The Electronic Postcard. By Daniel Herren

Save this PDF as:
 WORD  PNG  TXT  JPG

Size: px
Start display at page:

Download "Email: The Electronic Postcard. By Daniel Herren"

Transcription

1 The Electronic Postcard By Daniel Herren 1

2 Table of Contents 1.0 Introduction.page Internet Overview...page 3, vulnerabilities...page Privacy..page Authentication.page Non-Repudiation.page 6,7 4.0 Implementing Security Features page Improving Security..page Secret key cryptography..page Message Digests page Digital Signatures..page Public key Cryptography..page 9, Public Key Infrastructure.page 11, Secure Systems page S/MIME..page Personal Distributors...page Public Distributors...page Other Distributors page 13, PGP...page 14, Certificate Distribution page 14, Conclusion page Works Cited.page Glossary.page 17,18 2

3 1.0 Introduction is perhaps the most un-secure communication medium that We use today. Sending an message is analogous to sending a postcard through the mail. Anyone who comes into contact with it can read it. Many of the biggest problems with today such as spam are directly related to the lack of security in . Anyone can send an message claiming to be someone else, and furthermore there isn t the slightest guarantee that the message will be private. However, if other forms of communication can be made more secure, surely could also be redesigned with authentication as well as privacy in mind. 2.0 Internet Overview To understand why is not secure we first need to cover how the internet deals with . An is handled much like most other information on the internet is handled. It is first broken into payloads and then bundled with information about its destination to form packets. The packets are then transmitted across the network to the router. Routers are computers or devices specifically designed for communication with other networks. A router is responsible for forwarding packets to the next location that is closer to its final destination. Because all networks are not directly connected to each other, any specific packet may encounter dozens of routers on its way to its destination. When a router receives its packet it first analyzes the destination information to determine where the next location it needs to be sent to reach its destination (naturally there is more to it than that, but we need not be concerned with next hop algorithms). The router then extracts the payload from the packet (keep in mind the payload is in plaintext) and inserts it into a new packet which contains the next hop in the destination information. This occurs until 3

4 the packet reaches its final destination. To illustrate this process imagine 2 computers, 2 networks and the internet located in between them. Note: servers are required for to be actually sent. However that detail is not necessarily important in this example and has been omitted. We ll call the computer sending the computer A. The computer that is supposed to receive the is computer Z. Computers A, and Z reside in networks A, Z respectively with the internet located between them. First the is broken up into packets and sent from computer A to the networks router. The router of network A then extracts the payload, figures out what the next hop is, constructs a new packet and forwards it to that router. This occurs until the packet reaches the final router which sends the packet to Computer Z which reassembles all the packets into the message. Figure 2.1 4

5 3.0 vulnerabilities 3.1 Privacy Due to the fact that numerous routers receive and forward the s packets is particularly vulnerable to the Man in the middle attack. This is when someone intercepts the information while in transit. This can easily by accomplished at any router that a packet encounters by simply saving a copy of the payload and reconstructing it as the rest of the packets pass through. Although not all of the packets will take the same route it is entirely possible that enough of them would be copied that most of the message would be reassembled into a readable form. The so called man in the middle has many options at his disposal. He can transmit the data so as to not arouse suspicion that the information has been intercepted. Or transmit modified data in place of the original data. Or not transmit the data at all. For example say Alice sends bob an confirming their date Tuesday. Jealous room mate Leroy could intercept the information, and transmit a modified version to make it look as if Alice has cancelled their date. Note: even when assuming that Alice, Bob, and Leroy are on the same network, many network implementations would still allow bob to intercept the Authentication As demonstrated above has severe privacy issues, but it also has even more severe authentication issues. Actually there is no authentication. In theory addresses are composed of 2 parts. A name, followed by the domain it is sent from. For example if your address is Most people would assume that the person who sent the belongs to the network associated with engr.orst.edu. However sending from any name and any domain is as simple as connecting to a 5

6 non-secure mail server via shell or command prompt and issuing a few commands. Even at our school it s possible to spoof an from any person, including staff. 3.3 Non - Repudiation Of course spoof s are generally traceable to anyone with technical prowess. Many clients allow you to see the headers. The headers will generally tell you, all of the hops that the encountered on its way to you. As well as the computer that sent it (via IP address), and the time it was sent. Still there are ways to circumvent this, and there is no guarantee that the computer it was sent from belongs to the person who sent the . Security experts estimate that as much as 30 percent of all spam is relayed by compromised computers located in home offices and living rooms, but controlled from afar (PARANTHETICAL CITATION). Because of this it is virtually impossible to prove to a 3 rd party that a particular person sent an . Note: The following are the headers from a spoof I sent to myself from using the engineering mail server and Professor Koc s address. Return-Path: Received: from gx21.cs.orst.edu (gx21.cs.orst.edu [ ]) by engr.orst.edu ( / ) with SMTP id j260udos for Sat, 5 Mar :57: (PST) Date: Sat, 5 Mar :57: (PST) From: Message-Id: Youre fired! Note: Youre fired! Is the message I sent to myself. Figure 3.3 From examining the information in the above header you can see that the computer that sent the was gx21.cs.orst.edu. This computer is actually located in the Hovland computer lab. Normally there would be more hop entries after this but 6

7 because I sent this from a computer on the network to the network there is only one entry. By reading the headers you can have a clearer view of who sent you . However, this information can not necessarily be used to verify that you know the person. For example if you think you know the IP address of the sender, then it is also possible that your adversary(the malicious hacker) does as well, and may be able to fake this information as well if he has sufficient skill. 4.0 Implementing Security Features 4.1 Improving Security There are a host of possible security measures that can be used to provide security for communication. These include Digital Signatures, secret key cryptography, Public key Infrastructure and Message Digests. However many of them have to be used in conjunction with each other to provide privacy, authenticity, and non - repudiation. 4.2 Secret Key Cryptography Secret key cryptography is using cryptographic algorithms that require a hidden key. A key that only trusted parties can have. This key is required to both encrypt and decrypt any information you wish to send. The security of this paradigm depends on both the security of the algorithm itself and also on the actions of all those that have the secret key. This is a major drawback to secret key cryptography s usefulness to securing because you must either disclose the secret key to everyone you want to send secure to, or you must maintain different secret keys for each person you wish to send secure too. Unfortunately with secret key cryptography alone there is no way to guarantee authenticity. 7

