E-Mail Security Applications

Several applications employing various cryptographic techniques have been developed to provide confidentiality, integrity, authentication, non-repudiation, and access control for e-mail communications.

check.png Secure Multipurpose Internet Mail Extensions (S/MIME): S/MIME is a secure method of sending e-mail incorporated into several popular browsers and e-mail applications. S/MIME provides confidentiality and authentication by using the RSA asymmetric key system, digital signatures, and X.509 digital certificates. S/MIME complies with the Public Key Cryptography Standard (PKCS) #7 format and has been proposed as a standard to the Internet Engineering Task Force (IETF).

check.png MIME Object Security Services (MOSS): MOSS provides confidentiality, integrity, identification and authentication, and non-repudiation by using MD2 or MD5, RSA asymmetric keys, and DES. MOSS has never been widely implemented or used.

check.png Privacy Enhanced Mail (PEM): PEM was proposed as a PKCS-compliant standard by the IETF but has never been widely implemented or used. It provides confidentiality and authentication by using 3DES for encryption, MD2 or MD5 message digests, X.509 digital certificates, and the RSA asymmetric system for digital signatures and secure key distribution.

check.png Pretty Good Privacy (PGP): PGP is a popular e-mail encryption application. It provides confidentiality and authentication by using the IDEA Cipher for encryption and the RSA asymmetric system for digital signatures and secure key distribution. Instead of a central Certificate Authority (CA), PGP uses a trust model (in which the communicating parties implicitly trust each other), which is ideally suited for smaller groups to validate user identity (as opposed to a PKI infrastructure, which can be costly and difficult to maintain).

Today two basic versions of PGP software are available: Freeware versions from PGP International at www.pgpi.org , and a commercial version from Symantec Corporation at www.symantec.com . There is also an open-source version, called GPG, available at www.gnupg.org .

tip.eps Symantec acquired the commercial version of PGP in 2010. Symantec’s PGP product line includes a whole disk encryption solution.

instantanswer.eps PGP is a freeware e-mail security application (free to individuals, not organizations) that uses the IDEA algorithm (symmetric) for encryption and the RSA algorithm (asymmetric) for key distribution and digital signatures.

..................Content has been hidden....................

You can't read the all page of ebook, please click here login for view all page.
Reset
3.148.144.228