Lecture 10: 1. Secure E mail E systems. Systems. Page 1
|
|
- Mark Simon
- 8 years ago
- Views:
Transcription
1 1 2 Prof. Sead Matei Ciobanu Morogan Abdul Ghafoor Abbasi Lecture 10: Secure E Lecture 10 : Secure E mail E Subjects / opics : 1. Secure E mail E systems 2. Secure, rusted, Authorized and eliable E E Mail System 3. Secure applications based on secure E maile 3 4 Standard E system Lecture 10 : Secure E mail E Subjects / opics : 1. Secure E mail E systems 2. Secure, rusted, Authorized and eliable E E Mail System 3. Secure applications based on secure E maile Components of system are Mail Servers and User Agents (UA) 5 Internet E 6 FC 822 E format With a standard system a user creates an E letter at his/her workstation using UA Header B o d y o: sead@ dsv.su.se Dear Sead: Page 1 1
2 From: dsv.su.se o: ccvax.ucd.ie Date: 7-July-1993 Dear Ahmed: From: dsv.su.se o: ccvax.ucd.ie Date: 7-July-1993 Dear Ahmed: From: dsv.su.se o: ccvax.ucd.ie Date: 7-July-1993 Dear Ahmed: From: dsv.su.se o: ccvax.ucd.ie Date: 7-July-1993 Dear Ahmed: 7 ransmission - SMP (FC 821) 8 Internet E potential problems his implies the following problems: he of the letter may be read by anybody he correct contents of the received letter cannot be guaranteed he sender cannot be authenticated and verified he sender is not certain that the letter will be read only by the intended receiver he sender may repudiate sending the letter or its contents letters are transmitted in clear and during transmission stored at sending and receiving Mail Server 9 Secure - PEM 10 PEM principles Header B o d y Confidentiality Integrity (MIC) Sender s s Auth eceiver s s Auth Non-repudiation Header B o d y All security services and parameters are applied to the body of the letter 11 Format of PEM letter 12 ypes of PEM letters PEM header PEM letter he body of the PEM letter is divided in two parts: PEM header and PEM letter MIC - CLEA o: sead@ dsv.su.se Dear Sead: How are you? MIC - ONLY asdfegtylh uhgfdestgpl and ENCYPED o: sead@ dsv.su.se Page 2 2
3 13 MIC clear PEM letter 14 MIC only PEM letter Implements Data Integrity, Sender s s Authenticity and Non epudiation (letter contents guarantied) MIC - CLEA MIC - ONLY and ENCYPED Implements Data Integrity, Sender s s Authenticity and Non epudiation (letter contents guarantied) MIC - CLEA MIC - ONLY and ENCYPED o: sead@ dsv.su.se Dear John: How are you? asdfegtylh uhgfdestgpl Dear Sead: How are you? asdfegtylh uhgfdestgpl 15 ENCYPED PEM letter 16 Creating PEM letter Implements Data Integrity, Data Confidentiality, Sender s Authenticity, eceiver s s Authenticity and Non epudiation MIC - CLEA MIC - ONLY and ENCYPED Local Form Canonical Form April-1997 April-1997 April-1997 Cryptographic Processing Dear Sead: How are you? asdfegtylh uhgfdestgpl Base64 Encoding 17 Canonical form of a PEM letter 18 Cryptographic processing For MIC-ONLY and MIC-CLEA CLEA type of letters: ASCII character set <C><LF> line delimiters Calculate MIC (MD2 or MD5) on Canonical Form Sign MIC using Sender s s secret key Page 3 3
4 19 Cryptographic processing 20 Printable encoding For ENCYPED type of letters: Only for MIC-ONLY and ENCYPED type of letters. Calculate MIC over Canonical Form Sign MIC using Sender s s secret key Generate random Data Encryption Key - DEK Encrypt the Canonical Form using DEK Encrypt MIC using DEK Protect DEK with eceiver s s public key Base64 coding: Coding to 6 bits per printable character Input 24 bits from 3 bytes are transformed to 24 bits in 4 bytes Output line length - 64 printable characters 21 PEM header FC Example of PEM letter Proc-ype: Content-Domain: DEK-Info: ENCYPED MIC-ONLY MIC-CLEA CL FC822 <algorithm id.>, <mode>, <parameters> Originator-ID ID-Asymmetric: Originator-Certificate: Issuer-Certificate: MIC-Info: Info: Id. of Sender and of Sender s key Sender s certificate Issuer s certificate <MIC alg. id.>, <signing alg. id.>, <protected MIC> ecipient-id ID-Asymmetric: Key-Info: Id. of eceiver and eceiver s key <protected DEK>, <protecting alg. id.> -----BEGIN PIVACY-ENHANCED MESSAGE----- Proc-ype:4,CL CL: MIHeMIGJMA0GCSqGSIb3DQEBAgUAMEgxjAJBgNVBAYAlNFMAsGA1UEChMEQ09 VDAsBgNVBAsJUxvdyBBc3N1cmFuY2UgQ2VydGlmaWNhdGlvbiBBdXob3JpdHkX Czk1MDMwMjA5MDJaFws5NA0MDIwOAyWjASMBACAQAXCzk1MDMwMjA4Mzha8yAw DQYJKoZIhvcNAQECBQADQQAolGV3ahJWeOSL7bFhOl9BIOmhiqtnIAIHjoInFdM1 NM6PjFZMdcE11nOFf8nnh24obKYm/q2y5ZMV8MKdF78B Originator-Certificate: MIIBgjCCASwCBQEXVNaqMA0GCSqGSIb3DQEBAgUAMFIxUDAJBgNVBAYAnVzMBcG A1UEChMQSW50ZXJuZXQgU29jaWV0eAqBgNVBAsI0ludGVybmV0IFBDQSBSZWdp c3yyxpb24gqxv0ag9yax5mboxczk1mdmwmja5mdjafws5njazmdiwoaywjbi MUYwCQYDVQQGEwJALBgNVBAoBENPU1QwLAYDVQQLEyVMb3cgQXNzdXJhbmNl IENlcnpZmljYXpb24gQXV0aG9yaX5MFowDQYJKoZIhvcNAQEBBQADSQAwgJB ALk7mQW6uHi9Buyhqk1rXpbWefB6eBlUuNZLrsV99puwroNeAt7udJnKfADY YSqzfGZi8cQBIjrZOcS+tZ0CAQMwDQYJKoZIhvcNAQECBQADQQAdwL4/0j829o +YGFDZq114hjKIOvrvJwj0eSiECk/JYMPPg7+/1Namu8lkV4/IjjDQhIDmZCeP steg28c END PIVACY-ENHANCED MESSAGE Secure - Pretty Good Privacy (PGP) 24 Pretty Good Privacy (PGP) Plain uncertified document Digital signature added (MD5/SA) Document with signature compressed Session key used to encrypt file (IDEA) Session key used to decrypt file to compressed format File uncompressed and signature verified Page 4 4
