1 / 22

Email Security

Email Security . SMIME. Email Protocol Overview. Simple Mail Transfer Protocol ( SMTP ) It is an Internet standard for e-mail transmission across Internet Protocol (IP) networks.

nikita
Télécharger la présentation

Email Security

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Email Security SMIME IT352 | Network Security |Najwa AlGhamdi

  2. Email Protocol Overview • Simple Mail Transfer Protocol (SMTP) • It is an Internet standard for e-mail transmission across Internet Protocol (IP) networks. • Through this protocol ,a mail sender communicates with a mail receiver by issuing command strings and supplying necessary data over a TCP connection. IT352 | Network Security |Najwa AlGhamdi

  3. Email Protocol Overview • A typical example of sending a message via SMTP to two mailboxes (alice and theboss) located in the same mail domain (example.com or localhost.com) is reproduced in the following session exchange IT352 | Network Security |Najwa AlGhamdi

  4. Email Protocol Overview SMTP Drawbacks • SMTP cannot transmit text data that includes national language characters because these are represented by 8-bit codes with values of 128 decimal or higher, and SMTP is limited to 7-bit ASCII. • SMTP servers may reject mail message over a certain size. • SMTP gateways that translate between ASCII to EBCDIC suffer translation problems. IT352 | Network Security |Najwa AlGhamdi

  5. Email Protocol Overview 2. Multipurpose Internet Mail Extensions (MIME) • is an Internet standard that extends the format of email to support: • Text in character sets other than ASCII • Non-text attachments • Message bodies with multiple parts • MIME's use has grown beyond describing the content of email to describe content type in general including for the web . • SMTP/MIME email l Email is transmitted via SMTP in MIME format. IT352 | Network Security |Najwa AlGhamdi

  6. Email Protocol Overview MIME specification includes the following elements: • Five new message header fields. These fields provide information about the body of the message. • MIME veriosn • Content-Type : describe the data contain in the body. • Content transfer encoding: indicate the type of transformation that has been used to represent the body of the message in a way that is acceptable for mail transport. • Content ID. • Content description. • A number of content formats are defined, thus standardizing representations that supports multimedia e-mail. • Transfer encodings are defined that enable that protect any content format to be altered by the mail system. IT352 | Network Security |Najwa AlGhamdi

  7. Email Protocol Overview MIME specification includes the following elements: 2. A number of content formats are defined, thus standardizing representations that supports multimedia e-mail. IT352 | Network Security |Najwa AlGhamdi

  8. Example of multipart message From: Nathaniel Borenstein <nsb@bellcore.com> To: Ned Freed ned@innosoft.com Subject: Sample message MIME-Version: 1.0 Content-type: multipart/mixed; boundary=“ simple boundary“ This is the preamble. It is to be ignored, though it is a handy place for mail composers to include an explanatory note to non-MIME conformant readers. --simple boundary This is implicitly typed plain ASCII text. It does NOT end with a linebreak. --simple boundary Content-type: text/plain; charset=us-ascii This is explicitly typed plain ASCII text. It DOES end with a linebreak. --simple boundary-- This is the epilogue. It is also to be ignored. IT352 | Network Security |NajwaAlGhamdi

  9. Email Protocol Overview MIME specification includes the following elements: 3.Transfer encodings are defined that enable that protect any content format to be altered by the mail system. IT352 | Network Security |Najwa AlGhamdi

  10. S/MIME (Secure/Multipurpose Internet Mail Extensions) • security enhancement to MIME email • have S/MIME support in many mail agents • MS Outlook, Mozilla, Mac Mail etc

  11. S/MIME Functions • S/MIME is very similar to PGP. Both offer the ability to sign and/or encrypt messages. • S/MIME Security Functions : • Enveloped data: This consists of encrypted content of any type and encrypted content encryption keys for one or more users. This functions provides privacy and data security. 2. Signed data: A digital signature is formed by signing the message digest and then encrypting that with the signer private key. • The content and the signature are then encoded using base64 encoding. This function provides authenticity, message integrity and non-repudiation of origin.

  12. S/MIME Functions • S/MIME Security Functions : 3. Clear signed data: In this case a digital signature of the content is formed, However only the signature is encoded with base64. 4. Signed and enveloped data: (2) & (1) may be nested : • Encrypted data could be signed. • Or signed data could be encrypted.

  13. S/MIME Cryptographic Algorithms • digital signatures: DSS & RSA • hash functions: SHA-1 & MD5 • session key encryption: ElGamal & RSA • message encryption: AES, Triple-DES, RC2/40 and others • MAC: HMAC with SHA-1

  14. S/MIME Messages • A MIME entity may be an entire message or one or more of the subparts of the message. • S/MIME secures a MIME entity with a signature, encryption, or both to form a MIME wrapped (public-key cryptography specifications )PKCS object • A PKCS Object is then treated as message content . • have a range of content-types: • enveloped data • signed data • clear-signed data • registration request • certificate only message

  15. Recipient’s public key Diffie-Hellman / RSA Encrypt the session key Pseudorandom session key (3DES or RC2/40)ׁׁ M Certificate RecipientInfo enveloped-data + S/MIME - Message Enveloped Data:

  16. Sender’s private key Hash function SHA-1 or MD5 Encryption M Certificate SignerInfo Base64 encoding S/MIME Message SignedData:

  17. S/MIME - Message Clear signing: • Clear signing is achieved using the multipart content type with a signed sub-type . Two parts: • Clear text (or any MIME type) encoded in base64. • SignedData.

  18. S/MIME - Message Content-Type: multipart/signed; protocol=“application/pkcs7-signature”; micalg=sha1; boundary=boundary42 --boundary42 Content-Type: text/plain This is a clear-signed message. --boundary42 Content-Type: application/pkcs7-signature; name=smime.p7s Content-Transfer-Encoding: base64 Content-Disposition: attachment; filename=smime.p7s ghyHhHUujhJhjH77n8HHGTrfvbnj756tbB9HG4VQpfyF467GhIGfHfYT6 4VQpfyF467GhIGfHfYT6jH77n8HHGghyHhHUujhJh756tbB9HGTrfvbnj n8HHGTrfvhJhjH776tbB9HG4VQbnj7567GhIGfHfYT6ghyHhHUujpfyF4 --boundary42-- This parameter indicates that this is a two part clear-signed entity. This parameter indicates the type of message digest used. Unsigned Data SignerInfo Header

  19. Subject’s name Public-key in bit-string representation 010111010011… + ? Public-key ID CertificationRequestInfo PKCS10 CA User’s private key S/MIME - Message Registration request: A user will apply for certification authorities

  20. S/MIME - Message Certificate-only message: • Used to transport certificates. • contains only certificates or a certificate revocation list (CRL). • Sent in response to a registration request.

  21. S/MIME - Message Creating a Certificates-only Message: Step 1: The certificates are made available to the CMS generating process which creates a CMS object of type signedData. Step 2: The CMS signedData object is enclosed in an application/pkcs7-mime MIME entity. • The smime-type parameter for a certs-only message is "certs-only". • The file extension for this type of message is ".p7c".

  22. S/MIME Certificate Processing • S/MIME uses X.509 v3 certificates • The key-management scheme used by S/MIME is in some ways managed using a hybrid of a strict X.509 CA hierarchy & PGP’s web of trust • each client has a list of trusted CA’s certs • and own public/private key pairs & certs • certificates must be signed by trusted CA’s

More Related