SlideShare a Scribd company logo

E-mail Security in Network Security NS5

Download as PPT, PDF
K
koolkampus

This document summarizes encryption techniques for securing electronic mail. It describes Pretty Good Privacy (PGP), a popular encryption software, and S/MIME, an emerging industry standard. PGP provides authentication, confidentiality, compression, and other services. It segments long messages for transmission. S/MIME uses public-key encryption and certificates to provide encrypted and signed messages and is compatible with SMTP email.

Technology
1 of 26
Downloaded 291 times
1
2
Most read
3
4
Most read
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
Chapter 5 Electronic mail security Henric Johnson Blekinge Institute of Technology, Sweden http://www.its.bth.se/staff/hjo/ [email_address]
Outline Pretty good privacy S/MIME Recommended web sites
Pretty Good Privacy Philip R. Zimmerman is the creator of PGP. PGP provides a confidentiality and authentication service that can be used for electronic mail and file storage applications.
Why Is PGP Popular? It is availiable free on a variety of platforms. Based on well know n algorithms . Wide range of applicability Not developed or controlled by governmental or standards organizations
Operational Description Consist of five services: Authentication Confidentiality Compression E-mail compatibility Segmentation
 
Compression PGP compresses the message after applying the signature but before encryption The placement of the compression algorithm is critical. The compression algorithm used is ZIP (described in appendix 5A)
E-mail Compatibility The scheme used is radix-64 conversion (see appendix 5B). The use of radix-64 expands the message by 33%.
Segmentation and Reassembly Often restricted to a maximum message length of 50,000 octets. Longer messages must be broken up into segments. PGP automatically subdivides a message that is to large. The receiver strip of all e-mail headers and reassemble the block.
Sumary of PGP Services
 
Format of PGP Message
 
 
 
The Use of Trust Key legitimacy field Signature trust field Owner trust field See Table 5.2 (W. Stallings)
 
Revoking Public Keys The owner issue a key revocation certificate. Normal signature certificate with a revote indicator. Corresponding private key is used to sign the certificate.
S/MIME Secure/Multipurpose Internet Mail Extension S/MIME will probably emerge as the industry standard. PGP for personal e-mail security
Simple Mail Transfer Protocol (SMTP, RFC 822) SMTP Limitations - Can not transmit, or has a problem with: executable files, or other binary files (jpeg image) “ national language” characters (non-ASCII) messages over a certain size ASCII to EBCDIC translation problems lines longer than a certain length (72 to 254 characters)
Header fields in MIME MIME-Version: Must be “1.0” -> RFC 2045, RFC 2046 Content-Type: More types being added by developers (application/word) Content-Transfer-Encoding: How message has been encoded (radix-64) Content-ID: Unique identifying character string. Content Description: Needed when content is not readable text (e.g.,mpeg)
S/MIME Functions Enveloped Data: Encrypted content and encrypted session keys for recipients. Signed Data: Message Digest encrypted with private key of “signer.” Clear-Signed Data: Signed but not encrypted. Signed and Enveloped Data: Various orderings for encrypting and signing.
Algorithms Used Message Digesting: SHA-1 and MDS Digital Signatures: DSS Secret-Key Encryption: Triple-DES, RC2/40 (exportable) Public-Private Key Encryption: RSA with key sizes of 512 and 1024 bits, and Diffie-Hellman (for session keys).
User Agent Role S/MIME uses Public-Key Certificates - X.509 version 3 signed by Certification Authority Functions: Key Generation - Diffie-Hellman, DSS, and RSA key-pairs. Registration - Public keys must be registered with X.509 CA. Certificate Storage - Local (as in browser application) for different services. Signed and Enveloped Data - Various orderings for encrypting and signing.
User Agent Role Example: Verisign (www.verisign.com) Class-1: Buyer’s email address confirmed by emailing vital info. Class-2: Postal address is confirmed as well, and data checked against directories. Class-3: Buyer must appear in person, or send notarized documents.
Recommended Web Sites PGP home page: www.pgp.com MIT distribution site for PGP S/MIME Charter S/MIME Central: RSA Inc.’s Web Site