8 4.3 Message Digest A Message Digest uses a function that produces output that can not be used to find out the input. This function is also known as a one way transformation. These Message Digests are similar to a hash but with several key differences. It must be improbable to find 2 inputs that have the same output, and it must improbable to determine the input of the function from the output. This is useful because it means that if a message digest is included in an intercepted message. The message can not be modified undetected because the Digest produced from the modified message would not be same the same as the digest from the original message. This only works assuming that the digest is either encrypted via secret key encryption or used in conjunction with a digital signature. Other wise an adversary could simply modify the message and compute a new Message Digest to be included with the mail. Then any unsuspecting recipient would execute the Digest function on the message and would end up with the same digest and assume the message was unmodified. Note: Refer to Example Digital Signatures A digital signature is a quantity that only be generated with knowledge of a private key (Private keys are covered in Section 1.24). However because it requires a different key for verification it allows both repudiation and authentication because there is only one person with the private key. Therefore if a message is signed with the digital signature the person who owns the private key must have sent the message because only that user is capable of generating that signature. Digital signatures are computed using the message contents as well. So if any of the data is modified after the digital signature is generated, 8

9 anyone who attempts to verify the digital signature will know that the message is not authentic. This helps protect against the man in the middle attack. Because generating Digital signatures can be slow it is common practice to digitally sign a Digest of the message. Note: refer to Example Public Key Cryptography Standard (PKCS) Public key cryptography requires maintaining key values. The first of which is a public key, and the second of which is a private key. The private key is a key that only the creator can have. Otherwise security would be compromised. A private key is used to decrypt cipher text and to create digital signatures and generate public keys. A digital signature is created by applying the private key to an algorithm to create a number that can be verified with the public key, but can only be generated by the private key. This Digital signature can then be included with the message. A public key on the other hand is used to encrypt information and to verify to the digital signatures. Like secret key cryptography one public key must be maintained for each person you wish to send to. However the secrecy of this key is not necessary because it cannot be used to decrypt information. Communication with public key cryptography would work like this. Alice and bob wish to send secure messages to each other. First they both have to generate and distribute public keys to each other. This can be accomplished either in person or by PKI (See section 1.26), or some other secure means. However it would not be wise to send public keys on a non-secure medium, because there is no guarantee that the keys will not be intercepted by a man in the middle. First Bob encrypts a message using Alice s public key. He then creates a Digest of the message and digitally signs it 9

10 with his private key and includes it with the message. When Alice receives the message she can verify that the message is actually from Bob by using bobs public key on the digitally signed message digest. She can then decrypt the message by using her own private key. Because no one can decrypt the message except Alice (unless she unwisely stored her private key) the communication is secure even if an adversary has Alice s public key. The adversary could of course then send encrypted messages to Alice while claiming to be Bob. But with out Bob s private key the adversary would not be capable of generating digital signatures and Alice would know the messages were not authentic. Unfortunately generating public keys is time consuming, and public key cryptography is considerably slower than secret key cryptography. Still it does improve privacy, authenticity, as well as non-repudiation as the following example illustrates. Suppose bob sells widgets and Alice routinely buys them. Alice and Bob might agree that rather than place orders through the mail with signed purchase orders, Alice will send electronic mail messages to order widgets. To protect against someone forging orders and causing Bob to manufacture more widgets than Alice actually needs, Alice will include a message integrity code on her messages. This could be either a secret key based MAC or public key based signatures. But suppose sometimes after Alice places a big order, she s changes her mind (the bottom fell out of the widget market). Since there s a big penalty for canceling an order, she doesn t fess up that she s canceling, but instead denies that she ever placed the order. Bob sues. If Alice authenticated the message by computing a MAC addressed based on a key she shares with bob. If bob knows he didn t create the message he knows it must have been Alice. But he can t prove it to anyone! Since he knows the same secret key that Alice used to sign the order he could have forged the signature on the message himself and he cant prove to the judge that he didn t! If it was a public key signature, he can show the signed message to the judge and the judge can verify that it was signed with Alice s key. Alice can still claim of course that someone must have stolen and misused her key (it might even be true), but the contract between Alice and Bob could reasonably hold her responsible for damages caused by her inadequately protecting her key. Unlike secret key cryptography, where the keys are shared you can always tell who s responsible for a signature generated with a private key (kaufman 54). Example

11 4.6PKI (Public Key Infrastructure) Public key infrastructure is one solution to the problem of distributing public keys. Generally for PKI to be considered secure it must have the following criteria met. Someway of certifying that public keys are valid A way of managing these certifications Method of revoking certifications Method of evaluating public keys However the PKI must be trusted implicitly. If the Organization running it is not honest the illusion of security would be there, which is probably more dangerous than someone who is aware that they have no security. A common structure for certifying public keys in a PKI is to issue certificates which contain a mapping between their name and the public key associated with it and a digital signature proving that the trusted party issued the certificate. Figure 4.6 Notice in the above example that VeriSign issued Amazon the certificate. That means that VeriSign is the issuer. However it is possible that there is a chain of issuers. The beginning of this chain is called the trust anchor, because that is the organization responsible for issuing certificates to the organizations under it. Of course each organization would have its own method for asserting the identity of each person or organization that it issues a certificate to. That is why it is important that the trust anchor can indeed be trusted. 11

12 Copyright VeriSign.com Figure Secure Mail systems 5.1 S/MIME v2 S/MIME is one of the more interesting secure mail systems. It provides authentication, non-repudiation, and privacy via public key cryptography. The interesting aspect of S/MIME is that encrypted messages appear as regular s with an attachment using the 3 character file extensions.p7m, or.p7s. Files using the extension.p7m are both encrypted and signed, while.p7s refers to a message that has merely been signed. Some mail programs are setup to automatically process the attachment, but users can open a third party application to decrypt and verify if necessary. Another interesting aspect is that S/MIME provides the ability digitally sign a plaintext message and then encrypt the signed message. This unorthodox strategy does provide extra privacy for the sender. Adversaries would be unable to find out the identity of the sender unless they had the correct public key. However if the user wishes it, it is possible to sign messages after encryption, or send signed clear messages. That is messages that aren t encrypted. Of course the signed message digest would still require the public key to verify. S/MIME allows the ability to use either MD5 or Sha-1() for message digests, and provides support 12

13 for RSA encryption using key sizes from bits. Although 512 bit keys are considered by many to be non-secure. S/MIME has no specific PKI. Several certificate hierarchies have been developed, each with strengths and weaknesses. Note: Sha-1 has been broken. This issue is dealt with in Version Personal certificate distribution The most simple and least secure of which is requiring that anyone you wish to send a message to must first send you a signed message containing their certificates. The lack of security exists due to the fact that you cannot protect yourself from the man in the middle attack. That is someone could intercept the signed and certificates and replace them with fraudulent ones. However, most people are primarily concerned with end to end privacy which this structure does provide assuming that no one intercepts that initial . Once the key has been retrieved, can then be securely transmitted Public certificate distributors Many companies are now offering certificate services. Most notably VeriSign has several degrees of certificates. Each of which provides more and more security, but at greater cost. The first level of which is generally free. Note: Refer to Figure Other Certifiers Of course it is entirely possible for any organization to provide there own certificate service. For example many companies probably choose this PKI. This does carry the additional risk that your company maintains both your private and public key, and can read any of your they wish to. It is also entirely possible that people maintaining these keys could be corrupted. For example Employee Bob bribes Ted who manages the 13

