Secure E-Mail Part II Due Date: Sept 27 Points: 25 Points



Similar documents
Exostar LDAP Proxy / Secure Setup Guide. This document provides information on the following topics:

Outlook Express. Make Changes in Red: Open up Outlook Express. From the Menu Bar. Tools to Accounts - Click on. User Information

1. Open the preferences screen by opening the Mail menu and selecting Preferences...

I. Configuring Digital signature certificate in Microsoft Outlook 2003:

Outlook Express. Make Changes in Red: Open up Outlook Express. From the Menu Bar. Tools to Accounts - Click on Mail Tab.

Set Up Setup with Microsoft Outlook 2007 using POP3

1. Open the preferences screen by opening the Mail menu and selecting Preferences...

Djigzo S/MIME setup guide

Using Entrust certificates with Microsoft Office and Windows

SECURE USER GUIDE OUTLOOK 2000

TCS-CA. Outlook Express Configuration [VERSION 1.0] U S E R G U I D E

Outlook Express. Make Changes in Red: Open up Outlook Express. From the Menu Bar. Tools to Accounts - Click on Mail Tab.

User Guide May Using Certificates in Outlook Express

Ciphermail for BlackBerry Quick Start Guide

User Guide Using Certificate in Microsoft Outlook Express

Secure transaction guidelines for external users with Commission personnel.

Zarafa S/MIME Webaccess Plugin User Manual. Client side configuration and usage.

Ciphermail S/MIME Setup Guide

Configuring Mozilla Thunderbird to Access Your SAS Account

Configuring an Client to Connect to CASS Mail Servers

CHARTER BUSINESS custom hosting faqs 2010 INTERNET. Q. How do I access my ? Q. How do I change or reset a password for an account?

Using TLS Encryption with Microsoft Outlook 2007

Update Instructions

4. Click Next and then fill in your Name and address. Click Next again.

Update Instructions

File and encryption with GPG4win & Enigmail

Prerequisite. Getting Started. Signing and Encryption using Microsoft outlook 2007

Patriots Outlook Configuration

Versions Addressed: Microsoft Office Outlook 2010/2013. Document Updated: Copyright 2014 Smarsh, Inc. All right reserved

How to Set Up Your. Account

1. Navigate to Control Panel and click on User Accounts and Family Safety. 2. Click on User Accounts

Internet Encryption S/Mime Standard

HGC SUPERHUB HOSTED EXCHANGE

Gold Lock Desktop. User Manual. Follow these simple steps to install, configure, and use Gold Lock Desktop.

Using etoken for Securing s Using Outlook and Outlook Express

Prerequisite. Getting Started. Signing and Encryption using Microsoft outlook 2010

Update Instructions

Initial Setup of Mozilla Thunderbird with IMAP for Windows 7

Exchange Outlook Profile/POP/IMAP/SMTP Setup Guide

Using Your PGP Tool to Update Your Address Settings for Encrypted Messaging

How to Setup your Account -Apple Mail for Mac OS X 1- Open Mail

Microsoft Outlook 2013 & Microsoft Outlook Microsoft Outlook Windows Live Mail 2012 & MAC Mail. Mozilla Thunderbird

PKI Contacts PKI for Fraunhofer Contacts

Configuring Thunderbird for Flinders Mail at home.

The IceWarp SSL Certificate Process

IceWarp SSL Certificate Process

How To Configure Using Different Clients

Outlook 2010 Setup Guide (POP3)

NICCA User Guide for digitally signing Using Digital Signature Certificate (DSC) in Outlook Express

Open Thunderbird. To set up an account in Thunderbird, from the Tools menu select Account Settings; choose account; then click Next.

Set up Outlook for your new student e mail with IMAP/POP3 settings

Extracting an S/MIME certificate from a digital signature

To configure Outlook Express for your InfoMetrics address:

Knights Outlook Configuration

Microsoft Outlook 2010

Unifying Information Security. Implementing Encryption on the CLEARSWIFT SECURE Gateway

Basic Exchange Setup Guide

HMRC Secure Electronic Transfer (SET)

Client Configuration Secure Socket Layer. Information Technology Services 2010

How to use Certificate in Microsoft Outlook

1. Open Thunderbird. If the Import Wizard window opens, select Don t import anything and click Next and go to step 3.

GPG installation and configuration

Configuring Outlook 2013 For IMAP Connections

Installing your Digital Certificate & Using on MS Out Look 2007.

6. Is it mandatory to have the digital certificate issued from NICCA? Is it mandatory for the sender and receiver to have a NIC id?...

