Presentation is loading. Please wait.

Presentation is loading. Please wait.

S/MIME (Secure/Multipurpose Internet Mail Extensions) security enhancement to MIME email – original Internet RFC822 email was text only – MIME provided.

Published byBasil Doyle Modified over 8 years ago

Similar presentations

Presentation on theme: "S/MIME (Secure/Multipurpose Internet Mail Extensions) security enhancement to MIME email – original Internet RFC822 email was text only – MIME provided."— Presentation transcript:

1 S/MIME (Secure/Multipurpose Internet Mail Extensions) security enhancement to MIME email – original Internet RFC822 email was text only – MIME provided support for varying content types and multi-part messages – with encoding of binary data to textual form – S/MIME added security enhancements have S/MIME support in many mail agents – eg MS Outlook, Mozilla, Mac Mail etc

2 S/MIME Functions enveloped data – encrypted content and associated keys signed data – encoded message + signed digest clear-signed data – cleartext message + encoded signed digest signed & enveloped data – nesting of signed & encrypted entities

3 S/MIME Cryptographic Algorithms digital signatures: DSS & RSA hash functions: SHA-1 & MD5 session key encryption: ElGamal & RSA message encryption: AES, Triple-DES, RC2/40 and others MAC: HMAC with SHA-1 have process to decide which algs to use

4 S/MIME Messages  S/MIME secures a MIME entity with a signature, encryption, or both  forming a MIME wrapped PKCS object  have a range of content-types: enveloped data signed data clear-signed data registration request certificate only message

5 S/MIME Certificate Processing S/MIME uses X.509 v3 certificates managed using a hybrid of a strict X.509 CA hierarchy & PGP’s web of trust each client has a list of trusted CA’s certs and own public/private key pairs & certs certificates must be signed by trusted CA’s

6 Certificate Authorities have several well-known CA’s Verisign one of most widely used Verisign issues several types of Digital IDs increasing levels of checks & hence trust ClassIdentity ChecksUsage 1name/email checkweb browsing/email 2+ enroll/addr checkemail, subs, s/w validate 3+ ID documentse-banking/service access

7 S/MIME Enhanced Security Services 3 proposed enhanced security services: – signed receipts – security labels – secure mailing lists

8 Domain Keys Identified Mail a specification for cryptographically signing email messages so signing domain claims responsibility recipients / agents can verify signature proposed Internet Standard RFC 4871 has been widely adopted

9 Internet Mail Architecture

10 Email Threats see RFC 4684- Analysis of Threats Motivating DomainKeys Identified Mail describes the problem space in terms of: – range: low end, spammers, fraudsters – capabilities in terms of where submitted, signed, volume, routing naming etc – outside located attackers

11 DKIM Strategy transparent to user – MSA sign – MDA verify for pragmatic reasons

12 DCIM Functional Flow

Download ppt "S/MIME (Secure/Multipurpose Internet Mail Extensions) security enhancement to MIME email – original Internet RFC822 email was text only – MIME provided."

Similar presentations

Cryptography and Network Security Chapter 18

Cryptography and Network Security Chapter 18
Spring 2012: CS419 Computer Security Vinod Ganapathy SSL, etc.

Spring 2012: CS419 Computer Security Vinod Ganapathy SSL, etc.
Cryptography and Network Security Sixth Edition by William Stallings.

Cryptography and Network Security Sixth Edition by William Stallings.
Computer Security: Principles and Practice EECS710: Information Security Professor Hossein Saiedian Fall 2014 Chapter 22: Internet Security Protocols and.

Computer Security: Principles and Practice EECS710: Information Security Professor Hossein Saiedian Fall 2014 Chapter 22: Internet Security Protocols and.
Lecture 5: Email security: PGP Anish Arora CSE 5473 Introduction to Network Security.

Lecture 5: security: PGP Anish Arora CSE 5473 Introduction to Network Security.
Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.

Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.
Data & Network Security

Data & Network Security
Lecture 22 Internet Security Protocols and Standards

Lecture 22 Internet Security Protocols and Standards
Chapter 5 Electronic mail security. Outline Pretty good privacy S/MIME Recommended web sites.

Chapter 5 Electronic mail security. Outline Pretty good privacy S/MIME Recommended web sites.
1 Pertemuan 12 E-mail Security Matakuliah: H0242 / Keamanan Jaringan Tahun: 2006 Versi: 1.

1 Pertemuan 12 Security Matakuliah: H0242 / Keamanan Jaringan Tahun: 2006 Versi: 1.
NS-H0503-02/11041 E-mail Security. NS-H0503-02/11042 Email Security email is one of the most widely used and regarded network services currently message.

NS-H / Security. NS-H / Security is one of the most widely used and regarded network services currently message.
Electronic mail security

Electronic mail security
Lecture 22 Internet Security Protocols and Standards modified from slides of Lawrie Brown.

Lecture 22 Internet Security Protocols and Standards modified from slides of Lawrie Brown.
Henric Johnson1 Electronic mail security Henric Johnson Blekinge Institute of Technology, Sweden

Henric Johnson1 Electronic mail security Henric Johnson Blekinge Institute of Technology, Sweden
Cryptography and Network Security Chapter 15 Fourth Edition by William Stallings Lecture slides by Lawrie Brown.

Cryptography and Network Security Chapter 15 Fourth Edition by William Stallings Lecture slides by Lawrie Brown.
SMUCSE 5349/49 Email Security. SMUCSE 5349/7349 Threats Threats to the security of e-mail itself –Loss of confidentiality E-mails are sent in clear over.

SMUCSE 5349/49 Security. SMUCSE 5349/7349 Threats Threats to the security of itself –Loss of confidentiality s are sent in clear over.
Security PGP, S/MIME Certificates and PKI

Security PGP, S/MIME Certificates and PKI
Computer Security: Principles and Practice First Edition by William Stallings and Lawrie Brown Lecture slides by Lawrie Brown Chapter 21 – Internet Security.

Computer Security: Principles and Practice First Edition by William Stallings and Lawrie Brown Lecture slides by Lawrie Brown Chapter 21 – Internet Security.
Electronic Mail Security

Electronic Mail Security
Cryptography and Network Security Chapter 18

Cryptography and Network Security Chapter 18

Similar presentations

Ads by Google