14 PKI, to give him Alice s private and public key. Now bob can spy on all messages sent to Alice, and assuming that he has the correct public key. He can also forge s to others using her digital signature. 5.2 PGP PGP is a popular PKCS system for both file transfer as well as secure . Like S/MIME it requires that you encrypt messages and include them as a file attachment. A unique feature of PGP is that it lets you specify what you are encoding, whether it is text or binary information. It also allows you to choose whether the information will be sent by mail in which case encoding needs to take place in order for the information to be handled correctly by some mail servers. After encryption the result is then automatically zipped which results in a smaller file than what you initially started with. Note: Encoding for transfer with mail servers typically increases the file size by about 30%. Certificates in this system allow you to specify your own name. This can lead to a hassle because it is possible for you to have multiple certificates for the same name, but which have different keys. In this case you wouldn t know which key to use to communicate with the person Certificate Distribution PGP allows an unorthodox certificate distribution strategy. Like S/MIME people are allowed to manage their own keys but they are also allowed to certify certificates for other people. You choose whose certificates you trust, and you can also certify the identity of others. For example Bob trusts Alice, and they have already distributed certificates to each other. Ted now wants to communicate securely with Bob, but Bob 14

15 doesn t know Ted very well. Because Bob trusts Alice, and Alice knows Ted she can certify that Ted is who he says he is. This forms a certificate chain. In this case the trust anchor is Alice. Now because of certificate chains it possible that you will end up with multiple chains that end with the same certificate name, but have different keys. It s because of this feature that PGP suggests that you use personal information such as an address when identifying your certificate. Once a chain incorporates someone that is untrustworthy the security of that certificate chain has been corrupted, and cannot be relied on. This system does create problems, but it is still very secure assuming you put a lot of thought into who you consider trustworthy, especially if your trust anchor is a public certifier such as VeriSign. 7.0 Conclusion Before trying to decide on a security system you need to evaluate which security features are most important to you. If you merely want to protect yourself for eaves droppers any secret key cryptography solution would be perfectly acceptable. For those who want privacy, non-repudiation and authenticity a more complicated solution such as PGP or S/MIME would fulfill your security needs. When choosing between PGP and S/MIME it really comes down to whether you plan on sending files and other attachments securely, or just . In that case PGP is probably the solution for you. Otherwise S/MIME will spare you the details of conflicting certificate chains. In the end security of any system is only as good as the people who use it. Those who use secure systems ineffectively (Not managing their keys well) will have no security, while people who act responsibly will have greater security. 15

16 Works Cited Comer, Douglas E. Computer Networks, and Computers with Internet Applications Upper Saddle River: Pearson Prentice Hall, Dusse et al. The Internet Engineering Task Force. S/Mime Version 2 Message Specification. March March < Kangas, Erik. The Case for Secure March < Kaufman Charlie, Radia Perlman, and Mike Speciner Network Security: PRIVATE Communication in PUBLIC World Upper Saddle River: Prentice Hall, United States. Federal Trade Commission. Who s Spamming You? Could it Be You? January March How to send attachments using Perl/MIME::Lite. Fraubrunnenstrass,Zauggenried. 3 March l> 16

17 9.0 Glossary AES- Advances Encryption Standard. A secret key encryption algorithm commonly used today. Authentication Accurate identification of who communication is taking place with. Certificate- A certificate is the mapping of a key to a name in the attempt to certify the identity of a computer or person for the sake of secure transactions. Cipher text- Cipher text is encrypted information Decryption: The inverse operation of encryption. A function that reverses enycryption. Digital Signatures- A digital signature is a large number that can only be generated by someone with a private key. The digital signature can be verified by anyone with a public key. DSS- Digital signature standard Encryption- A reversible function that utilizes and key to scramble data to an unrecognizable form. Internet- A mass of interconnected networks Key- A binary quantity used in conjunction with a cryptographic algorithm to generate cipher text from plaintext. A secure key must be longer than 512 bits. Man in the Middle- A Man in the Middle is any person who intercepts information on its course towards its destination. Message Digests- the result of using a one way transformation. Useful in proving that cipher text has not been modified or replaced. MIME- A Format for messages that provides special headers. Allows multiple types of data to be sent as attachments. Network- a series of computers connected to each other Next hop- The next router a pack must encounter to reach its destination Non-repudiation Capable of being proven to a 3 rd party that that communication was authenticated by a particular person. Packet- A block of data generated when information I sent across a network or the internet. Contains a payload as well as information about its destination. PGP- Pretty Good Privacy. A system for providing privacy, authentication, and nonrepudiation for both files, and . PKI- Public key infrastructure. Refers to the manner in which certificates are issued in a public key cryptography system. Plaintext- data that is not encrypted Privacy Only those who were intended to get the information are allowed to view it in plaintext. Private Key- A key used in the PKCS used to decrypt information and generate digital signatures. This must be kept confidential. Public Key- A key used in the PKCS to encrypt information, or verify a digital signature. Public Key Cryptography Router- A computer of specifically designed device designed to forward packets to their next hop. RSA- A type of public key encryption algorithm S/MIME- A type of secure mail system Secret Key- A key that is used for encryption and decryption. Must be kept confidential. Secret Key Cryptography- The use of cryptographic algorithms with a secret key. 17

18 Sha-1- A Message Digest function. Broken in 2005 Sha -2- A Message Digest function. Successor to Sha-1 SMTP- An transfer protocol VeriSign- A public certificate certifier 18

Chapter 6 Electronic Mail Security

Chapter 6 Electronic Mail Security Cryptography and Network Security Chapter 6 Electronic Mail Security Lectured by Nguyễn Đức Thái Outline Pretty Good Privacy S/MIME 2 Electronic Mail Security In virtually all distributed environments,

More information

CS 393 Network Security. Nasir Memon Polytechnic University Module 11 Secure Email

CS 393 Network Security. Nasir Memon Polytechnic University Module 11 Secure Email CS 393 Network Security Nasir Memon Polytechnic University Module 11 Secure Email Course Logistics HW 5 due Thursday Graded exams returned and discussed. Read Chapter 5 of text 4/2/02 Module 11 - Secure

More information

A Noval Approach for S/MIME

A Noval Approach for S/MIME Volume 1, Issue 7, December 2013 International Journal of Advance Research in Computer Science and Management Studies Research Paper Available online at: www.ijarcsms.com A Noval Approach for S/MIME K.Suganya

More information

Overview of CSS SSL. SSL Cryptography Overview CHAPTER

Overview of CSS SSL. SSL Cryptography Overview CHAPTER CHAPTER 1 Secure Sockets Layer (SSL) is an application-level protocol that provides encryption technology for the Internet, ensuring secure transactions such as the transmission of credit card numbers