SSL Guide. (Secure Socket Layer)

Outlook Start Outlook, and click on mserver.wlu.ca. 2. From the Tools menu, choose Options

Guide to Using DoD PKI Certificates in Outlook

Outlook Express IMAP Instructions - Bloomsburg University Students

Introduction. POP and IMAP Servers. MAC1028 June 2007


Exchange Outlook Profile/POP/IMAP/SMTP Setup Guide

Encrypting Your Using the free COMODO Secure Certificate

Configuring Outlook 2010 for Windows

Set Up Instructions

Outlook Profile Setup Guide Exchange 2010 Quick Start and Detailed Instructions

NeoMail Guide. Neotel (Pty) Ltd

Installing your certificate on your Windows PC

User Guide Supplement. S/MIME Support Package for BlackBerry Smartphones BlackBerry Pearl 8100 Series

Client configuration and migration Guide Setting up Thunderbird 3.1

Generating and Installing SSL Certificates on the Cisco ISA500

3. On the Accounts wizard window, select Add a new account, and then click Next.

GPG4win / Kleopatra Documentation. Secure file and encryption by using GnuPG for Windows

Tutorial: Encrypted with Thunderbird and Enigmail. Author: Shashank Areguli. Published: Ed (August 9, 2014)

Receiving Secure from Citi For External Customers and Business Partners

Internet Explorer 7 for Windows XP: Obtaining MIT Certificates

1. Open the Account Settings window by clicking on Account Settings from the Entourage menu.

Account Create for Outlook Express

Initial Setup of Mozilla Thunderbird with IMAP for OS X Lion

Update Instructions

SETUP INSTRUCTIONS

Setting up secure communication with Ericsson. Guideline for Ericsson partners

E M A I L S E T - U P G U I D E

You may use port 587 if port 25 is blocked by your internet provider. This does not apply to customers using PolarComm internet.

White Paper. Installation and Configuration of Fabasoft Folio IMAP Service. Fabasoft Folio 2015 Update Rollup 3

Follow these steps to configure Outlook Express to access your Staffmail account:

GlobalSign Solutions. Using a GlobalSign PersonalSign Certificate to Apply Digital Signatures in Microsoft Office Documents

How To Encrypt A Traveltrax Report On Gpg On A Pc Or Mac Or Mac (For A Free Download) On A Thumbdrive Or Ipad Or Ipa (For Free) On Pc Or Ipo (For An Ipo)

Ciphermail for Android Quick Start Guide

Transcription:

Secure E-Mail Part II Due Date: Sept 27 Points: 25 Points Objective 1. To explore a practical application of cryptography secure e-mail 2. To use public key encryption 3. To gain experience with the various cryptographic algorithms in use 4. To understand how public key certificates and certificate authorities are utilized Equipment Needed Thunderbird E-Mail Client included with your UBuntu OS Internet Web-Browser, Mozilla Firefox Internet Access Background There are two widely used secure e-mail systems on the Internet, S/MIME and PGP. Both provide similar capabilities but differ in details with respect to how each treats the distribution and validation of public keys. In this lab we will be using S/MIME in tandem with the CAcert Free Community CA. In providing a secure e- mail service, the following types of algorithms are used: a public key encryption algorithm: the sender uses the recipients public key to encrypt a session key, and the recipient uses their private key to decrypt this session key. a block cipher (private key) algorithm, using the exchanged session key to encrypt the e-mail contents to protect them from disclosure a hash function is used to create a digest of the e-mail contents before encryption/after decryption, to be signed, or to verify the signature a public key signature algorithm, using the senders private key to sign the digest to protect the message from modification and to identify the sender; and then the recipient uses the sender s public key to verify this signature. In practice most of this happens automatically for the user. The area of most interest is how the keys used by the encryption and signature algorithms are obtained and their correctness guaranteed. S/MIME uses the X.509 public key certificate standards for this. The keys are distributed in a Public Key Certificate that binds a public key to some user s identify and that is issued and certified by a Certificate Authority (CA) which both sender and recipient trust and whose key they can use to verify the certificates. To use secure e-mail, each user must create a public/private key pair and have some certificate authority certify their public key as belonging to them. Then these certificates can be exchanged to enable secure communications to occur. It is this process that we will be exploring in this experience, as well as examining the contents of your certificate. This lab experience is partitioned into eight phases, some of which you have already completed: i. Configuring the Thunderbird e-mail client ii. Obtain the CAcert Root Certificate (Secure Email Part I)

iii. Generating your Keys and obtain your Certificate (Secure Email Part I) iv. Exporting your Key and Certificate (Secure Email Part I) v. Importing your Certificate and Root Certificate into Thunderbird vi. Sending a digitally signed e-mail vii. Receiving a digitally signed and encrypted e-mail viii. Sending a digitally signed and encrypted e-mail Procedure I. Configuring Thunderbird E-Mail Client Follow these instructions VERY carefully, if not, your e-mail may be DELETED from the Clemson University servers and downloaded to Thunderbird. 1. Inside Ubuntu: Select Applications -> Internet -> Mozilla Thunderbird Mail/News 'New Account Setup' Wizard should appear. 2. Select 'Email Account' Enter your gmail.com account (xxx@g.clemson.edu) as your e-mail. Select POP For the 'Incoming Server' field type 'pop.gmail.com' For the Outgoing Server field type smtp.googlemail.com Change/Leave 'Incoming Name' as you wish. Change/Leave 'Account Name' as you wish. Sample Screenshot of Dialog Box