5 25 PGP rust model 26 Secure - S/MIME YOU Features : - Based on PKCS #7 security services - Combination of MIME messages and PKCS objects A B C D E - Suitable for binary data (multimedia) F G H I? - Includes message formatting and certificate handling - International standard (interoperability) - Available with major browsers and mailers 27 S/MIME general format 28 S/MIME format example Content-ype: multipart/mixed; boundary=bar --bar Content-ype: /plain; charset=iso Content-ransfer-Encoding: quoted-printable Standard header PKCS-7 object PKCS-7 object A1Hola Michael! How do you like the new S/MIME standard? I agree. It's generally a good idea to encode lines that begin with From=20because some mail transport agents will insert a greaterthan (>) sign, thus invalidating the signature. Also, in some cases it might be desirable to encode any =20 trailing whitespace that occurs on lines in order to ensure =20 that the message signature is not invalidated when passing =20 a gateway that modifies such whitespace (like BINE). =20 --bar Content-ype: application/wally-wiggle iqcvawubmjrf2n9owbghpdjaqe9uqqatl7luvndbjrk4eqybib3h5qxix/lc// jjv5bnvkzigpicemi5ifd9boegvpirhtieeqlqkynobactfbzmh9gc3c041wgq umbrbxc+nis1ikla08rvi9ig/2yh7lfrk5ein57u/w72vgsxlhe/zhdfol9brn HOxEa44b+EI= =ndaj --bar-- 29 S/MIME file extensions 30 S/MIME signed message S/MIME ype application/pkcs7-mime (signeddata, envelopeddata) File Extension.p7m Content-type: application/mime; content-type="multipart/signed"; protocol="application/pkcs7-signature"; micalg=rsa-md5; name=smime.aps Content-disposition: attachment; filename=smime.aps Content-ype: multipart/signed; protocol="application/pkcs7-signature"; micalg=rsa-md5; boundary=boundary42 application/pkcs7-mime.p7c (degenerate signeddata "certs-only" message) application/pkcs7-signature.p7s application/pkcs10.p10 --boundary42 Content-ype: /plain his is a very short clear-signed message. However, at least you can read it! --boundary42 Content-ype: application/pkcs7-signature Content-ransfer-Encoding: base64 ghyhhhuujhjhjh77n8hhgrfvbnj756tbb9hg4vqpfyf467ghigfhfy6 4VQpfyF467GhIGfHfY6jH77n8HHGghyHhHUujhJh756tbB9HGrfvbnj n8hhgrfvhjhjh776tbb9hg4vqbnj7567ghigfhfy6ghyhhhuujpfyf4 7GhIGfHfY64VQbnj756 --boundary42-- Page 5 5
6 31 32 Problems in Current Lecture 10 : Secure E mail E Subjects / opics : 1. Secure E mail E systems 2. Secure, rusted, Authorized and eliable E E Mail System 3. Secure applications based on secure E maile Problems : Weak Authentication Protection of mail boxes and letters on server from SPAM Unauthorized (SPAM) Contents of address book confirmation E mail is main source for distribution of malicious and dangerous content 33 equirements for Secure 34 Layers: Secure equirements: Secure Infrastructure Efficient Handling of attachments Current status of letter (Confirmations) Handling of certificates Integration with smart cards Sending and receiving authorization Cross domain bilateral or multilateral arrangements Credential Server Secure Server Secure Client 35 Layer-1: Secure E Client 36 Layer 2: Secure E Mail E Servers Standard Mailing Functions Handling of Certificates Standard Security Services Secure Address Book Confirmations Strong Authentication With SEM Server Handling of Attachments Management of Authorizarion Handling of Certificates Handling of Address Book Encryption Keys Confirmations Strong Authentication Handling of Attachments Management and Enforcement of Authorizations Page 6 6
7 37 Layer 3: Credentials Servers 38 Layer 4: PKI and SMI Servers Issuing PKI Server SAML Policy Server PKI Servers SMI Servers Federation Validation 39 Secure System: Design and Implementation 40 Graphical User Interface SMP/POP3 Standard Server A L I C S User I E user Interface O N E N S S Handler Strong Authentication Session management Message Handler Address book A N S P O E A N S P O E Strong Authentication Session management Message Handler Handler L A I S C User Interface E I N O Security E Server N S S Admin Address book Storage Symmetric Key SMIME Cert proto PKCS7 DistinguishedName Certificate Hash Storage Symmetric Key SMIME Cert proto PKCS7 DistinguishedName Certificate Hash Header SessionID Data(PKCS7) 41 Graphical User Interface 42 S/MIME Message: SignedAndEncrypted eturn-path: <aghafoor@ > Message-ID: < JavaMail.sead@sec-office> MIME-Version: 1.0 Delivered-o: aghafoor@ eceived: from l884.dsv.su.se ([ ]) by sec-office (JAMES SMP Server 2.3.1) with SMP ID 184 for <aghafoor@ >; ue, 28 Oct :11: (PD) Content-Disposition: attachment; filename="smime.p7m" Content-ype: application/x-pkcs7-mime; name="smime.p7m" Content-ransfer-Encoding: base64 From: aghafoor@ o: aghafoor@ Subject: Signed and encrypted message Date: ue, 28 Oct :14: (CE) MIIoOwYJKoZIhvcNAQcDoIIoLDCCKCgCAQAxggE7MIIBNwIBADCBnzCBmELMAkGA1UEBhMCVVMx Page 7 7