More information

Managing and Securing Computer Networks. Guy Leduc. Chapter 3: Securing applications. Chapter goals: security in practice:

Managing and Securing Computer Networks. Guy Leduc. Chapter 3: Securing applications. Chapter goals: security in practice: Managing and Securing Computer Networks Guy Leduc Chapter 3: Securing applications Computer Networking: A Top Down Approach, 6 th edition. Jim Kurose, Keith Ross Addison-Wesley, March 2012. (section 8.5)

More information

to hide away details from prying eyes. Pretty Good Privacy (PGP) utilizes many

to hide away details from prying eyes. Pretty Good Privacy (PGP) utilizes many In the world of secure email, there are many options from which to choose from to hide away details from prying eyes. Pretty Good Privacy (PGP) utilizes many cryptographical concepts to achieve a supposedly

More information

ELECTRONIC COMMERCE OBJECTIVE QUESTIONS

ELECTRONIC COMMERCE OBJECTIVE QUESTIONS MODULE 13 ELECTRONIC COMMERCE OBJECTIVE QUESTIONS There are 4 alternative answers to each question. One of them is correct. Pick the correct answer. Do not guess. A key is given at the end of the module

More information

159.334 Computer Networks. Network Security 1. Professor Richard Harris School of Engineering and Advanced Technology

159.334 Computer Networks. Network Security 1. Professor Richard Harris School of Engineering and Advanced Technology Network Security 1 Professor Richard Harris School of Engineering and Advanced Technology Presentation Outline Overview of Identification and Authentication The importance of identification and Authentication

More information

Chapter 8 Security. IC322 Fall 2014. Computer Networking: A Top Down Approach. 6 th edition Jim Kurose, Keith Ross Addison-Wesley March 2012

Chapter 8 Security. IC322 Fall 2014. Computer Networking: A Top Down Approach. 6 th edition Jim Kurose, Keith Ross Addison-Wesley March 2012 Chapter 8 Security IC322 Fall 2014 Computer Networking: A Top Down Approach 6 th edition Jim Kurose, Keith Ross Addison-Wesley March 2012 All material copyright 1996-2012 J.F Kurose and K.W. Ross, All

More information

Security. Contents. S-72.3240 Wireless Personal, Local, Metropolitan, and Wide Area Networks 1

Security. Contents. S-72.3240 Wireless Personal, Local, Metropolitan, and Wide Area Networks 1 Contents Security requirements Public key cryptography Key agreement/transport schemes Man-in-the-middle attack vulnerability Encryption. digital signature, hash, certification Complete security solutions

More information

You re FREE Guide SSL. (Secure Sockets Layer) webvisions www.webvisions.com +65 6868 1168 sales@webvisions.com

You re FREE Guide SSL. (Secure Sockets Layer) webvisions www.webvisions.com +65 6868 1168 sales@webvisions.com SSL You re FREE Guide to (Secure Sockets Layer) What is a Digital Certificate? SSL Certificates, also known as public key certificates or Digital Certificates, are essential to secure Internet browsing.

More information

Chapter 7: Network security

Chapter 7: Network security Chapter 7: Network security Foundations: what is security? cryptography authentication message integrity key distribution and certification Security in practice: application layer: secure e-mail transport

More information

Why you need secure email

Why you need secure email Why you need secure email WHITE PAPER CONTENTS 1. Executive summary 2. How email works 3. Security threats to your email communications 4. Symmetric and asymmetric encryption 5. Securing your email with

More information

Is your data safe out there? -A white Paper on Online Security

Is your data safe out there? -A white Paper on Online Security Is your data safe out there? -A white Paper on Online Security Introduction: People should be concerned of sending critical data over the internet, because the internet is a whole new world that connects

More information

Network Security. Computer Networking Lecture 08. March 19, 2012. HKU SPACE Community College. HKU SPACE CC CN Lecture 08 1/23

Network Security. Computer Networking Lecture 08. March 19, 2012. HKU SPACE Community College. HKU SPACE CC CN Lecture 08 1/23 Network Security Computer Networking Lecture 08 HKU SPACE Community College March 19, 2012 HKU SPACE CC CN Lecture 08 1/23 Outline Introduction Cryptography Algorithms Secret Key Algorithm Message Digest

More information

Chapter 10. Network Security

Chapter 10. Network Security Chapter 10 Network Security 10.1. Chapter 10: Outline 10.1 INTRODUCTION 10.2 CONFIDENTIALITY 10.3 OTHER ASPECTS OF SECURITY 10.4 INTERNET SECURITY 10.5 FIREWALLS 10.2 Chapter 10: Objective We introduce

More information

Electronic Mail Security. Email Security. email is one of the most widely used and regarded network services currently message contents are not secure

Electronic Mail Security. Email Security. email is one of the most widely used and regarded network services currently message contents are not secure Electronic Mail Security CSCI 454/554 Email Security email is one of the most widely used and regarded network services currently message contents are not secure may be inspected either in transit or by

More information

What is network security?

What is network security? Network security Network Security Srinidhi Varadarajan Foundations: what is security? cryptography authentication message integrity key distribution and certification Security in practice: application

More information

The basic groups of components are described below. Fig X- 1 shows the relationship between components on a network.

The basic groups of components are described below. Fig X- 1 shows the relationship between components on a network. Elements of Email Email Components There are a number of software components used to produce, send and transfer email. These components can be broken down as clients or servers, although some components

More information

Cryptography and Network Security

Cryptography and Network Security Cryptography and Network Security Spring 2012 http://users.abo.fi/ipetre/crypto/ Lecture 11: Email security: PGP and S/MIME Ion Petre Department of IT, Åbo Akademi University February 14, 2012 1 Email

More information

Network Security - ISA 656 Email Security

Network Security - ISA 656 Email Security Network Security - ISA 656 Angelos Stavrou November 13, 2007 The Usual Questions The Usual Questions Assets What are we trying to protect? Against whom? 2 / 33 Assets The Usual Questions Assets Confidentiality

More information

Network Security (2) CPSC 441 Department of Computer Science University of Calgary

Network Security (2) CPSC 441 Department of Computer Science University of Calgary Network Security (2) CPSC 441 Department of Computer Science University of Calgary 1 Friends and enemies: Alice, Bob, Trudy well-known in network security world Bob, Alice (lovers!) want to communicate

More information

: Network Security. Name of Staff: Anusha Linda Kostka Department : MSc SE/CT/IT

: Network Security. Name of Staff: Anusha Linda Kostka Department : MSc SE/CT/IT Subject Code Department Semester : Network Security : XCS593 : MSc SE : Nineth Name of Staff: Anusha Linda Kostka Department : MSc SE/CT/IT Part A (2 marks) 1. What are the various layers of an OSI reference

More information

Key Management. CSC 490 Special Topics Computer and Network Security. Dr. Xiao Qin. Auburn University http://www.eng.auburn.edu/~xqin xqin@auburn.

