E-mail Security using Encryption Security Features Message Origin Authentication - verifying that...
-
Upload
vincent-skinner -
Category
Documents
-
view
213 -
download
1
Transcript of E-mail Security using Encryption Security Features Message Origin Authentication - verifying that...
E-mail Security using EncryptionSecurity Features
• Message Origin Authentication - verifying that the sender is who he or she says they are
• Content Integrity - verifying that the message was not changed after sender sent it
• Content Confidentiality - making certain that only the intended recipient reads the message
• Proof of Delivery - making certain that the message was delivered
Continued...
1
2
3
4
E-mail Security using EncryptionSecurity Features
• Message Sequence Integrity - making certain that all messages were delivered in proper order.
• Non-repudiation of Origin - being able to prove that sender sent a message.
• Non-repudiation of Delivery - being able to prove that a recipient got a message.
Continued...
5
6
7
E-mail Security using EncryptionSecurity Features
• Message Security Labeling - labeling a message with handling instructions.
• Message Flow Confidentiality - making certain no one knows who you exchange mail with.
• Secure Access Management - making certain no one uses your e-mail system without being authorized.
8
9
10
E-mail Security using EncryptionOperation
• All secure e-mail systems work roughly the same way.– Calculate a message digest of the message.
– Encrypt the message digest with sender’s private key.
– Encrypt the mail with a session key (random).
– Encrypt the session key with receiver’s public key.
E-mail Security using EncryptionOperation
• Receiver must:– Decrypt session key with the receiver’s private key.
– Decrypt the message with session key.
– Decrypt message digest with the sender’s public key.
– Calculate a message digest and compare to the one that was sent.• Encrypted message digest serves as both signature and
integrity check.
Sender Functions:
Email message
Create
Message Digest
Private Key
Encrypt MD with Sender’s
Digital Signature
Email message
Encrypt Bundlewith Session Key
(Random Number)
Digit al
Si gna tur e
Em
ai l messa ge
Encrypt withReceiver’s Public Key
{SEND }
1 2
Bundle3
45
6
7
1 2
3
4 Set Reply Request
6
5
SN
8
9
10 C
onfi
den
tial
Encapsulate Header
Require Private Key to unlock Workstation
SN
Con
fid
enti
al
SNConfidential
Message Sequence No
SecurityLabeling
BUSINESS PROTOCOL
BUSINESS PROTOCOL
BUSINESS PROTOCOL
BUSINESS PROTOCOL
Receiver Functions:
Dig
ital
S
i gna
tur e
Em
ail m
essa
ge
{ }
Receive
Decrypt session key withReceiver’s Private Key
1
Decrypt Bundlewith Session Key
2
Digital Signature
Email message
Bundle
3Public Key
Decrypt MD with Sender’s
Message Digest
Create
Message Digest
4Email message SN
Con
fid
enti
al
SN
Con
fid
enti
al
0 = {5
6 Read Message
Compare MD’s
SN Confidential
7Repeat Process in other direction for
Non-Repudiation of Delivery
BUSINESS PROTOCOL