Verify the Information is correct. Unclick Download messages now Click Finish 3. In ThunderBird 3.1 Select Edit -> Account Settings 3.2 Choose Outgoing-Server 3.2.1 Select Edit if you have one listed. 3.2.2 Provide a description or leave blank your choice. 3.2.3 For Server Name enter smtp.googlemail.com. 3.2.4 For Port ensure port 587 is being used. 3.2.5 Under Security and Authentication CHECK User name and password. 3.2.6 For User Name enter xxx@g.clemson.edu 3.2.7 Under Use Secure Connection select TLS. 3.2.8 Verify your information is correct and Click OK. Ensure the Dialog Box Looks as Below 3.3 Next Choose Server Setting from the left pane. 3.4 Ensure the Server Type is POP Mail Server. Server Name is pop.gmail.com and Port is 995. 3.5 Check Leave Messages on server. IMPORTANT 3.6 Check Until I delete them. IMPORTANT 3.7 Verify your information is correct and Click OK 4. Thunderbird Click the 'Get Mail' Icon (below the File option)

5. Your email can now be retrieved via Thunderbird; you are done. II. Obtaining the CAcert Root Certificate (Secure Email Part I) III. Generate Your Keys and Obtain Your Certificate (Secure Email Part I) IV. Exporting your Key and Certificate (Secure Email Part I) V. Importing Your Certificate & Root Certificate into Thunderbird Now that you have your keys and certificate you can send signed email to other people but not encrypted email since you need to know the recipient s certificate first to do this. First, we need to ensure that Thunderbird knows about and will use the certificate you now have. You will need to take your exported client certificate and key (mykeys.p12), and the CAcert root certificate (cacert.pem) and import them into Thunderbird Email Client. Importing Your Certificate mykeys.p12 1. Open Thunderbird Select Edit -> Preferences -> Advanced -> Certificates 2. Click View Certificates Select Your Certificates tab if not previously selected and Click Import 3. Remember where you saved your certificate in the previous Experience, select mykeys.p12 and Click Open You will be prompted to enter the pass-phrase used to export the certificate. After your pass-phrase has been entered correctly, a 'Success' pop-up box will appear. Importing the Root Certificate cacert.pem 4. With the window still open, select the 'Authorities' tab and Click 'Import' 5. Again remembering where you saved the root certificate, select cacert.pem and Click Ok ; if you receive a warning indicating that the certificate was previously installed, that is fine. Specifying a Certificate to Digitally Sign and Encrypt/Decrypt E-mail 6. The last step before we are underway sending digitally signed e-mail is to configure Thunderbird to use the newly imported certificate. 7. Open Thunderbird (if not open)

Select Edit -> Account Settings -> Security (located in the left panel) 8. Under the 'Digital Signing' section 8.1 Click 'Select' and choose your imported 8.2 Check 'Digitally sign messages (by default)' 9. Under the 'Encryption' section 9.1 Click 'Select' and choose the same certificate selected in 8. 9.2 Select 'Required' 10. Click on the View Certificates button, select Authorities tab and then select CA Cert Signing Authority. Click on Edit and make sure that all 3 trust boxes are checked. 11. Click 'Ok' VI. Sending a Digitally Signed Email In the next part, you will send a digitally signed message to hcgrs@clemson.edu. 1. Open Thunderbird (if not open) Click the 'Write (Pen)' Icon to compose an e-mail message 2. Address the e-mail and insert your public and private keys in the message. 3. Click the down-arrow to the right of the 'Security (Pad-Lock)' icon 3.1 Select 'Do Not Encrypt this Message' 3.2 Select 'Digitally Sign this Message' (should have a check mark) 4. Hit 'Send'. 5. The message was sent with your digital signature. You will receive a digitally-signed, encrypted message in return. Note that when you view the message, you may be told that a new certificate is being added and that the message signature is Good. You can view the details of the signature and the certificate by opening the e-mail and clicking on the Envelope icon, which indicates the message has been digitally-signed. VII. Sending a Digitally Signed & Encrypted Email 1. AFTER you have received a 'Digitally Signed, Encrypted Email', Thunderbird automatically extracts the public key from the digital signature and stores this for you to later encrypt e-mail with the recipient's public key. Compose a second message as directed in the encrypted e-mail. 2. Address the email and insert the items that the encrypted message from Dr Grossman describes. 3. Click the down-arrow to the right of the 'Security (Pad-Lock)' icon 3.1 Select 'Encrypt this Message' 3.2 Select 'Digitally Sign this Message' (should have a check mark) 4. Hit 'Send' 5. The message was sent encrypted with the recipient's public key and with your digital signature.

In the digitally-signed and encrypted email that you received, you can view the details regarding the message s security by selecting the pad-lock icon window that indicates the message has been encrypted. in the message Reporting E-mail in one digitally-signed message the following to grossman@cs.clemson.edu with a subject line of Secure E-Mail Request. Failure to use the correct subject line will result in a 10 point deduction for this experience. 1. In the body of the message, send your public and private keys clearly denoting each 2. Additional directions will be returned via the encrypted, digitally signed message

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information