Title: Email the killer app
1Email the killer app
2Email Issues
- E-mail basics
- Confidentiality
- Integrity
- Authenticity
- Spam
- Vehicle for malware
- Management
- Best Practices
3E-Mail Basics
- Importance of E-Mail
- Universal service on the Internet (9.7 billion in
2000, expected to be 35 billion by 2005) - Attachments make e-mail a general file delivery
mechanism - Viruses, worms, and spam, and other abuses
4E-Mail Security
- E-Mail Technology
- E-Mail Clients and Mail Servers
- Mail server software Sendmail on UNIX, Microsoft
Exchange, and Lotus/IBM Notes - Exchange dominate on Windows servers
- Microsoft Outlook Express is safer than
full-featured Outlook because Outlook Express
generally does not execute content
5E-Mail Standards
SMTP To Send
SMTP To Send
Receivers Mail Server
Senders Mail Server
Simple Mail Transfer Protocol (SMTP) to transmit
mail in real time to a users mail server or
between mail servers Sender-initiated
Sending E-Mail Client
Receiving E-Mail Client
6E-Mail Standards
POP or IMAP To Receive
Receivers Mail Server
Senders Mail Server
POP or IMAP to download mail to receiver when the
receiver is next capable of downloading
mail. Receiver-initiated
Sending E-Mail Client
Receiving E-Mail Client
7E-Mail
- E-Mail Standards
- Downloading mail to client
- Post Office Protocol (POP) Simple and widely
used - Internet Message Application Program (IMAP) More
powerful, can manage messages on the receivers
mail host, less widely used
8E-Mail Standards
Receivers Mail Server
Senders Mail Server
Message Body Format Standard
Sending E-Mail Client
Receiving E-Mail Client
RFC 822 or 2822 HTML body UNICODE
9Figure 9-6 E-Mail Security
- E-Mail Technology
- E-mail bodies
- RFC 822 / RFC 2822 Plain English text
- HTML bodies Graphics, fonts, etc.
- HTML bodies might contain scripts, which might
execute automatically when user opens the message - Web-based e-mail needs only a browser on the
client PC
10Interactions in the Simple Mail Transfer Protocol
(SMTP)
Actor
Command
Comment
Receiving SMTP Process
220 Mail.Panko.Com Ready
When a TCP connection is opened, the
receiver signals that is is ready.
Sending SMTP Process
HELO Voyager.cba.Hawaii.edu
Sender asks to begin Sending a message. Gives own
identity.
Receiver
250 Mail.Panko.Com
Receiver signals that it Is ready to
begin Receiving a message.
11Interactions in the Simple Mail Transfer Protocol
(SMTP)
Actor
Command
Comment
Sender
MAIL FROM Panko_at_ voyager.cba.hawaii.edu
Sender identifies the sender (mail author, not
SMTP process).
Receiver
250 OK
Accepts author. However, May reject mail from
others.
Sender
RCPT TO Ray_at_Panko.com
Identifies first mail recipient.
Receiver
250 OK
Accepts first recipient
12Interactions in the Simple Mail Transfer Protocol
(SMTP)
Actor
Command
Comment
Sender
RCPT TOLee_at_Panko.com
Identifies second mail Recipient.
Receiver
550 No such user here
Does not accept second Recipient. However will
deliver to first recipient.
Sender
DATA
Message will follow.
Receiver
354 Start mail input end with ltCRLFgt.ltCRLFgt
Gives permission to send message.
13Interactions in the Simple Mail Transfer Protocol
(SMTP)
Actor
Command
Comment
Sender
When in the course
The message. Multiple lines Of text. Ends with
line Containing only a single Period
ltCRLFgt.ltCRLFgt
Receiver
250 OK
Receiver accepts message.
Sender
QUIT
Requests termination of Session.
Receiver
221 Mail.Panko.Com Service Closing transmission
channel
End of transmission.
14E-Mail Security
- How do we address issues of
- Confidentiality
- Authenticity
- Integrity
- Need some form of secure email
15Secure Email Choices
- Services sold to end user administrated via Web
E-Mail interface - Proprietary software products
- S/MIME Standard build into many mail clients
- Software products that use open standards
16E-Mail Services
- HushMail
- Web based
- 2048 bit strong encryption end to end
- Uses OpenPGP Standard
- Public/Private Key plus symmetric keys
- Standard email communication
- Secure email embedded in your web site via use of
forms
17- Mailwatch
- An e-mail boundary solution that prevents errant
e-mail messages from damaging a company's
network, reputation, or business relationships. - Content control
- Malware scanning
18- CertifiedMail
- Certified Email Appliance
- Hardened OS, SSL transport encryption, encrypted
database, X.509 certificates - Certified Mail Server
- Hardware and Software solution
- Biometrics, SecureId, X.509 Certificates
- Meets HIPAA requirements for healthcare industry,
meets SEC guidelines for financial institutions
for delivering sensitive financial documents and
trade confirmations.