More Related Content

PPTX
S/MIME & E-mail Security (Network Security)
Prafull Johri
 
PDF
Electronic mail security
Dr.Florence Dayana
 
PPT
Email Security : PGP & SMIME
Rohit Soni
 
PPTX
Email security
Baliram Yadav
 
PPTX
public key infrastructure
vimal kumar
 
PDF
Email security presentation
SubhradeepMaji
 
PPT
Email security
Indrajit Sreemany
 
PPT
Network security
Vikas Jagtap
 
S/MIME & E-mail Security (Network Security)
Prafull Johri
 
Electronic mail security
Dr.Florence Dayana
 
Email Security : PGP & SMIME
Rohit Soni
 
Email security
Baliram Yadav
 
public key infrastructure
vimal kumar
 
Email security presentation
SubhradeepMaji
 
Email security
Indrajit Sreemany
 
Network security
Vikas Jagtap
 

What's hot (20)

PPTX
Transport Layer Security (TLS)
Arun Shukla
 
PPT
Message Authentication Code & HMAC
Krishna Gehlot
 
PPTX
RSA algorithm
Arpana shree
 
PPTX
Introduction to Public Key Infrastructure
Theo Gravity
 
PPT
Cryptography
gueste4c97e
 
PDF
Digital certificates & its importance
svm
 
PPT
Pretty good privacy
Pushkar Dutt
 
PPT
Digital signature
9799907840kd
 
PPTX
Public key infrastructure
Aditya Nama
 
PPTX
RSA ALGORITHM
Sathish Kumar
 
PPTX
CMACs and MACS based on block ciphers, Digital signature
Adarsh Patel
 
PPT
Firewall
Amuthavalli Nachiyar
 
PDF
CRYPTOGRAPHY AND NETWORK SECURITY
Kathirvel Ayyaswamy
 
PPTX
Email security
kumarviji
 
PPTX
DomainKeys Identified Mail (DKIM).pptx
SrijanKumarShetty
 
PPTX
Intrusion Detection Systems.pptx
AnonymousEImkf6RGdQ
 
PPTX
Digital signature(Cryptography)
Soham Kansodaria
 
PPT
Firewalls
Ram Dutt Shukla
 
PPT
Digital Signature
saurav5884
 
PPTX
CRYPTOGRAPHY AND NETWORK SECURITY- E-Mail Security
Jyothishmathi Institute of Technology and Science Karimnagar
 
Transport Layer Security (TLS)
Arun Shukla
 
Message Authentication Code & HMAC
Krishna Gehlot
 
RSA algorithm
Arpana shree
 
Introduction to Public Key Infrastructure
Theo Gravity
 
Cryptography
gueste4c97e
 
Digital certificates & its importance
svm
 
Pretty good privacy
Pushkar Dutt
 
Digital signature
9799907840kd
 
Public key infrastructure
Aditya Nama
 
RSA ALGORITHM
Sathish Kumar
 
CMACs and MACS based on block ciphers, Digital signature
Adarsh Patel
 
Firewall
Amuthavalli Nachiyar
 
CRYPTOGRAPHY AND NETWORK SECURITY
Kathirvel Ayyaswamy
 
Email security
kumarviji
 
DomainKeys Identified Mail (DKIM).pptx
SrijanKumarShetty
 
Intrusion Detection Systems.pptx
AnonymousEImkf6RGdQ
 
Digital signature(Cryptography)
Soham Kansodaria
 
Firewalls
Ram Dutt Shukla
 
Digital Signature
saurav5884
 
CRYPTOGRAPHY AND NETWORK SECURITY- E-Mail Security
Jyothishmathi Institute of Technology and Science Karimnagar
 
Ad

Similar to E-mail Security in Network Security NS5 (20)