8 43 S/MIME Message: Signed 44 MS Outlook Security Configuration eturn-path: Delivered-o: eceived: from l884.dsv.su.se ([ ]) by sec-office (JAMES SMP Server 2.3.1) with SMP ID 175 for ue, 28 Oct :10: (PD) Date: ue, 28 Oct :13: (CE) From: o: Message-ID: Subject: Signed message MIME-Version: 1.0 Content-ype: multipart/signed; protocol="application/x-pkcs7-signature"; micalg=sha1; boundary=" dsvseclab-sem-agent384282" Content-ransfer-Encoding: 7bit his is a cryptographically signed message in MIME format dsv-seclab-sem-agent Content-ype: /plain; charset=iso ; format=flowed Content-ransfer-Encoding: 7bit his is a signed message from aghafoor to agha dsv-seclab-sem-agent MIME-Version: 1.0 Content-Disposition: attachment; filename="smime.p7m" Content-ype: application/x-pkcs7-mime; name="smime.p7m" Content-ransfer-Encoding: base64 MIIbcwYJKoZIhvcNAQcCoIIbZDCCG2ACAQExCzAJBgUrDgMCGgUAMEEGCSqGSIb Mozilla hunderbird Security Configuration Lecture 10 : Secure E mail E Subjects / opics : 1. Secure E mail E systems 2. Secure, rusted, Authorized and eliable E E Mail System 3. Secure applications based on secure E maile 47 Business applications based on secure E mail E 48 Questions? Demonstration Page 8 8
Prof. Sead Muftic Feng Zhang. Lecture 10: Secure E-mail Systems
Prof. Sead Muftic Feng Zhang Lecture 10: Secure E-mail Systems Lecture 10 : Secure E mail Systems Subjects / Topics : 1. Secure E mail systems 2. Secure, Trusted, Authorized and Reliable E Mail System
More information4.1: Securing Applications Remote Login: Secure Shell (SSH) E-Mail: PEM/PGP. Chapter 5: Security Concepts for Networks
Chapter 2: Security Techniques Background Chapter 3: Security on Network and Transport Layer Chapter 4: Security on the Application Layer Secure Applications Network Authentication Service: Kerberos 4.1:
More informationElectronic Mail Security
Electronic Mail Security Raj Jain Washington University in Saint Louis Saint Louis, MO 63130 Jain@cse.wustl.edu Audio/Video recordings of this lecture are available at: http://www.cse.wustl.edu/~jain/cse571-11/
More informationElectronic mail security. MHS (Message Handling System)
Electronic mail security Diana Berbecaru < diana.berbecaru @ polito.it> Politecnico di Torino Dip. Automatica e Informatica MHS (Message Handling System) MS MS MUA MUA (Message Transfer ) MS (Message Store)
More informationChapter 6 Electronic Mail Security
Cryptography and Network Security Chapter 6 Electronic Mail Security Lectured by Nguyễn Đức Thái Outline Pretty Good Privacy S/MIME 2 Electronic Mail Security In virtually all distributed environments,
More informationCryptography and Network Security Chapter 15
Cryptography and Network Security Chapter 15 Fourth Edition by William Stallings Lecture slides by Lawrie Brown Chapter 15 Electronic Mail Security Despite the refusal of VADM Poindexter and LtCol North
More informationNetwork Security Essentials Chapter 7
Network Security Essentials Chapter 7 Fourth Edition by William Stallings Lecture slides by Lawrie Brown Chapter 7 Electronic Mail Security Despite the refusal of VADM Poindexter and LtCol North to appear,
More informationElectronic Mail Security. Email Security. email is one of the most widely used and regarded network services currently message contents are not secure
Electronic Mail Security CSCI 454/554 Email Security email is one of the most widely used and regarded network services currently message contents are not secure may be inspected either in transit or by
More informationPGP from: Cryptography and Network Security
PGP from: Cryptography and Network Security Fifth Edition by William Stallings Lecture slides by Lawrie Brown (*) (*) adjusted by Fabrizio d'amore Electronic Mail Security Despite the refusal of VADM Poindexter
More informationInternational Journal of Computer Trends and Technology- March to April Issue 2011
EMAIL SECURITY PROTOCOL Sunny gill 1, Gaurav Rupnar 1, Vaibhav Ramteke 1,PROF. Dipti Patil 2, Vijay M.Wadhai 3 1 Computer Engineering Department, MIT College of Engineering,Pune 2 Assistant Professor,
More informationElectronic Mail Security
email 1 Electronic Mail Security Slide 1 Characteristics File transfer, except... sender, receiver may not be present at the same time diversity(charactersets, headers,...) not a transparent channel (8
More informationAuthentication applications Kerberos X.509 Authentication services E mail security IP security Web security
