ELECTRONIC MAIL SECURITY"— Presentation transcript:

1 ELECTRONIC MAIL SECURITY
Pretty Good Privacy (PGP) S/MIME

2 Pretty Good Privacy (PGP)
PGP is an open-source, freely available software package for security. It provides authentication through the use of digital signature, confidentiality through the use of symmetric block encryption, compression using the ZIP algorithm, and compatibility using the radix-64 encoding scheme. PGP incorporates tools for developing a public-key trust model and public-key certificate management.

3 Notation

4 Operational Description
Authentication Confidentiality Compression compatibility

5 Summary of PGP Services

6

7

8 Cryptographic Keys and Key Rings
PGP makes use of four types of keys: one-time session symmetric key public keys private keys passphrase-based symmetric keys Three separate requirements can be identified with respect to these keys. A means of generating unpredictable session keys is needed. We would like to allow a user to have multiple public-key/private-key pairs. Each PGP entity must maintain a file of its own public/private key pairs as well as a file of public keys of correspondents.

9

10

11

12 S/MIME Secure/Multipurpose Internet Mail Extension (S/MIME) is a security enhancement to the MIME Internet format standard based on technology from RSA Data Security.

13 SMTP Limitations SMTP cannot transmit executable files or other binary objects. SMTP cannot transmit text data that includes national language characters. SMTP servers may reject mail message over a certain size. SMTP gateways that translate between ASCII and the character code EBCDIC do not use a consistent set of mappings, resulting in translation problems. SMTP gateways to X.400 electronic mail networks cannot handle non textual data included in X.400 messages.

14 MIME specification 1. Five new message header fields are defined, which may be included in an RFC 5322 header. These fields provide information about the body of the message. 2. A number of content formats are defined, thus standardizing representations that support multimedia electronic mail. 3. Transfer encodings are defined that enable the conversion of any content format into a form that is protected from alteration by the mail system.

15 Five header fields • MIME-Version: Must have the parameter value 1.0. This field indicates that the message conforms to RFCs 2045 and • Content-Type: Describes the data contained in the body with sufficient detail that the receiving user agent can pick an appropriate agent or mechanism to represent the data to the user or otherwise deal with the data in an appropriate manner. • Content-Transfer-Encoding: Indicates the type of transformation that has been used to represent the body of the message in a way that is acceptable for mail transport. • Content-ID: Used to identify MIME entities uniquely in multiple contexts. • Content-Description: A text description of the object with the body; this is useful when the object is not readable (e.g., audio data).

16

17

18

19 S/MIME Functionality • Enveloped data: This consists of encrypted content of any type and encrypted content encryption keys for one or more recipients. • Signed data: A digital signature is formed by taking the message digest of the content to be signed and then encrypting that with the private key of the signer. The content plus signature are then encoded using base64 encoding. A signed data message can only be viewed by a recipient with S/MIME capability. • Clear-signed data: As with signed data, a digital signature of the content is formed. However, in this case, only the digital signature is encoded using base64.As a result, recipients without S/MIME capability can view the message content, although they cannot verify the signature. • Signed and enveloped data: Signed-only and encrypted-only entities may be nested, so that encrypted data may be signed and signed data or clear-signed data may be encrypted.

20 CRYPTOGRAPHIC ALGORITHMS

Download ppt "ELECTRONIC MAIL SECURITY"

Similar presentations

TOPIC : MIME (Multipurpose Internet Mail Extensions ) By: Cecilia Gomes COSC 541,DATA COMMUNICATION SYSTEMS & NETWORKS Instructor: Prof. Anvari (SEU)

TOPIC : MIME (Multipurpose Internet Mail Extensions ) By: Cecilia Gomes COSC 541,DATA COMMUNICATION SYSTEMS & NETWORKS Instructor: Prof. Anvari (SEU)
Spring 2012: CS419 Computer Security Vinod Ganapathy SSL, etc.

Spring 2012: CS419 Computer Security Vinod Ganapathy SSL, etc.
Cryptography and Network Security Sixth Edition by William Stallings.

Cryptography and Network Security Sixth Edition by William Stallings.
Email Security 1. email is one of the most widely used and regarded network services currently message contents are not secure may be inspected either.

Security 1. is one of the most widely used and regarded network services currently message contents are not secure may be inspected either.
Lecture 5: Email security: PGP Anish Arora CSE 5473 Introduction to Network Security.

Lecture 5: security: PGP Anish Arora CSE 5473 Introduction to Network Security.
Lecture 5: Email security: PGP Anish Arora CIS694K Introduction to Network Security.

Lecture 5: security: PGP Anish Arora CIS694K Introduction to Network Security.
Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.

Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.
Chapter 5 Electronic mail security. Outline Pretty good privacy S/MIME Recommended web sites.

Chapter 5 Electronic mail security. Outline Pretty good privacy S/MIME Recommended web sites.
1 Pertemuan 12 E-mail Security Matakuliah: H0242 / Keamanan Jaringan Tahun: 2006 Versi: 1.

1 Pertemuan 12 Security Matakuliah: H0242 / Keamanan Jaringan Tahun: 2006 Versi: 1.
Information Networking Security and Assurance Lab National Chung Cheng University Guidelines on Electronic Mail Security

Information Networking Security and Assurance Lab National Chung Cheng University Guidelines on Electronic Mail Security
NS-H0503-02/11041 E-mail Security. NS-H0503-02/11042 Email Security email is one of the most widely used and regarded network services currently message.

NS-H / Security. NS-H / Security is one of the most widely used and regarded network services currently message.
Electronic mail security

Electronic mail security
Electronic mail security -- Pretty Good Privacy.

Electronic mail security -- Pretty Good Privacy.
Henric Johnson1 Electronic mail security Henric Johnson Blekinge Institute of Technology, Sweden

Henric Johnson1 Electronic mail security Henric Johnson Blekinge Institute of Technology, Sweden
Cryptography and Network Security Chapter 15 Fourth Edition by William Stallings Lecture slides by Lawrie Brown.

Cryptography and Network Security Chapter 15 Fourth Edition by William Stallings Lecture slides by Lawrie Brown.
Electronic Mail Security

Electronic Mail Security
1 Chapter 5 Electronic mail security. 2 Outline Pretty good privacy S/MIME Recommended web sites.

1 Chapter 5 Electronic mail security. 2 Outline Pretty good privacy S/MIME Recommended web sites.
Chapter 15 Electronic Mail Security – Part II Data & Network Security Spring 2006 Dr. Jalili.

Chapter 15 Electronic Mail Security – Part II Data & Network Security Spring 2006 Dr. Jalili.
16.1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 16 Security at the Application Layer: PGP and.

16.1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 16 Security at the Application Layer: PGP and.
Chap 81 Electronic mail security. Chap 82 Outline Pretty good privacy S/MIME Recommended web sites.

Chap 81 Electronic mail security. Chap 82 Outline Pretty good privacy S/MIME Recommended web sites.

Similar presentations

Ads by Google