PPT
ch05.ppt
KaivanParikh
 
PPT
Chapter 5
shivz3
 
PPT
Chapter 5Electronic MailElectronic Mail.ppt
nakshpub
 
PPT
types of attacks on electronic mail security
Flavia Gonsalves
 
PDF
BAIT1103 Chapter 5
limsh
 
PDF
M.FLORENCE DAYANA/electronic mail security.pdf
Dr.Florence Dayana
 
PPT
chap15 cryptography and network security.ppt
ubaidullah75790
 
PPT
Celebrity Cricket League 2016 - http://ccl5.com/
Tania Agni
 
PPT
CRYPTOGRAPHY_ENGG_CSE_III_YEAR_PGP_CNS.ppt
SakethBhargavaRallap
 
PPTX
Email sec11
Athira Asakumar
 
PPT
ch15.ppt
ssuser6602e0
 
PPT
ch15 (1).ppt
SunilKatkar5
 
PPT
ch15.ppt
witscollege
 
PPT
chapter 15-Network and Security-By-MIT.ppt
KamranHussainAwan
 
PPT
Pgp smime
Tania Agni
 
PPT
computer netwok security Pretty Good Privacy PGP.ppt
jayaprasanna10
 
PDF
CNS - Unit v
ArthyR3
 
PPT
pretty good privacy class hrtyetywetwetyewty
RudhhiShah
 
PPT
Pgp
Reham Maher El-Safarini
 
PPT
E-mail Security.ppt
maniklal123
 
ch05.ppt
KaivanParikh
 
Chapter 5
shivz3
 
Chapter 5Electronic MailElectronic Mail.ppt
nakshpub
 
types of attacks on electronic mail security
Flavia Gonsalves
 
BAIT1103 Chapter 5
limsh
 
M.FLORENCE DAYANA/electronic mail security.pdf
Dr.Florence Dayana
 
chap15 cryptography and network security.ppt
ubaidullah75790
 
Celebrity Cricket League 2016 - http://ccl5.com/
Tania Agni
 
CRYPTOGRAPHY_ENGG_CSE_III_YEAR_PGP_CNS.ppt
SakethBhargavaRallap
 
Email sec11
Athira Asakumar
 
ch15.ppt
ssuser6602e0
 
ch15 (1).ppt
SunilKatkar5
 
ch15.ppt
witscollege
 
chapter 15-Network and Security-By-MIT.ppt
KamranHussainAwan
 
Pgp smime
Tania Agni
 
computer netwok security Pretty Good Privacy PGP.ppt
jayaprasanna10
 
CNS - Unit v
ArthyR3
 
pretty good privacy class hrtyetywetwetyewty
RudhhiShah
 
Pgp
Reham Maher El-Safarini
 
E-mail Security.ppt
maniklal123
 
Ad

More from koolkampus (20)