UNIT 4 SECURITY PRACTICE Authentication applications Kerberos X.509 Authentication services E mail security IP security Web security Slides Courtesy of William Stallings, Cryptography & Network Security,
More informationManaging and Securing Computer Networks. Guy Leduc. Chapter 3: Securing applications. Chapter goals: security in practice:
Managing and Securing Computer Networks Guy Leduc Chapter 3: Securing applications Computer Networking: A Top Down Approach, 6 th edition. Jim Kurose, Keith Ross Addison-Wesley, March 2012. (section 8.5)
More informationEmail Security. Issues:
Email Security Email Security Issues: Not real time, can afford to use public key cryptosystems more. Certification of keys is much harder because anyone can send anyone else some mail Strictly end to
More informationCS 393 Network Security. Nasir Memon Polytechnic University Module 11 Secure Email
CS 393 Network Security Nasir Memon Polytechnic University Module 11 Secure Email Course Logistics HW 5 due Thursday Graded exams returned and discussed. Read Chapter 5 of text 4/2/02 Module 11 - Secure
More informationA Noval Approach for S/MIME
Volume 1, Issue 7, December 2013 International Journal of Advance Research in Computer Science and Management Studies Research Paper Available online at: www.ijarcsms.com A Noval Approach for S/MIME K.Suganya
More informationGrid Computing - X.509
Grid Computing - X.509 Sylva Girtelschmid October 20, 2009 Public Key Infrastructure - PKI PKI Digital Certificates IT infrastructure that provides means for private and secure data exchange By using cryptographic
More informationCategory: Standards Track June 1999
Network Working Group P. Hoffman, Editor Request for Comments: 2634 Internet Mail Consortium Category: Standards Track June 1999 Status of this Memo Enhanced Security Services for S/MIME This document
More informationWhat Your Mother Didn't Tell You About PEM, DER, PKCS. Eric Norman University of Wisconsin-Madison
What Your Mother Didn't Tell You About PEM, DER, PKCS Eric Norman University of Wisconsin-Madison 1 Audience I'm nuts Some of you might want to bolt Who needs to know? Developers Support personnel diagnose
More informationNetwork Working Group. R. Levien University of California at Berkeley T. Roessler August 2001
Network Working Group Request for Comments: 3156 Updates: 2015 Category: Standards Track M. Elkins Network Associates, Inc. D. Del Torto CryptoRights Foundation R. Levien University of California at Berkeley
More informationE-Mail security. Mag. iur. Dr. techn. Michael Sonntag
Mag. iur. Dr. techn. Michael Sonntag E-Mail security E-Mail: sonntag@fim.uni-linz.ac.at http://www.fim.uni-linz.ac.at/staff/sonntag.htm Institute for Information Processing and Microprocessor Technology
More informationHow encryption works to provide confidentiality. How hashing works to provide integrity. How digital signatures work to provide authenticity and
How encryption works to provide confidentiality. How hashing works to provide integrity. How digital signatures work to provide authenticity and non-repudiation. How to obtain a digital certificate. Installing
More informationSIP Security. ENUM-Tag am 28. September in Frankfurt. Prof. Dr. Andreas Steffen. Agenda. andreas.steffen@zhwin.ch
ENUM-Tag am 28. September in Frankfurt SIP Security Prof. Dr. Andreas Steffen andreas.steffen@zhwin.ch Andreas Steffen, 28.09.2004, ENUM_SIP.ppt 1 Agenda SIP The Session Initiation Protocol Securing the
More informationCryptography and Network Security
Cryptography and Network Security Spring 2012 http://users.abo.fi/ipetre/crypto/ Lecture 11: Email security: PGP and S/MIME Ion Petre Department of IT, Åbo Akademi University February 14, 2012 1 Email
More informationSecure E-mail System for Cloud Portals
Secure E-mail System for Cloud Portals Master Thesis in Information and Communication Systems Security DANIEL GÓMEZ VILLANUEVA Master s Degree Project Stockholm, Sweden 2012 TRITA-ICT-EX-2012:210 Acknowledgements
More informationThe basic groups of components are described below. Fig X- 1 shows the relationship between components on a network.
Elements of Email Email Components There are a number of software components used to produce, send and transfer email. These components can be broken down as clients or servers, although some components
More informationCS 356 Lecture 27 Internet Security Protocols. Spring 2013
CS 356 Lecture 27 Internet Security Protocols Spring 2013 Review Chapter 1: Basic Concepts and Terminology Chapter 2: Basic Cryptographic Tools Chapter 3 User Authentication Chapter 4 Access Control Lists
More informationNetwork Security - Secure upper layer protocols - Background. Email Security. Question from last lecture: What s a birthday attack? Dr.
