SECURITY LAW Presented by Rebecca. Wang Civil&Commercial Law School.
Network Security: Lab#4-1 E-mail Security J. H. Wang Dec. 3, 2013.
-
Upload
bernice-jones -
Category
Documents
-
view
212 -
download
0
Transcript of Network Security: Lab#4-1 E-mail Security J. H. Wang Dec. 3, 2013.
![Page 1: Network Security: Lab#4-1 E-mail Security J. H. Wang Dec. 3, 2013.](https://reader036.fdocuments.in/reader036/viewer/2022083008/56649ea15503460f94ba47fd/html5/thumbnails/1.jpg)
Network Security: Lab#4-1E-mail Security
J. H. WangDec. 3, 2013
![Page 2: Network Security: Lab#4-1 E-mail Security J. H. Wang Dec. 3, 2013.](https://reader036.fdocuments.in/reader036/viewer/2022083008/56649ea15503460f94ba47fd/html5/thumbnails/2.jpg)
Objectives
• To learn to use e-mail security tools– PGP
• To learn the availability of email security libraries– S/MIME– DKIM
![Page 3: Network Security: Lab#4-1 E-mail Security J. H. Wang Dec. 3, 2013.](https://reader036.fdocuments.in/reader036/viewer/2022083008/56649ea15503460f94ba47fd/html5/thumbnails/3.jpg)
Packages & Libraries in this Lab
• Packages– GPG4win: for Windows
• Libraries– OpenDKIM
![Page 4: Network Security: Lab#4-1 E-mail Security J. H. Wang Dec. 3, 2013.](https://reader036.fdocuments.in/reader036/viewer/2022083008/56649ea15503460f94ba47fd/html5/thumbnails/4.jpg)
Experiment Scenario
• Signing/verification of files using certificates– Create a new certificate– Encrypt/sign the file “original.txt” into another file
“enc.txt” (using sender’s certificate)– Then, we decrypt/verify it and get another file
“dec.txt” (using sender’s certificate), and check if the decrypted file is the same as the original file
• Sending/receiving e-mails with certificates– Set up email account– Read mails– Send mails
![Page 5: Network Security: Lab#4-1 E-mail Security J. H. Wang Dec. 3, 2013.](https://reader036.fdocuments.in/reader036/viewer/2022083008/56649ea15503460f94ba47fd/html5/thumbnails/5.jpg)
GnuPG Privacy Guard
• Homepage: http://www.gnupg.org/• Version:
– 1.4.15 (portable standalone version) – 2.0.22 (enhanced version, harder to build)
• Platforms: Linux/FreeBSD/Windows/MacOS X
• An implementation of OpenPGP• Installation steps
– (skipped)
![Page 6: Network Security: Lab#4-1 E-mail Security J. H. Wang Dec. 3, 2013.](https://reader036.fdocuments.in/reader036/viewer/2022083008/56649ea15503460f94ba47fd/html5/thumbnails/6.jpg)
GPG4win
• Homepage: http://www.gpg4win.org/ • Latest version: 2.2.1• OpenPGP: an open standard for e-
mail security (RFC 4880) – S/MIME also included
• Installation steps:– Simply follow the instructions on screen
![Page 7: Network Security: Lab#4-1 E-mail Security J. H. Wang Dec. 3, 2013.](https://reader036.fdocuments.in/reader036/viewer/2022083008/56649ea15503460f94ba47fd/html5/thumbnails/7.jpg)
Other Tools Included in GPG4win
• Kleopatra: GnuPG certificate manager– New certificate– Encrypting/Signing a file– Decrypting/Verifying a file
• Claws Mail: a mail reader– Setting up your mail account– Reading mails– Sending mails
![Page 8: Network Security: Lab#4-1 E-mail Security J. H. Wang Dec. 3, 2013.](https://reader036.fdocuments.in/reader036/viewer/2022083008/56649ea15503460f94ba47fd/html5/thumbnails/8.jpg)
Microsoft Outlook Support in GPG4win
• PGP for Outlook– GpgOL 1.0 can support OpenPGP and
S/MIME
![Page 9: Network Security: Lab#4-1 E-mail Security J. H. Wang Dec. 3, 2013.](https://reader036.fdocuments.in/reader036/viewer/2022083008/56649ea15503460f94ba47fd/html5/thumbnails/9.jpg)
Configuring Outlook for S/MIME
• Configure Your Personal Email Certificates• Send a Signed Message• Read a Signed Message• Check the Credentials of a Signed
Message• Send an Encrypted Message• Read an Encrypted Message• Get Certificates for Other Users
![Page 10: Network Security: Lab#4-1 E-mail Security J. H. Wang Dec. 3, 2013.](https://reader036.fdocuments.in/reader036/viewer/2022083008/56649ea15503460f94ba47fd/html5/thumbnails/10.jpg)
OpenDKIM• Homepage: http://www.opendkim.org/
– Latest version: opendkim 2.8.4– C library for DKIM service: libmilter– Also a milter-based filter application: opendkim
• Can plug in to any milter-based MTAs: Sendmail, PostFix
• An open source implementation for IETF DKIM standard (RFC 6376) based on dkim-milter from Sendmail– Library: libdkim – Milter: dkim-milter 2.8.3 (plugins to sendmail)
• Also includes implementations of– ADSP (Author Domain Signing Practises): RFC 5617– VBR (Vouch by Reference): RFC 5518
![Page 11: Network Security: Lab#4-1 E-mail Security J. H. Wang Dec. 3, 2013.](https://reader036.fdocuments.in/reader036/viewer/2022083008/56649ea15503460f94ba47fd/html5/thumbnails/11.jpg)
Configuration and Installation
• Compilation of opendkim– Download opendkim-2.8.4.tar.gz– tar -xzvf opendkim-2.8.4.tar.gz – cd opendkim-2.8.4– ./configure– make– make install
• Configuration of opendkim– For signing and verification
• Install opendkim and configure your MTA
![Page 12: Network Security: Lab#4-1 E-mail Security J. H. Wang Dec. 3, 2013.](https://reader036.fdocuments.in/reader036/viewer/2022083008/56649ea15503460f94ba47fd/html5/thumbnails/12.jpg)
Summary
• Email security– PGP– S/MIME– DKIM