Key Management. CSC 490 Special Topics Computer and Network Security. Dr. Xiao Qin. Auburn University http://www.eng.auburn.edu/~xqin xqin@auburn. CSC 490 Special Topics Computer and Network Security Key Management Dr. Xiao Qin Auburn University http://www.eng.auburn.edu/~xqin xqin@auburn.edu Slide 09-1 Overview Key exchange Session vs. interchange

More information

An Introduction to Cryptography and Digital Signatures

An Introduction to Cryptography and Digital Signatures An Introduction to Cryptography and Digital Signatures Author: Ian Curry March 2001 Version 2.0 Copyright 2001-2003 Entrust. All rights reserved. Cryptography The concept of securing messages through

More information

Information Security

Information Security Information Security Dr. Vedat Coşkun Malardalen September 15th, 2009 08:00 10:00 vedatcoskun@isikun.edu.tr www.isikun.edu.tr/~vedatcoskun What needs to be secured? With the rapid advances in networked

More information

Network Security - Secure upper layer protocols - Background. Email Security. Question from last lecture: What s a birthday attack? Dr.

Network Security - Secure upper layer protocols - Background. Email Security. Question from last lecture: What s a birthday attack? Dr. Network Security - Secure upper layer protocols - Dr. John Keeney 3BA33 Question from last lecture: What s a birthday attack? might think a m-bit hash is secure but by Birthday Paradox is not the chance

More information

cipher: the algorithm or function used for encryption and decryption

cipher: the algorithm or function used for encryption and decryption ! "# $ %& %'()! *,+ & -.! % %- / 0-1 2+ 34 576!! 8 9! ": ;

More information

Authentication applications Kerberos X.509 Authentication services E mail security IP security Web security

Authentication applications Kerberos X.509 Authentication services E mail security IP security Web security UNIT 4 SECURITY PRACTICE Authentication applications Kerberos X.509 Authentication services E mail security IP security Web security Slides Courtesy of William Stallings, Cryptography & Network Security,

More information

Client Server Registration Protocol

Client Server Registration Protocol Client Server Registration Protocol The Client-Server protocol involves these following steps: 1. Login 2. Discovery phase User (Alice or Bob) has K s Server (S) has hash[pw A ].The passwords hashes are

More information

Cryptography and Network Security Prof. D. Mukhopadhyay Department of Computer Science and Engineering Indian Institute of Technology, Kharagpur

Cryptography and Network Security Prof. D. Mukhopadhyay Department of Computer Science and Engineering Indian Institute of Technology, Kharagpur Cryptography and Network Security Prof. D. Mukhopadhyay Department of Computer Science and Engineering Indian Institute of Technology, Kharagpur Module No. # 01 Lecture No. # 02 Overview on Modern Cryptography

More information

INTERNET SECURITY: FIREWALLS AND BEYOND. Mehernosh H. Amroli 4-25-2002

INTERNET SECURITY: FIREWALLS AND BEYOND. Mehernosh H. Amroli 4-25-2002 INTERNET SECURITY: FIREWALLS AND BEYOND Mehernosh H. Amroli 4-25-2002 Preview History of Internet Firewall Technology Internet Layer Security Transport Layer Security Application Layer Security Before

More information

Secure E-Commerce: Understanding the Public Key Cryptography Jigsaw Puzzle

Secure E-Commerce: Understanding the Public Key Cryptography Jigsaw Puzzle CRYPTOGRAPHY Secure E-Commerce: Understanding the Public Key Cryptography Jigsaw Puzzle Viswanathan Kodaganallur, Ph.D. Today almost all organizations use the Internet extensively for both intra- and inter-organizational

More information

Network Security Essentials Chapter 7

Network Security Essentials Chapter 7 Network Security Essentials Chapter 7 Fourth Edition by William Stallings Lecture slides by Lawrie Brown Chapter 7 Electronic Mail Security Despite the refusal of VADM Poindexter and LtCol North to appear,

More information

SecureCom Mobile s mission is to help people keep their private communication private.

SecureCom Mobile s mission is to help people keep their private communication private. About SecureCom Mobile SecureCom Mobile s mission is to help people keep their private communication private. We believe people have a right to share ideas with each other, confident that only the intended

More information

Overview. SSL Cryptography Overview CHAPTER 1

Overview. SSL Cryptography Overview CHAPTER 1 CHAPTER 1 Note The information in this chapter applies to both the ACE module and the ACE appliance unless otherwise noted. The features in this chapter apply to IPv4 and IPv6 unless otherwise noted. Secure

More information

Network Security. Abusayeed Saifullah. CS 5600 Computer Networks. These slides are adapted from Kurose and Ross 8-1

Network Security. Abusayeed Saifullah. CS 5600 Computer Networks. These slides are adapted from Kurose and Ross 8-1 Network Security Abusayeed Saifullah CS 5600 Computer Networks These slides are adapted from Kurose and Ross 8-1 Public Key Cryptography symmetric key crypto v requires sender, receiver know shared secret

More information

The Case For Secure Email

The Case For Secure Email The Case For Secure Email By Erik Kangas, PhD, President, Lux Scientiae, Incorporated http://luxsci.com Contents Section 1: Introduction Section 2: How Email Works Section 3: Security Threats to Your Email

More information

PGP from: Cryptography and Network Security

PGP from: Cryptography and Network Security PGP from: Cryptography and Network Security Fifth Edition by William Stallings Lecture slides by Lawrie Brown (*) (*) adjusted by Fabrizio d'amore Electronic Mail Security Despite the refusal of VADM Poindexter

More information

Entrust Managed Services PKI. Getting started with digital certificates and Entrust Managed Services PKI. Document issue: 1.0

Entrust Managed Services PKI. Getting started with digital certificates and Entrust Managed Services PKI. Document issue: 1.0 Entrust Managed Services PKI Getting started with digital certificates and Entrust Managed Services PKI Document issue: 1.0 Date of issue: May 2009 Copyright 2009 Entrust. All rights reserved. Entrust

More information

Connected from everywhere. Cryptelo completely protects your data. Data transmitted to the server. Data sharing (both files and directory structure)

Connected from everywhere. Cryptelo completely protects your data. Data transmitted to the server. Data sharing (both files and directory structure) Cryptelo Drive Cryptelo Drive is a virtual drive, where your most sensitive data can be stored. Protect documents, contracts, business know-how, or photographs - in short, anything that must be kept safe.