Network Security - Secure upper layer protocols - Dr. John Keeney 3BA33 Question from last lecture: What s a birthday attack? might think a m-bit hash is secure but by Birthday Paradox is not the chance
More informationUnderstanding digital certificates
Understanding digital certificates Mick O Brien and George R S Weir Department of Computer and Information Sciences, University of Strathclyde Glasgow G1 1XH mickobrien137@hotmail.co.uk, george.weir@cis.strath.ac.uk
More informationto hide away details from prying eyes. Pretty Good Privacy (PGP) utilizes many
In the world of secure email, there are many options from which to choose from to hide away details from prying eyes. Pretty Good Privacy (PGP) utilizes many cryptographical concepts to achieve a supposedly
More informationPage 1. Lecture 1: Introduction to. Introduction to Computer Networks Security. Input file DES DES DES DES. Output file
1 2 Prof. Sead Muftic Matei Ciobanu Morogan Lecture 1: Introduction to Computer s Security Introduction to Computer s Security 4. security services and mechanisms 3 Approach 4 Introduction to Computer
More informationEE 7376: Introduction to Computer Networks. Homework #3: Network Security, Email, Web, DNS, and Network Management. Maximum Points: 60
EE 7376: Introduction to Computer Networks Homework #3: Network Security, Email, Web, DNS, and Network Management Maximum Points: 60 1. Network security attacks that have to do with eavesdropping on, or
More informationHow to make Secure Email Easier to use Simson L. Garfinkel (MIT/Harvard) Jeffrey I. Schiller (MIT) Erik Nordlander (MIT) David Margrave (Amazon) Robert C. Miller (MIT) Financial Services Technology Consortium
More informationCryptography and Security
Cunsheng DING Version 3 Lecture 17: Electronic Mail Security Outline of this Lecture 1. Email security issues. 2. Detailed introduction of PGP. Page 1 Version 3 About Electronic Mail 1. In virtually all
More informationEmail Security. Why do we have to hide from the police, Daddy? Because we use PGP, son. They use S/MIME
Email Security Why do we have to hide from the police, Daddy? Because we use PGP, son. They use S/MIME Email Security Problems with using email for secure communications include Doesn t handle binary data
More informationGlobalSign Enterprise Solutions
GlobalSign Enterprise Solutions Secure Email & Key Recovery Using GlobalSign s Auto Enrollment Gateway (AEG) 1 v.1.2 Table of Contents Table of Contents... 2 Introduction... 3 The Benefits of Secure Email...
More informationTaxonomy of E-Mail Security Protocol
Taxonomy of E-Mail Security Protocol Ankur Dumka, Ravi Tomar, J.C.Patni, Abhineet Anand Assistant Professor, Centre for information Technology, University of Petroleum and Energy Studies,Dehradun, India
More informationEmail: The Electronic Postcard. By Daniel Herren
Email: The Electronic Postcard By Daniel Herren 1 Table of Contents 1.0 Introduction.page 3 2.0 Internet Overview...page 3,4 3.0 Email vulnerabilities...page 5-7 3.1 Privacy..page 5 3.2 Authentication.page
More informationELECTRONIC COMMERCE OBJECTIVE QUESTIONS
MODULE 13 ELECTRONIC COMMERCE OBJECTIVE QUESTIONS There are 4 alternative answers to each question. One of them is correct. Pick the correct answer. Do not guess. A key is given at the end of the module
More informationEmail. MIME is the protocol that was devised to allow non-ascii encoded content in an email and attached files to an email.
Email Basics: Email protocols were developed even before there was an Internet, at a time when no one was anticipating widespread use of digital graphics or even rich text format (fonts, colors, etc.),
More informationSoftware and Cloud Security
1 Lecture 12: Software and Cloud Security 2 Lecture 12 : Software and Cloud Security Subjects / Topics : 1. Standard ISO/OSI security services 2. Special problems, specific for software components and
More informationUnifying Information Security. Implementing Encryption on the CLEARSWIFT SECURE Email Gateway
Unifying Information Security Implementing Encryption on the CLEARSWIFT SECURE Email Gateway Contents 1 Introduction... 4 2 Encryption Options... 5 3 Basics of Encryption... 7 3.1 Public Key... 7 3.2 Private
More informationEncryption, Data Integrity, Digital Certificates, and SSL. Developed by. Jerry Scott. SSL Primer-1-1
Encryption, Data Integrity, Digital Certificates, and SSL Developed by Jerry Scott 2002 SSL Primer-1-1 Ideas Behind Encryption When information is transmitted across intranets or the Internet, others can
More informationInstalling your Digital Certificate & Using on MS Out Look 2007.
