80 likes | 252 Views
Internal Email Encryption TLS Protocol (Transport Layer Security). Current Email Configuration. Messages transmitted in clear text. Mail Hub. Current Email Configuration. Future Email Configuration. Messages encrypted in transit. Mail Hub. TLS Transport Layer Security.
E N D
Internal Email EncryptionTLS Protocol(Transport Layer Security)
Current Email Configuration Messages transmitted in clear text Mail Hub Current Email Configuration
Future Email Configuration Messages encrypted in transit Mail Hub
TLSTransport Layer Security • A Protocol that ensures privacy between communicating applications. • TLS is composed of two layers: • TLS Record Protocol • TLS Handshake Protocol. • The TLS Handshake Protocol first negotiates a key exchange using an asymmetric algorithm such as RSA or Diffie-Hellman. • The TLS Record Protocol • Opens an encrypted channel using a symmetric algorithm such as RC4, IDEA, DES, or 3DES. • Hashing algorithms such as MD5 and SHA are used to ensure that communications are not altered in transit.
TLSTransport Layer Security Security Benefits of Using TLS • Each mail server authenticates to the other, making it harder to send spoofed e-mail.Spoof: To deceive for the purpose of gaining access to someone else's resources • The contents of the e-mails sent between the servers are encrypted, protecting them from prying eyes while in transit. • The encryption of the conversation between the hosts makes it exceedingly difficult for an attacker to tamper with the e-mail's contents. • Low cost to implement, excellent ROI
TLS Implementation Progress Resources Required • OET is hiring an independent contractor to assist with agency implementations • SOW is in process • Scheduling agency implementations in early December, 2006.
Rick EnsenbachCISSP-ISSMP, CISA, CISM Rick.Ensenbach@state.mn.us 651.201.2790 Joe Arel Joe.Arel@state.mn.us 651.201.1031