Electronic Mail Security

Chapter 18

ELECTRONIC MAIL SECURITY

o Pretty Good Privacy

·        Notation

·        Operational Description Cryptographic Keys and Key Rings Public-Key  Management

o S/MIME

·        RFC 5322

·        Multipurpose Internet Mail Extensions S/MIME Functionality

·        S/MIME Messages

·        S/MIME Certificate Processing Enhanced Security Services

o DomainKeys Identified Mail

·        Internet Mail Architecture E-mail Threats

·        DKIM Strategy

·        DKIM Functional Flow

KEY POINTS

◆      PGP is an open-source, freely available software package for e-mail secu- rity. It provides authentication through the use of digital signature, confidentiality through the use of symmetric block encryption, compression using the ZIP algorithm, and e-mail compatibility using the radix-64 encoding scheme.

◆      PGP incorporates tools for developing a public-key trust model and public-key certificate management.

◆      S/MIME is an Internet standard approach to e-mail security that incorporates the same functionality as PGP.

◆      DKIM is a specification used by e-mail providers for cryptographically signing e-mail messages on behalf of the source domain.

In virtually all distributed environments, electronic mail is the most heavily used network-based application. Users expect to be able to, and do, send e-mail to others who are connected directly or indirectly to the Internet, regardless of host operating system or communications suite. With the explo- sively growing reliance on e-mail, there grows a demand for authentication and confidentiality services. Two schemes stand out as approaches that enjoy widespread use: Pretty Good Privacy (PGP) and S/MIME. Both are examined in this chapter. The chapter closes with a discussion of DomainKeys Identified Mail.