PPT
Local Area Networks in Data Communication DC24
koolkampus
 
PPT
Bit Oriented Protocols in Data Communication DC23
koolkampus
 
PPT
Data Link Control in Data Communication DC20
koolkampus
 
PPT
Error Detection and Correction in Data Communication DC18
koolkampus
 
PPT
TDM in Data Communication DC16
koolkampus
 
PPT
Radio Communication Band(Data Communication) DC14
koolkampus
 
PPT
Connectors in Data Communication DC12
koolkampus
 
PPT
Transmission of Digital Data(Data Communication) DC11
koolkampus
 
PPT
Analog to Digital Encoding in Data Communication DC9
koolkampus
 
PPT
Signal with DC Component(Data Communication) DC7
koolkampus
 
PPT
Layer Examples in Data Communication CD4
koolkampus
 
PPT
OSI Model (Data Communication) DC3
koolkampus
 
PPT
Basic Concepts in Data Communication DC1
koolkampus
 
PPT
Token Passing in Data Communication DC25
koolkampus
 
PPT
Data Link Protocols in Data Communication DC22
koolkampus
 
PPT
Flow Control in Data Communication DC21
koolkampus
 
PPT
CRC in Data Communication DC19
koolkampus
 
PPT
Telephone Networn in Data Communication DC17
koolkampus
 
PPT
Multiplexing in Data Communication DC15
koolkampus
 
PPT
Transmission Media in Data Communication DC13
koolkampus
 
Local Area Networks in Data Communication DC24
koolkampus
 
Bit Oriented Protocols in Data Communication DC23
koolkampus
 
Data Link Control in Data Communication DC20
koolkampus
 
Error Detection and Correction in Data Communication DC18
koolkampus
 
TDM in Data Communication DC16
koolkampus
 
Radio Communication Band(Data Communication) DC14
koolkampus
 
Connectors in Data Communication DC12
koolkampus
 
Transmission of Digital Data(Data Communication) DC11
koolkampus
 
Analog to Digital Encoding in Data Communication DC9
koolkampus
 
Signal with DC Component(Data Communication) DC7
koolkampus
 
Layer Examples in Data Communication CD4
koolkampus
 
OSI Model (Data Communication) DC3
koolkampus
 
Basic Concepts in Data Communication DC1
koolkampus
 
Token Passing in Data Communication DC25
koolkampus
 
Data Link Protocols in Data Communication DC22
koolkampus
 
Flow Control in Data Communication DC21
koolkampus
 
CRC in Data Communication DC19
koolkampus
 
Telephone Networn in Data Communication DC17
koolkampus
 
Multiplexing in Data Communication DC15
koolkampus
 
Transmission Media in Data Communication DC13
koolkampus
 

Recently uploaded (20)

PDF
Blue Purple Modern Animated Computer Science Presentation.pdf.pdf
Akar16
 
PDF
Mobile App Security Testing_ A Comprehensive Guide.pdf
flufftailshop
 
PDF
Architecting across the Boundaries of two Complex Domains - Healthcare & Tech...
Peter Tan
 
PDF
NewMind AI Weekly Chronicles - August'25-Week II
NewMind AI
 
PDF
Network Security Unit 5.pdf for BCA BBA.
Serpent6
 
PDF
Accuracy of neural networks in brain wave diagnosis of schizophrenia
IAESIJAI
 
PDF
Electronic commerce courselecture one. Pdf
OmerMohamed64
 
PDF
Optimiser vos workloads AI/ML sur Amazon EC2 et AWS Graviton
Julien SIMON
 
PPTX
Tartificialntelligence_presentation.pptx
ry7r52mzb4
 
PDF
Machine learning based COVID-19 study performance prediction
IAESIJAI
 
PDF
Building Integrated photovoltaic BIPV_UPV.pdf
SandeepSingh286037
 
PPTX
SOPHOS-XG Firewall Administrator PPT.pptx
AgnesMunisi
 
PDF
gpt5_lecture_notes_comprehensive_20250812015547.pdf
Chinchu40
 
PPTX
Digital-Transformation-Roadmap-for-Companies.pptx
David Malick Dieng
 
PDF
Dropbox Q2 2025 Financial Results & Investor Presentation
Dropbox
 
PPTX
Spectroscopy.pptx food analysis technology
nawahassan45
 
PPTX
Machine Learning_overview_presentation.pptx
kondavamsidharreddy2
 
PPTX
MYSQL Presentation for SQL database connectivity
Swati270511
 
PDF
cuic standard and advanced reporting.pdf
SimoneTitaniumTomase
 
PPTX
KOM of Painting work and Equipment Insulation REV00 update 25-dec.pptx
muhammadmuneebnaeem7
 
Blue Purple Modern Animated Computer Science Presentation.pdf.pdf
Akar16
 
Mobile App Security Testing_ A Comprehensive Guide.pdf
flufftailshop
 
Architecting across the Boundaries of two Complex Domains - Healthcare & Tech...
Peter Tan
 
NewMind AI Weekly Chronicles - August'25-Week II
NewMind AI
 
Network Security Unit 5.pdf for BCA BBA.
Serpent6
 
Accuracy of neural networks in brain wave diagnosis of schizophrenia
IAESIJAI
 
Electronic commerce courselecture one. Pdf
OmerMohamed64
 
Optimiser vos workloads AI/ML sur Amazon EC2 et AWS Graviton
Julien SIMON
 
Tartificialntelligence_presentation.pptx
ry7r52mzb4
 
Machine learning based COVID-19 study performance prediction
IAESIJAI
 
Building Integrated photovoltaic BIPV_UPV.pdf
SandeepSingh286037
 
SOPHOS-XG Firewall Administrator PPT.pptx
AgnesMunisi
 
gpt5_lecture_notes_comprehensive_20250812015547.pdf
Chinchu40
 
Digital-Transformation-Roadmap-for-Companies.pptx
David Malick Dieng
 
Dropbox Q2 2025 Financial Results & Investor Presentation
Dropbox
 
Spectroscopy.pptx food analysis technology
nawahassan45
 
Machine Learning_overview_presentation.pptx
kondavamsidharreddy2
 
MYSQL Presentation for SQL database connectivity
Swati270511
 
cuic standard and advanced reporting.pdf
SimoneTitaniumTomase
 
KOM of Painting work and Equipment Insulation REV00 update 25-dec.pptx
muhammadmuneebnaeem7
 