Installing your Digital Certificate & Using on MS Out Look 2007. Note: This technical paper is only to guide you the steps to follow on how to configure and use digital signatures. Therefore Certificate
More informationCiphermail for BlackBerry Reference Guide
CIPHERMAIL EMAIL ENCRYPTION Ciphermail for BlackBerry Reference Guide June 19, 2014, Rev: 8975 Copyright 2010-2014, ciphermail.com. CONTENTS CONTENTS Contents 1 Introduction 3 2 BlackBerry add-on 3 2.1
More informationSecure Client Applications
Secure Client Applications Networking Sirindhorn International Institute of Technology Thammasat University Prepared by Steven Gordon on 26 June 2014 Common/Reports/secure-client-apps.tex, r900 1/26 Acronyms
More informationSavitribai Phule Pune University
Savitribai Phule Pune University Centre for Information and Network Security Course: Introduction to Cyber Security / Information Security Module : Pre-requisites in Information and Network Security Chapter
More informationDATEVe:secure MAIL V1.1. ISIS-MTT-Assessment Report
DATEVe:secure MAIL V1.1 DATEV eg ISIS-MTT-Assessment Report Version 1.1 Date 08. July 2004 Hans-Joachim Knobloch, Fritz Bauspiess Secorvo Security Consulting GmbH Albert-Nestler-Straße 9 D-76131 Karlsruhe
More informationSecurity (II) ISO 7498-2: Security Architecture of OSI Reference Model. Outline. Course Outline: Fundamental Topics. EE5723/EE4723 Spring 2012
Course Outline: Fundamental Topics System View of Network Security Network Security Model Security Threat Model & Security Services Model Overview of Network Security Security Basis: Cryptography Secret
More informationNetSec Exercise 8 Communication Mixes
NetSec Exercise 8 Communication Mixes Thomas Schneider Computer Networks and Communication Systems Dept. of Computer Sciences, University of Erlangen-Nuremberg, Germany 8. 11.1.2008 Thomas Schneider: NetSec
More informationPrivaSphere Gateway Certificate Authority (GW CA)
PrivaSphere Gateway Certificate Authority (GW CA) Send and receive secure emails with your email program through restricting firewalls using SMIME gateway functionalities. PrivaSphere Secure Messaging
More informationINTERNET SECURITY: FIREWALLS AND BEYOND. Mehernosh H. Amroli 4-25-2002
INTERNET SECURITY: FIREWALLS AND BEYOND Mehernosh H. Amroli 4-25-2002 Preview History of Internet Firewall Technology Internet Layer Security Transport Layer Security Application Layer Security Before
More informationChapter 8. Network Security
Chapter 8 Network Security Cryptography Introduction to Cryptography Substitution Ciphers Transposition Ciphers One-Time Pads Two Fundamental Cryptographic Principles Need for Security Some people who
More informationCryptosystems. Bob wants to send a message M to Alice. Symmetric ciphers: Bob and Alice both share a secret key, K.
Cryptosystems Bob wants to send a message M to Alice. Symmetric ciphers: Bob and Alice both share a secret key, K. C= E(M, K), Bob sends C Alice receives C, M=D(C,K) Use the same key to decrypt. Public
More informationIBM Client Security Solutions. Client Security User's Guide
IBM Client Security Solutions Client Security User's Guide December 1999 1 Before using this information and the product it supports, be sure to read Appendix B - Notices and Trademarks, on page 22. First
More informationPGP - Pretty Good Privacy
I should be able to whisper something in your ear, even if your ear is 1000 miles away, and the government disagrees with that. -- Philip Zimmermann PGP - Pretty Good Privacy - services - message format
More informationOptions for encrypted e-mail communication with AUDI AG Version of: 31 May 2011
Options for encrypted e-mail communication with AUDI AG Version of: 31 May 2011 1 Options for encrypted e-mail communication with AUDI AG Confidential information may only be transmitted in encrypted form
More informationSubmitedBy: Name Reg No Email Address. Mirza Kashif Abrar 790604-T079 kasmir07 (at) student.hh.se
SubmitedBy: Name Reg No Email Address Mirza Kashif Abrar 790604-T079 kasmir07 (at) student.hh.se Abid Hussain 780927-T039 abihus07 (at) student.hh.se Imran Ahmad Khan 770630-T053 imrakh07 (at) student.hh.se
More informationNumber of relevant issues
Electronic signature Lecture 8 Number of relevant issues cryptography itself algorithms for signing documents key management generating keys, distribution, key revocation security policy certificates may
More informationWhy you need secure email
Why you need secure email WHITE PAPER CONTENTS 1. Executive summary 2. How email works 3. Security threats to your email communications 4. Symmetric and asymmetric encryption 5. Securing your email with
More informationCiphermail Gateway Administration Guide