More information

Principles of Network Security

Principles of Network Security he Network Security Model Bob and lice want to communicate securely. rudy (the adversary) has access to the channel. lice channel data, control s Bob Kai Shen data secure sender secure receiver data rudy

More information

Common security requirements Basic security tools. Example. Secret-key cryptography Public-key cryptography. Online shopping with Amazon

Common security requirements Basic security tools. Example. Secret-key cryptography Public-key cryptography. Online shopping with Amazon 1 Common security requirements Basic security tools Secret-key cryptography Public-key cryptography Example Online shopping with Amazon 2 Alice credit card # is xxxx Internet What could the hacker possibly

More information

KEY DISTRIBUTION: PKI and SESSION-KEY EXCHANGE. Mihir Bellare UCSD 1

KEY DISTRIBUTION: PKI and SESSION-KEY EXCHANGE. Mihir Bellare UCSD 1 KEY DISTRIBUTION: PKI and SESSION-KEY EXCHANGE Mihir Bellare UCSD 1 The public key setting Alice M D sk[a] (C) Bob pk[a] C C $ E pk[a] (M) σ $ S sk[a] (M) M, σ Vpk[A] (M, σ) Bob can: send encrypted data

More information

Cryptography and Network Security Chapter 15

Cryptography and Network Security Chapter 15 Cryptography and Network Security Chapter 15 Fourth Edition by William Stallings Lecture slides by Lawrie Brown Chapter 15 Electronic Mail Security Despite the refusal of VADM Poindexter and LtCol North

More information

Security. Friends and Enemies. Overview Plaintext Cryptography functions. Secret Key (DES) Symmetric Key

Security. Friends and Enemies. Overview Plaintext Cryptography functions. Secret Key (DES) Symmetric Key Friends and Enemies Security Outline Encryption lgorithms Protocols Message Integrity Protocols Key Distribution Firewalls Figure 7.1 goes here ob, lice want to communicate securely Trudy, the intruder

More information

The Case for Email Security

The Case for Email Security The Case for Email Security secure, premium by Erik Kangas, President, Lux Scientiae Section 1: Introduction to Email Security You may already know that email is insecure; however, it may surprise you

More information

Chapter 11 Security+ Guide to Network Security Fundamentals, Third Edition Basic Cryptography

Chapter 11 Security+ Guide to Network Security Fundamentals, Third Edition Basic Cryptography Chapter 11 Security+ Guide to Network Security Fundamentals, Third Edition Basic Cryptography What Is Steganography? Steganography Process of hiding the existence of the data within another file Example:

More information

12/3/08. Security in Wireless LANs and Mobile Networks. Wireless Magnifies Exposure Vulnerability. Mobility Makes it Difficult to Establish Trust

12/3/08. Security in Wireless LANs and Mobile Networks. Wireless Magnifies Exposure Vulnerability. Mobility Makes it Difficult to Establish Trust Security in Wireless LANs and Mobile Networks Wireless Magnifies Exposure Vulnerability Information going across the wireless link is exposed to anyone within radio range RF may extend beyond a room or

More information

Security in IPv6. Basic Security Requirements and Techniques. Confidentiality. Integrity

Security in IPv6. Basic Security Requirements and Techniques. Confidentiality. Integrity Basic Security Requirements and Techniques Confidentiality The property that stored or transmitted information cannot be read or altered by an unauthorized party Integrity The property that any alteration

More information

SubmitedBy: Name Reg No Email Address. Mirza Kashif Abrar 790604-T079 kasmir07 (at) student.hh.se

SubmitedBy: Name Reg No Email Address. Mirza Kashif Abrar 790604-T079 kasmir07 (at) student.hh.se SubmitedBy: Name Reg No Email Address Mirza Kashif Abrar 790604-T079 kasmir07 (at) student.hh.se Abid Hussain 780927-T039 abihus07 (at) student.hh.se Imran Ahmad Khan 770630-T053 imrakh07 (at) student.hh.se

More information

Public Key Infrastructure (PKI)

Public Key Infrastructure (PKI) Public Key Infrastructure (PKI) In this video you will learn the quite a bit about Public Key Infrastructure and how it is used to authenticate clients and servers. The purpose of Public Key Infrastructure

More information

Security (II) ISO 7498-2: Security Architecture of OSI Reference Model. Outline. Course Outline: Fundamental Topics. EE5723/EE4723 Spring 2012

Security (II) ISO 7498-2: Security Architecture of OSI Reference Model. Outline. Course Outline: Fundamental Topics. EE5723/EE4723 Spring 2012 Course Outline: Fundamental Topics System View of Network Security Network Security Model Security Threat Model & Security Services Model Overview of Network Security Security Basis: Cryptography Secret

More information

Cryptosystems. Bob wants to send a message M to Alice. Symmetric ciphers: Bob and Alice both share a secret key, K.

Cryptosystems. Bob wants to send a message M to Alice. Symmetric ciphers: Bob and Alice both share a secret key, K. Cryptosystems Bob wants to send a message M to Alice. Symmetric ciphers: Bob and Alice both share a secret key, K. C= E(M, K), Bob sends C Alice receives C, M=D(C,K) Use the same key to decrypt. Public

More information

Network Security. Gaurav Naik Gus Anderson. College of Engineering. Drexel University, Philadelphia, PA. Drexel University. College of Engineering

Network Security. Gaurav Naik Gus Anderson. College of Engineering. Drexel University, Philadelphia, PA. Drexel University. College of Engineering Network Security Gaurav Naik Gus Anderson, Philadelphia, PA Lectures on Network Security Feb 12 (Today!): Public Key Crypto, Hash Functions, Digital Signatures, and the Public Key Infrastructure Feb 14:

More information

Electronic Mail Security

Electronic Mail Security Electronic Mail Security Raj Jain Washington University in Saint Louis Saint Louis, MO 63130 Jain@cse.wustl.edu Audio/Video recordings of this lecture are available at: http://www.cse.wustl.edu/~jain/cse571-11/

More information

Overview. SSL Cryptography Overview CHAPTER 1

Overview. SSL Cryptography Overview CHAPTER 1 CHAPTER 1 Secure Sockets Layer (SSL) is an application-layer protocol that provides encryption technology for the Internet. SSL ensures the secure transmission of data between a client and a server through

More information

The Feasibility and Application of using a Zero-knowledge Protocol Authentication Systems

The Feasibility and Application of using a Zero-knowledge Protocol Authentication Systems The Feasibility and Application of using a Zero-knowledge Protocol Authentication Systems Becky Cutler Rebecca.cutler@tufts.edu Mentor: Professor Chris Gregg Abstract Modern day authentication systems

More information

Cryptography & Digital Signatures

Cryptography & Digital Signatures Cryptography & Digital Signatures CS 594 Special Topics/Kent Law School: Computer and Network Privacy and Security: Ethical, Legal, and Technical Consideration Prof. Sloan s Slides, 2007, 2008 Robert H.