E-mail Security in Network Security NS5

  • 1. Chapter 5 Electronic mail security Henric Johnson Blekinge Institute of Technology, Sweden http://www.its.bth.se/staff/hjo/ [email_address]
  • 2. Outline Pretty good privacy S/MIME Recommended web sites
  • 3. Pretty Good Privacy Philip R. Zimmerman is the creator of PGP. PGP provides a confidentiality and authentication service that can be used for electronic mail and file storage applications.
  • 4. Why Is PGP Popular? It is availiable free on a variety of platforms. Based on well know n algorithms . Wide range of applicability Not developed or controlled by governmental or standards organizations
  • 5. Operational Description Consist of five services: Authentication Confidentiality Compression E-mail compatibility Segmentation
  • 6.  
  • 7. Compression PGP compresses the message after applying the signature but before encryption The placement of the compression algorithm is critical. The compression algorithm used is ZIP (described in appendix 5A)
  • 8. E-mail Compatibility The scheme used is radix-64 conversion (see appendix 5B). The use of radix-64 expands the message by 33%.
  • 9. Segmentation and Reassembly Often restricted to a maximum message length of 50,000 octets. Longer messages must be broken up into segments. PGP automatically subdivides a message that is to large. The receiver strip of all e-mail headers and reassemble the block.
  • 10. Sumary of PGP Services
  • 11.  
  • 12. Format of PGP Message
  • 13.  
  • 14.  
  • 15.  
  • 16. The Use of Trust Key legitimacy field Signature trust field Owner trust field See Table 5.2 (W. Stallings)
  • 17.  
  • 18. Revoking Public Keys The owner issue a key revocation certificate. Normal signature certificate with a revote indicator. Corresponding private key is used to sign the certificate.
  • 19. S/MIME Secure/Multipurpose Internet Mail Extension S/MIME will probably emerge as the industry standard. PGP for personal e-mail security
  • 20. Simple Mail Transfer Protocol (SMTP, RFC 822) SMTP Limitations - Can not transmit, or has a problem with: executable files, or other binary files (jpeg image) “ national language” characters (non-ASCII) messages over a certain size ASCII to EBCDIC translation problems lines longer than a certain length (72 to 254 characters)
  • 21. Header fields in MIME MIME-Version: Must be “1.0” -> RFC 2045, RFC 2046 Content-Type: More types being added by developers (application/word) Content-Transfer-Encoding: How message has been encoded (radix-64) Content-ID: Unique identifying character string. Content Description: Needed when content is not readable text (e.g.,mpeg)
  • 22. S/MIME Functions Enveloped Data: Encrypted content and encrypted session keys for recipients. Signed Data: Message Digest encrypted with private key of “signer.” Clear-Signed Data: Signed but not encrypted. Signed and Enveloped Data: Various orderings for encrypting and signing.
  • 23. Algorithms Used Message Digesting: SHA-1 and MDS Digital Signatures: DSS Secret-Key Encryption: Triple-DES, RC2/40 (exportable) Public-Private Key Encryption: RSA with key sizes of 512 and 1024 bits, and Diffie-Hellman (for session keys).
  • 24. User Agent Role S/MIME uses Public-Key Certificates - X.509 version 3 signed by Certification Authority Functions: Key Generation - Diffie-Hellman, DSS, and RSA key-pairs. Registration - Public keys must be registered with X.509 CA. Certificate Storage - Local (as in browser application) for different services. Signed and Enveloped Data - Various orderings for encrypting and signing.
  • 25. User Agent Role Example: Verisign (www.verisign.com) Class-1: Buyer’s email address confirmed by emailing vital info. Class-2: Postal address is confirmed as well, and data checked against directories. Class-3: Buyer must appear in person, or send notarized documents.
  • 26. Recommended Web Sites PGP home page: www.pgp.com MIT distribution site for PGP S/MIME Charter S/MIME Central: RSA Inc.’s Web Site