CIPHERMAIL EMAIL ENCRYPTION Ciphermail Gateway Administration Guide September 23, 2014, Rev: 9112 Copyright 2008-2014, ciphermail.com. Acknowledgements: Thanks goes out to Andreas Hödle for feedback. CONTENTS
More informationE-Mail Security: PGP (Pretty Good Privacy) & PEM (Privacy-Enhanced Mail)
Dept. of Information & Communication Systems E-Mail Security: PGP (Pretty Good Privacy) & PEM (Privacy-Enhanced Mail) Konstantinos Raptis Supervisor: Sokratis Katsikas Samos, September 99 Table of Contents:
More informationNetwork Security [2] Plain text Encryption algorithm Public and private key pair Cipher text Decryption algorithm. See next slide
Network Security [2] Public Key Encryption Also used in message authentication & key distribution Based on mathematical algorithms, not only on operations over bit patterns (as conventional) => much overhead
More informationChapter 10. Network Security
Chapter 10 Network Security 10.1. Chapter 10: Outline 10.1 INTRODUCTION 10.2 CONFIDENTIALITY 10.3 OTHER ASPECTS OF SECURITY 10.4 INTERNET SECURITY 10.5 FIREWALLS 10.2 Chapter 10: Objective We introduce
More informationLecture 9 - Network Security TDTS41-2006 (ht1)
Lecture 9 - Network Security TDTS41-2006 (ht1) Prof. Dr. Christoph Schuba Linköpings University/IDA Schuba@IDA.LiU.SE Reading: Office hours: [Hal05] 10.1-10.2.3; 10.2.5-10.7.1; 10.8.1 9-10am on Oct. 4+5,
More informationHow To Encrypt Email With An Email Certificate On An Email From A Gmail Account On A Pc Or Mac Or Ipa (For A Pc) On A Microsoft Gmail (For An Ipa) Or Ipad (For Mac) On
S/MIME Compatibility Assessing the compatibility and best practices of using S/MIME encryption GLOBALSIGN WHITE PAPER Ben Lightowler, Security Analyst GMO GlobalSign Ltd Contents Introduction...3 Why S/MIME
More informationE-mail Best Practices
CMSGu2012-06 Mauritian Computer Emergency Response Team CERT-MU SECURITY GUIDELINE 2011-02 Enhancing Cyber Security in Mauritius E-mail Best Practices National Computer Board Mauritius Version 1.0 June
More informationCryptoNET: Security Management Protocols
CryptoNET: Security Management Protocols ABDUL GHAFOOR ABBASI, SEAD MUFTIC CoS, School of Information and Communication Technology Royal Institute of Technology Borgarfjordsgatan 15, SE-164 40, Kista,
More informationDjigzo S/MIME setup guide
Author: Martijn Brinkers Table of Contents...1 Introduction...3 Quick setup...4 Create a CA...4 Fill in the form:...5 Add certificates for internal users...5 Add certificates for external recipients...7
More informationCiphermail S/MIME Setup Guide
CIPHERMAIL EMAIL ENCRYPTION Ciphermail S/MIME Setup Guide September 23, 2014, Rev: 6882 Copyright 2008-2014, ciphermail.com. CONTENTS CONTENTS Contents 1 Introduction 3 2 S/MIME 3 2.1 PKI...................................
More informationElectronic mail security. MHS (Message Handling System) E-mail on multi-user systems. Antonio Lioy - Politecnico di Torino (1995-2009) 1
Electronic mail security Antonio Lioy < lioy @ polito.it> Politecnico di Torino Dip. Automatica e Informatica MHS (Message Handling System) MTA MSA MTA chain MTA MSA MS MS MUA MUA MUA (Message User Agent)
More informationGuide to Obtaining Your Free WISeKey CertifyID Personal Digital Certificate (Personal eid) WISeKey 2010 / Alinghi 2010 Smartcards
The World Internet Security Company Solutions for Security Guide to Obtaining Your Free WISeKey CertifyID Personal Digital Certificate (Personal eid) WISeKey 2010 / Alinghi 2010 Smartcards Wherever Security
More informationE-Commerce: Designing And Creating An Online Store
E-Commerce: Designing And Creating An Online Store Introduction About Steve Green Ministries Solo Performance Artist for 19 Years. Released over 26 Records, Several Kids Movies, and Books. My History With
More informationPublic Key Infrastructure
UT DALLAS Erik Jonsson School of Engineering & Computer Science Public Key Infrastructure Murat Kantarcioglu What is PKI How to ensure the authenticity of public keys How can Alice be sure that Bob s purported
More informationElectronic mail security
Electronic mail security Antonio Lioy < lioy @ polito.it> Politecnico di Torino Dip. Automatica e Informatica MHS (Message Handling System) MTA MSA MTA chain MTA MSA MS MS MUA MUA MUA (Message User Agent)
More informationCS549: Cryptography and Network Security
CS549: Cryptography and Network Security by Xiang-Yang Li Department of Computer Science, IIT Cryptography and Network Security 1 Notice This lecture note (Cryptography and Network Security) is prepared
More information7 Network Security. 7.1 Introduction 7.2 Improving the Security 7.3 Internet Security Framework. 7.5 Absolute Security?
