S/MIME Functionality
In terms
of general functionality, S/MIME is very similar to PGP. Both offer the ability
to sign and/or encrypt messages. In this subsection, we briefly summarize
S/MIME capability. We then look in more detail at this capability by examining
message formats and message preparation.
1. Functions
S/MIME
provides the following functions:
·
Enveloped
data: This consists of encrypted content of any type and encrypted-content encryption keys for one or more
recipients.
·
Signed
data: A
digital signature is formed by taking the message digest of the content to be signed and then encrypting that
with the private key of the signer. The content plus signature are then encoded
using base64 encoding. A signed data message can only be
·
viewed by a recipient with S/MIME capability.
·
Clear-signed
data: As with signed data, a digital signature of the content is formed. However, in this case, only the
digital signature is encoded using base64. As a result, recipients without
S/MIME capability can view the message content, although they cannot verify the
signature.
·
Signed
and enveloped data: Signed-only and encrypted-only entities may be
nested, so that encrypted data may
be signed and signed data or clear-signed data may be encrypted.
2. Cryptographic Algorithms
·
hash functions: SHA-1 & MD5
·
digital signatures: DSS & RSA
·
session key encryption: ElGamal & RSA
·
message encryption: Triple-DES, RC2/40 and others
·
have a procedure to decide which algorithms to use.
S/MIME
uses the following terminology, taken from RFC 2119 to specify the requirement
level:
·
Must: The definition is an absolute requirement of
the specification. An implementation must include this feature or function to
be in conformance with the specification.
·
Should: There may exist valid reasons in particular
circumstances to ignore this feature or function, but it is recommended that an
implementation include the feature or function.
S/MIME Messages
S/MIME
makes use of a number of new MIME content types. All of the new application
types use the designation PKCS. This refers to a set of public-key cryptography
specifications issued by RSA Laboratories and made available for the S/MIME
effort.
We
examine each of these in turn after first looking at the general procedures for
S/MIME message preparation.
Related Topics
Privacy Policy, Terms and Conditions, DMCA Policy and Compliant
Copyright © 2018-2024 BrainKart.com; All Rights Reserved. Developed by Therithal info, Chennai.