More information

What Are Certificates?

What Are Certificates? The Essentials Series: Code-Signing Certificates What Are Certificates? sponsored by by Don Jones W hat Are Certificates?... 1 Digital Certificates and Asymmetric Encryption... 1 Certificates as a Form

More information

Cryptography and network security CNET4523

Cryptography and network security CNET4523 1. Name of Course 2. Course Code 3. Name(s) of academic staff 4. Rationale for the inclusion of the course/module in the programme Cryptography and network security CNET4523 Major The Great use of local

More information

GlobalSign Enterprise Solutions

GlobalSign Enterprise Solutions GlobalSign Enterprise Solutions Secure Email & Key Recovery Using GlobalSign s Auto Enrollment Gateway (AEG) 1 v.1.2 Table of Contents Table of Contents... 2 Introduction... 3 The Benefits of Secure Email...

More information

Network Security. HIT Shimrit Tzur-David

Network Security. HIT Shimrit Tzur-David Network Security HIT Shimrit Tzur-David 1 Goals: 2 Network Security Understand principles of network security: cryptography and its many uses beyond confidentiality authentication message integrity key

More information

CSC474/574 - Information Systems Security: Homework1 Solutions Sketch

CSC474/574 - Information Systems Security: Homework1 Solutions Sketch CSC474/574 - Information Systems Security: Homework1 Solutions Sketch February 20, 2005 1. Consider slide 12 in the handout for topic 2.2. Prove that the decryption process of a one-round Feistel cipher

More information

Elements of Security

Elements of Security Elements of Security Dr. Bill Young Department of Computer Sciences University of Texas at Austin Last updated: April 15, 2015 Slideset 8: 1 Some Poetry Mary had a little key (It s all she could export)

More information

Module 8. Network Security. Version 2 CSE IIT, Kharagpur

Module 8. Network Security. Version 2 CSE IIT, Kharagpur Module 8 Network Security Lesson 2 Secured Communication Specific Instructional Objectives On completion of this lesson, the student will be able to: State various services needed for secured communication

More information

CSCE 465 Computer & Network Security

CSCE 465 Computer & Network Security CSCE 465 Computer & Network Security Instructor: Dr. Guofei Gu http://courses.cse.tamu.edu/guofei/csce465/ Public Key Cryptogrophy 1 Roadmap Introduction RSA Diffie-Hellman Key Exchange Public key and

More information

CIS 6930 Emerging Topics in Network Security. Topic 2. Network Security Primitives

CIS 6930 Emerging Topics in Network Security. Topic 2. Network Security Primitives CIS 6930 Emerging Topics in Network Security Topic 2. Network Security Primitives 1 Outline Absolute basics Encryption/Decryption; Digital signatures; D-H key exchange; Hash functions; Application of hash

More information

Message authentication and. digital signatures

Message authentication and. digital signatures Message authentication and " Message authentication digital signatures verify that the message is from the right sender, and not modified (incl message sequence) " Digital signatures in addition, non!repudiation

More information

Secure Sockets Layer (SSL) / Transport Layer Security (TLS)

Secure Sockets Layer (SSL) / Transport Layer Security (TLS) Secure Sockets Layer (SSL) / Transport Layer Security (TLS) Brad Karp UCL Computer Science CS GZ03 / M030 19 th November 2014 What Problems Do SSL/TLS Solve? Two parties, client and server, not previously

More information

Chapter 8. Network Security

Chapter 8. Network Security Chapter 8 Network Security Cryptography Introduction to Cryptography Substitution Ciphers Transposition Ciphers One-Time Pads Two Fundamental Cryptographic Principles Need for Security Some people who

More information

Content Teaching Academy at James Madison University

Content Teaching Academy at James Madison University Content Teaching Academy at James Madison University 1 2 The Battle Field: Computers, LANs & Internetworks 3 Definitions Computer Security - generic name for the collection of tools designed to protect

More information

Savitribai Phule Pune University

Savitribai Phule Pune University Savitribai Phule Pune University Centre for Information and Network Security Course: Introduction to Cyber Security / Information Security Module : Pre-requisites in Information and Network Security Chapter

More information

Chapter 37. Secure Networks

Chapter 37. Secure Networks Chapter 37 Network Security (Access Control, Encryption, Firewalls) Secure Networks Secure network is not an absolute term Need to define security policy for organization Network security policy cannot

More information

Introduction to Computer Security

Introduction to Computer Security Introduction to Computer Security Hash Functions and Digital Signatures Pavel Laskov Wilhelm Schickard Institute for Computer Science Integrity objective in a wide sense Reliability Transmission errors

More information

SFWR ENG 4C03 - Computer Networks & Computer Security

SFWR ENG 4C03 - Computer Networks & Computer Security KEY MANAGEMENT SFWR ENG 4C03 - Computer Networks & Computer Security Researcher: Jayesh Patel Student No. 9909040 Revised: April 4, 2005 Introduction Key management deals with the secure generation, distribution,

More information

4.1: Securing Applications Remote Login: Secure Shell (SSH) E-Mail: PEM/PGP. Chapter 5: Security Concepts for Networks

4.1: Securing Applications Remote Login: Secure Shell (SSH) E-Mail: PEM/PGP. Chapter 5: Security Concepts for Networks Chapter 2: Security Techniques Background Chapter 3: Security on Network and Transport Layer Chapter 4: Security on the Application Layer Secure Applications Network Authentication Service: Kerberos 4.1:

More information

An Introduction to Cryptography as Applied to the Smart Grid

An Introduction to Cryptography as Applied to the Smart Grid An Introduction to Cryptography as Applied to the Smart Grid Jacques Benoit, Cooper Power Systems Western Power Delivery Automation Conference Spokane, Washington March 2011 Agenda > Introduction > Symmetric

More information

Controller of Certification Authorities of Mauritius

Controller of Certification Authorities of Mauritius Contents Pg. Introduction 2 Public key Infrastructure Basics 2 What is Public Key Infrastructure (PKI)? 2 What are Digital Signatures? 3 Salient features of the Electronic Transactions Act 2000 (as amended)

More information

SECURITY IN NETWORKS

SECURITY IN NETWORKS SECURITY IN NETWORKS GOALS Understand principles of network security: Cryptography and its many uses beyond confidentiality Authentication Message integrity Security in practice: Security in application,

More information

Internet Architecture

Internet Architecture Internet Architecture Lecture 10: How Email Work Assistant Teacher Samraa Adnan Al-Asadi 1 How Email Works Electronic mail, or email, might be the most heavily used feature of the Internet. You can use

More information

Digital Certificates (Public Key Infrastructure) Reshma Afshar Indiana State University

