1 / 8

E-mail Security

E-mail Security. CS 519 Cryptography and Network Security Instructor: Ali Aydin Selcuk. Security Services for E-mail. privacy authentication integrity non-repudiation anonymity proof of submission proof of delivery message flow confidentiality, etc. Key Management.

bunny
Download Presentation

E-mail Security

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. E-mail Security CS 519 Cryptography and Network Security Instructor: Ali Aydin Selcuk E-mail Security

  2. Security Services for E-mail • privacy • authentication • integrity • non-repudiation • anonymity • proof of submission • proof of delivery • message flow confidentiality, etc. E-mail Security

  3. Key Management • A per-message symmetric key is used for message encryption, • which is conveyed in the mail, encrypted under a long-term key (typically a public key) • Long-term keys can be established, • offline • online, with help from a trusted third party • online, through a webpage (for public keys) E-mail Security

  4. Multiple Recipients • Message key will be encrypted under each recipients long term key in the message header. • Bob’s ID, KBob{S} • Carol’s ID, KCarol{S} • Ted’s ID, KTed{S} • S{m} • E.g.: To: Bob, Carol, Ted From: Alice Key-info: Bob-4276724736874376 Key-info: Carol-78657438676783457 Key-info: Ted-12873486743009 Msg-info: UHGuiy77t65fhj87oi..... E-mail Security

  5. Text Format Issues • Mail gateways/forwarders may modify the format of the message (wrapping long lines, end-of-line character, high order bits, etc.), causing the integrity check to fail • Encode messages in a format supported by all mailers. 6-bit representation, no long lines, etc. (similar to uuencode) E-mail Security

  6. Text Format Issues (cont’d) • Problem: Non-supportive clients should be able to read authenticated (but not encrypted) messages, which they no longer can. • Two options: • MAC without encoding (subject to corruption by mail routers) • Encode & MAC/encrypt (may not be readable at the other end) E-mail Security

  7. Providing Different Services • confidentiality: by encryption • auth./integrity: by signature or MAC • non-repudiation: by signature • some eccentric services, • anonymity • message flow confidentiality • non-repudiation with secret keys can be provided by TTP support. E-mail Security

  8. Providing Services (cont’d) • Authentication with plausible deniability: • with MAC, if shared key exists • with public-key signature: • Alice, to send message m to Bob, • chooses a random symmetric key S • computes [{S}Bob]Alice • computes MACS(m) • sends m, MACS(m), [{S}Bob]Alice Bob can prove that Alice sent him S, but not that she sent him m. E-mail Security

More Related