7 Network Security 7.1 Introduction 7.2 Improving the Security 7.3 Internet Security Framework 7.4 Firewalls 7.5 Absolute Security? 7.1 Introduction Security of Communications data transport e.g. risk
More informationEmail Security. Michael E. Locasto University of Calgary
Email Security Michael E. Locasto University of Calgary Agenda Read Chapter 20 and 21 - don t need to memorize PEM details background: RFCs, Chapter 22 Concept queskon: Where do we put security? SMTP Refresher
More informationAn Introduction to Cryptography as Applied to the Smart Grid
An Introduction to Cryptography as Applied to the Smart Grid Jacques Benoit, Cooper Power Systems Western Power Delivery Automation Conference Spokane, Washington March 2011 Agenda > Introduction > Symmetric
More informationChapter 11 Security+ Guide to Network Security Fundamentals, Third Edition Basic Cryptography
Chapter 11 Security+ Guide to Network Security Fundamentals, Third Edition Basic Cryptography What Is Steganography? Steganography Process of hiding the existence of the data within another file Example:
More informationSECURE EMAIL: ANALYSIS OF EXISTING IMPLEMENTATIONS OF S/MIME & PGP. Final Specification
SECURE EMAIL: ANALYSIS OF EXISTING IMPLEMENTATIONS OF S/MIME & PGP Final Specification BY Rajesh Ravi. Jon Halperin. Srikanth Nannapaneni. Secure Email: Analysis of Existing Implementations of S/MIME and
More informationmod_ssl Cryptographic Techniques
mod_ssl Overview Reference The nice thing about standards is that there are so many to choose from. And if you really don t like all the standards you just have to wait another year until the one arises
More informationUsing etoken for SSL Web Authentication. SSL V3.0 Overview
Using etoken for SSL Web Authentication Lesson 12 April 2004 etoken Certification Course SSL V3.0 Overview Secure Sockets Layer protocol, version 3.0 Provides communication privacy over the internet. Prevents
More informationSecure Data Exchange Solution
Secure Data Exchange Solution I. CONTENTS I. CONTENTS... 1 II. INTRODUCTION... 2 OVERVIEW... 2 COPYRIGHTS AND TRADEMARKS... 2 III. SECURE DOCUMENT EXCHANGE SOLUTIONS... 3 INTRODUCTION... 3 Certificates
More informationInformation Security
Information Security Dr. Vedat Coşkun Malardalen September 15th, 2009 08:00 10:00 vedatcoskun@isikun.edu.tr www.isikun.edu.tr/~vedatcoskun What needs to be secured? With the rapid advances in networked
More informationNetwork Security - ISA 656 Email Security
Network Security - ISA 656 Angelos Stavrou November 13, 2007 The Usual Questions The Usual Questions Assets What are we trying to protect? Against whom? 2 / 33 Assets The Usual Questions Assets Confidentiality
More informationEmail Electronic Mail
Email Electronic Mail Electronic mail paradigm Most heavily used application on any network Electronic version of paper-based office memo Quick, low-overhead written communication Dates back to time-sharing
More informationStandards and Products. Computer Security. Kerberos. Kerberos
3 4 Standards and Products Computer Security Standards and Products Public Key Infrastructure (PKI) IPsec SSL/TLS Electronic Mail Security: PEM, S/MIME, and PGP March 24, 2004 2004, Bryan J. Higgs 1 2
More informationNetwork Security Protocols
Network Security Protocols EE657 Parallel Processing Fall 2000 Peachawat Peachavanish Level of Implementation Internet Layer Security Ex. IP Security Protocol (IPSEC) Host-to-Host Basis, No Packets Discrimination
More information: Network Security. Name of Staff: Anusha Linda Kostka Department : MSc SE/CT/IT
Subject Code Department Semester : Network Security : XCS593 : MSc SE : Nineth Name of Staff: Anusha Linda Kostka Department : MSc SE/CT/IT Part A (2 marks) 1. What are the various layers of an OSI reference
More informationReceiving Secure Email from Citi For External Customers and Business Partners
Citi Secure Email Program Receiving Secure Email from Citi For External Customers and Business Partners Protecting the privacy and security of client information is a top priority at Citi. Citi s Secure
More informationChapter 32 Internet Security
Chapter 32 Internet Security Copyright The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 32: Outline 32.1 NETWORK-LAYER SECURITY 32.2 TRANSPORT-LAYER SECURITY 32.3
More informationPolicy Based Encryption E. Administrator Guide
Policy Based Encryption E Administrator Guide Policy Based Encryption E Administrator Guide Documentation version: 1.2 Legal Notice Legal Notice Copyright 2012 Symantec Corporation. All rights reserved.
More informationPolicy Based Encryption E. Administrator Guide
Policy Based Encryption E Administrator Guide Policy Based Encryption E Administrator Guide Documentation version: 1.2 Legal Notice Legal Notice Copyright 2012 Symantec Corporation. All rights reserved.
More informationIs your data safe out there? -A white Paper on Online Security
Is your data safe out there? -A white Paper on Online Security Introduction: People should be concerned of sending critical data over the internet, because the internet is a whole new world that connects
More informationTCS-CA. Outlook Express Configuration [VERSION 1.0] U S E R G U I D E
U S E R G U I D E TCS-CA Outlook Express Configuration [VERSION 1.0] C O N T E N T S 1 DESCRIPTION... 3 2 OUTLOOK EXPRESS AND CERTIFICATES... 4 3 ENABLING SECURITY SETTINGS FOR MAIL ACCOUNT... 5 3.1 Settings
More informationFederal S/MIME V3 Client Profile
NIST Special Publication 800-49 Federal S/MIME V3 Client Profile C. Michael Chernick C O M P U T E R S E C U R I T Y November 2002 NIST Special Publication 800-49 Federal S/MIME V3 Client Profile Recommendations
More informationIT Networks & Security CERT Luncheon Series: Cryptography
IT Networks & Security CERT Luncheon Series: Cryptography Presented by Addam Schroll, IT Security & Privacy Analyst 1 Outline History Terms & Definitions Symmetric and Asymmetric Algorithms Hashing PKI
More informationLecture 31 SSL. SSL: Secure Socket Layer. History SSL SSL. Security April 13, 2005
Lecture 31 Security April 13, 2005 Secure Sockets Layer (Netscape 1994) A Platform independent, application independent protocol to secure TCP based applications Currently the most popular internet crypto-protocol
More informationNETWORK SECURITY. Farooq Ashraf. Department of Computer Engineering King Fahd University of Petroleum and Minerals Dhahran 31261, Saudi Arabia
NETWORK SECURITY Farooq Ashraf Department of Computer Engineering King Fahd University of Petroleum and Minerals Dhahran 31261, Saudi Arabia O u t l i n e o f t h e P r e s e n t a t i o n What is Security
More information