Digital Certificates (Public Key Infrastructure) Reshma Afshar Indiana State University Digital Certificates (Public Key Infrastructure) Reshma Afshar Indiana State University October 2015 1 List of Figures Contents 1 Introduction 1 2 History 2 3 Public Key Infrastructure (PKI) 3 3.1 Certificate

More information

Part 2 D(E(M, K),K ) E(M, K) E(M, K) Plaintext M. Plaintext M. Decrypt with private key. Encrypt with public key. Ciphertext

Part 2 D(E(M, K),K ) E(M, K) E(M, K) Plaintext M. Plaintext M. Decrypt with private key. Encrypt with public key. Ciphertext Part 2 Plaintext M Encrypt with public key E(M, K) Ciphertext Plaintext M D(E(M, K),K ) Decrypt with private key E(M, K) Public and private key related mathematically Public key can be published; private

More information

Dr. Cunsheng DING HKUST, Hong Kong. Security Protocols. Security Protocols. Cunsheng Ding, HKUST COMP685C

Dr. Cunsheng DING HKUST, Hong Kong. Security Protocols. Security Protocols. Cunsheng Ding, HKUST COMP685C Cunsheng Ding, HKUST Lecture 06: Public-Key Infrastructure Main Topics of this Lecture 1. Digital certificate 2. Certificate authority (CA) 3. Public key infrastructure (PKI) Page 1 Part I: Digital Certificates

More information

Network Security. Network Security. Security in Computer Networks

Network Security. Network Security. Security in Computer Networks Network Security Network Security introduction cryptography authentication key exchange Reading: Tannenbaum, section 7.1 Ross/Kurose, Ch 7 (which is incomplete) Intruder may eavesdrop remove, modify, and/or

More information

How encryption works to provide confidentiality. How hashing works to provide integrity. How digital signatures work to provide authenticity and

How encryption works to provide confidentiality. How hashing works to provide integrity. How digital signatures work to provide authenticity and How encryption works to provide confidentiality. How hashing works to provide integrity. How digital signatures work to provide authenticity and non-repudiation. How to obtain a digital certificate. Installing

More information

Lecture 9 - Network Security TDTS41-2006 (ht1)

Lecture 9 - Network Security TDTS41-2006 (ht1) Lecture 9 - Network Security TDTS41-2006 (ht1) Prof. Dr. Christoph Schuba Linköpings University/IDA Schuba@IDA.LiU.SE Reading: Office hours: [Hal05] 10.1-10.2.3; 10.2.5-10.7.1; 10.8.1 9-10am on Oct. 4+5,

More information

CS 356 Lecture 27 Internet Security Protocols. Spring 2013

CS 356 Lecture 27 Internet Security Protocols. Spring 2013 CS 356 Lecture 27 Internet Security Protocols Spring 2013 Review Chapter 1: Basic Concepts and Terminology Chapter 2: Basic Cryptographic Tools Chapter 3 User Authentication Chapter 4 Access Control Lists

More information

A Standards-based Approach to IP Protection for HDLs

A Standards-based Approach to IP Protection for HDLs A Standards-based Approach to IP Protection for HDLs John Shields Staff Engineer, Modelsim Overview Introduction A Brief Status First Look at The Flow Encryption Technology Concepts Key Management Second

More information

Internet Programming. Security

Internet Programming. Security Internet Programming Security Introduction Security Issues in Internet Applications A distributed application can run inside a LAN Only a few users have access to the application Network infrastructures

More information

CSE/EE 461 Lecture 23

CSE/EE 461 Lecture 23 CSE/EE 461 Lecture 23 Network Security David Wetherall djw@cs.washington.edu Last Time Naming Application Presentation How do we name hosts etc.? Session Transport Network Domain Name System (DNS) Data

More information

Securing your Microsoft Internet Information Services (MS IIS) Web Server with a thawte Digital Certificate thawte thawte thawte thawte thawte 10.

Securing your Microsoft Internet Information Services (MS IIS) Web Server with a thawte Digital Certificate thawte thawte thawte thawte thawte 10. Securing your Microsoft Internet Information Services (MS IIS) Web Server with a thawte Digital Certificate A STEP-BY-STEP GUIDE to test, install and use a thawte Digital Certificate on your MS IIS Web

More information

Cryptography and Security

Cryptography and Security Cunsheng DING Version 3 Lecture 17: Electronic Mail Security Outline of this Lecture 1. Email security issues. 2. Detailed introduction of PGP. Page 1 Version 3 About Electronic Mail 1. In virtually all

More information

Outline. Computer Science 418. Digital Signatures: Observations. Digital Signatures: Definition. Definition 1 (Digital signature) Digital Signatures

Outline. Computer Science 418. Digital Signatures: Observations. Digital Signatures: Definition. Definition 1 (Digital signature) Digital Signatures Outline Computer Science 418 Digital Signatures Mike Jacobson Department of Computer Science University of Calgary Week 12 1 Digital Signatures 2 Signatures via Public Key Cryptosystems 3 Provable 4 Mike

More information

Taxonomy of E-Mail Security Protocol

Taxonomy of E-Mail Security Protocol Taxonomy of E-Mail Security Protocol Ankur Dumka, Ravi Tomar, J.C.Patni, Abhineet Anand Assistant Professor, Centre for information Technology, University of Petroleum and Energy Studies,Dehradun, India

More information

Security in Communication Networks

Security in Communication Networks Security in Communication Networks Lehrstuhl für Informatik 4 RWTH Aachen Prof. Dr. Otto Spaniol Dr. rer. nat. Dirk Thißen Page 1 Organization Lehrstuhl für Informatik 4 Lecture Lecture takes place on

More information

Compter Networks Chapter 9: Network Security

Compter Networks Chapter 9: Network Security Goals of this chapter Compter Networks Chapter 9: Network Security Give a brief glimpse of security in communication networks Basic goals and mechanisms Holger Karl Slide set: Günter Schäfer, TU Ilmenau

More information

Secure Client Applications

Secure Client Applications Secure Client Applications Networking Sirindhorn International Institute of Technology Thammasat University Prepared by Steven Gordon on 26 June 2014 Common/Reports/secure-client-apps.tex, r900 1/26 Acronyms

More information

Clearswift Information Governance

Clearswift Information Governance Clearswift Information Governance Implementing the CLEARSWIFT SECURE Encryption Portal on the CLEARSWIFT SECURE Email Gateway Version 1.10 02/09/13 Contents 1 Introduction... 3 2 How it Works... 4 3 Configuration

More information

Public Key Cryptography in Practice. c Eli Biham - May 3, 2005 372 Public Key Cryptography in Practice (13)

Public Key Cryptography in Practice. c Eli Biham - May 3, 2005 372 Public Key Cryptography in Practice (13) Public Key Cryptography in Practice c Eli Biham - May 3, 2005 372 Public Key Cryptography in Practice (13) How Cryptography is Used in Applications The main drawback of public key cryptography is the inherent

More information