Email Security Presentation
-
Upload
yosef-gamble -
Category
Documents
-
view
282 -
download
0
Transcript of Email Security Presentation
![Page 1: Email Security Presentation](https://reader036.fdocuments.in/reader036/viewer/2022082904/5886aaf31a28ab0c1d8b7fbf/html5/thumbnails/1.jpg)
Email Security & Development
By: Yosef GambleCS 325
https://commons.wikimedia.org/wiki/File:Crypto_key.svg
![Page 2: Email Security Presentation](https://reader036.fdocuments.in/reader036/viewer/2022082904/5886aaf31a28ab0c1d8b7fbf/html5/thumbnails/2.jpg)
Table of Contents
Email Security Flaws
Encryption TechniquesPublic key Infrastructure (PKI)
Pretty Good Privacy (PGP)
Application
Future Development
![Page 3: Email Security Presentation](https://reader036.fdocuments.in/reader036/viewer/2022082904/5886aaf31a28ab0c1d8b7fbf/html5/thumbnails/3.jpg)
Email Security Flaws
Email is sent in plain text.
Email uses outdated protocol, Simple Mail
Transfer Protocol (SMTP).
Includes a header full of revealing metadata.
Can easily become intercepted.
![Page 4: Email Security Presentation](https://reader036.fdocuments.in/reader036/viewer/2022082904/5886aaf31a28ab0c1d8b7fbf/html5/thumbnails/4.jpg)
Encryption Techniques - PKIPublic Key InfrastructureIntroduced public/private key encryption using
certificatesRelied on Third-Party vendorsWidely used in Corporate environment
https://en.wikipedia.org/wiki/Public_key_infrastructure#mediaviewer/File:Public-Key-Infrastructure.svg
![Page 5: Email Security Presentation](https://reader036.fdocuments.in/reader036/viewer/2022082904/5886aaf31a28ab0c1d8b7fbf/html5/thumbnails/5.jpg)
Encryption Technique - PGP
Pretty Good Privacy
Decentralised version of PKI
Removed Third-Party Involvement
Uses ‘Web of Trust’ authentication
https://www.sandboxgeneral.com/?p=974
![Page 6: Email Security Presentation](https://reader036.fdocuments.in/reader036/viewer/2022082904/5886aaf31a28ab0c1d8b7fbf/html5/thumbnails/6.jpg)
Applications
GNU Privacy Guard (GnuPG)HushmailLavabit, Silent Circle, & PrivateSkyThird-Party Plugins Webmail
https://en.wikipedia.org/wiki/GNU_Privacy_Guard#mediaviewer/File:Gnupg_logo.svg
![Page 7: Email Security Presentation](https://reader036.fdocuments.in/reader036/viewer/2022082904/5886aaf31a28ab0c1d8b7fbf/html5/thumbnails/7.jpg)
Future Development
Focus on End-to-End Email Encryption and Usability
Dark Mail ProjectExtensible Messaging and Presence Protocol
(XMPP)
http://www.darkmail.info
![Page 8: Email Security Presentation](https://reader036.fdocuments.in/reader036/viewer/2022082904/5886aaf31a28ab0c1d8b7fbf/html5/thumbnails/8.jpg)
Conclusion
Email Security Flaws
Encryption TechniquesPublic key Infrastructure (PKI)
Pretty Good Privacy (PGP)
Application
Future Development
![Page 9: Email Security Presentation](https://reader036.fdocuments.in/reader036/viewer/2022082904/5886aaf31a28ab0c1d8b7fbf/html5/thumbnails/9.jpg)
Questions?
?
![Page 10: Email Security Presentation](https://reader036.fdocuments.in/reader036/viewer/2022082904/5886aaf31a28ab0c1d8b7fbf/html5/thumbnails/10.jpg)
Works Cited
Bradbury, D. (2014, March). Can we make email secure? Network Security, 2014(3), 13-16. Retrieved May 27, 2014, from ACM Database.
Ellison, C., & Schneier, B. (2000). Risks of pki: Secure email. Communications of the ACM, 43(1), 160.
Hallam-Baker P. (2014). Privacy protected email. Retrieved from https://www.w3.org/2014/strint/papers/01.pdf
Nguyen P. (2004). Can we trust cryptographic software? cryptographic flaws in gnu privacy guard V1.2.3. In C. Cachin and J. Camenisch (Eds.), Advances in Cryptology - EUROCRYPT 2004, 3027, 555-570.
Shelley L. I. (2003). Organized crime, terrorism and cybercrime. In A. Bryden, P. Fluri (Eds.), Security sector reform: Institutions, society and good governance (pp. 303-312). Baden-Baden, DE: Nomos Verlagsgesellschaft.
Yu J., Cheval V., Ryan M. (2014). Challenges with end-to-end email encryption. Retrieved from https://www.w3.org/2014/strint/papers/08.pdf