19- Certified Mail ASP
- send secure, trackable e-mail messages to any
Internet user - provides a web interface to create, track and
receive CertifiedMail messages, and a Send
Certified plug-in to provide one-click sending of
secure messages from your e-mail client. - Send to individuals or groups of users and know
who has opened your message - Stay in touch with secure messages from your
Internet-enabled cell phone
20- CryptoHeaven
- a secure Internet communications service
comprised of the following components Secure
Email , Secure Online Storage, File Sharing and
File Distribution - Secure Instant Messaging and Chatting
- Secure and Private Discussion Forums
- CryptoHeaven is easy to use and offers total
end-to-end security with state of the art 256 bit
encryption. Here is what you get - 2048 to 4096 bit asymmetric and 256 bit symmetric
key encryption - no third party keyholder
21- automatic key and contact management
- all services integrated and available from a
single user interface - no personal information - no names, no addresses,
no credit card numbers required - system free from any type of snooping and
interference, including any and all types of
governments and "authorities" - CryptoHeaven offers free and premium accounts.
Use CryptoHeaven and communicate in total
privacy. CryptoHeaven is by far the easiest to
use secure communications service, all you have
to do is just download a small client front-end.
22Secure / Multipurpose Internet Mail Extension
- Enhancement to MIME
- Uses technology from RSA
- The standard for commercial and organizational
use - Need to understand
- RFC 822
- Mime
23RFC 822
- Defines a format for text messages
- Message
- Envelope that information necessary to
accomplish transmission and delivery - Contents the object to be delivered to the
recipient - RFC 822 applies to contents
24- Contents includes header fields used by mail
system to create the envelope - Header fields available to programs
- Message consists of ASCII text
- Some number of header lines
- Unrestricted text as body
- Separated by blank line
25- Header line consists of keyword followed by ,
followed by keyword argument I.e - Date Tue, 16 Jan 1998 103717 (EST)
- From Bruce P. Tis btis_at_simmons.edu
- Subject Sample Message
- To student_at_simmons.edu
26Multipurpose Internet Mail Extensions
- Extension to RFC 822
- Address limitations of the use of SMTP and RFC 822
27Limitations of SMTP/RFC822
- Cannot transmit executable files or other binary
objects - Cannot transmit national language characters 8
bit ASCII - SMTP restricts message size
- SMTP gateways that translate from ASCII to
EBCIDIC do not use consistent set of mappings
28- SMTP gateways to X.400 cannot handle nontextual
data included in X.400 - Some SMTP implementations do not adhere
completely to SMTP standards defined in RFC 821
29MIME
- Resolves problems compatible with RFC 822
implementations - Five new header fields about body
- A number of content formats that standardize
multimedia email - Transfer encodings that enable conversion of any
content into form that is protected from
alteration by mail systems
30MIME Header Fields
- MIME-Version
- Content-Type describes data in body
- Content-Transfer-Encoding indicates type of
transformation used to represent data - Content-ID used to identify MIME entities
uniquely in multiple contexts - Content-Description test description of the
object within the body
31Content Types
- Text
- Plain
- Enriched
- Multipart
- Mixed
- Parallel
- Alternative
- Digest
- Message
- Rfc822
- Partial
- External-body
- Image
- Jpeg
- Gif
- Video
- Audio
- Application
- Postscript
- Octet-stream
32MIME Transfer Encoding
- 7bit short lines of ASCII characters
- 8bit short lines but may be non-ASCII
characters - Binary may have long lines
- Quoted printable encoded ASCII characters not
recognizable - Base64 map 6bit blocks into 8 bit block so all
are printable - X-token a named non-standard encoding
33(No Transcript)
34S/MIME Functionality
- Sign and/or Encrypt messages
- Look at
- Capability
- Message formats
- Message preparation
35- Enveloped data encrypted content of any type
and encrypted content encryption keys for one or
more recipients - Signed data (digital signature)
- Encrypt message digest with private key of sender
- Content plus signature encoded using base64
36- Clear signed data only digital signature is
encrypted - Signed and enveloped data signed only and
encrypted only entities may be nested
37Cryptographic Algorithms
- Message Digest
- SHA-1 and MD5
- Encryption of message digest
- DSS
- RSA 512-1024 bit keys
- Encryption of session key
- Diffie-Hellman
- RSA
- Encryption of message contents
- Triple DES
- RC2/40
38- Protocol includes procedure for sending and
receiving station to negotiate which algorithms
to use - Always tries to use most secure algorithm
- If multiple recipients cant agree then message
sent multiple times with different algorithms
39S/MIME Messages Content Types
- Multipart Signed clear signed message in two
parts, message and signature - Application
- Pkcs7-mime signedData- a signed entity
- Pkcs7-mime envelopedData encrypted
- Pkcs7-mime degenerate signedData only contains
public key certificates - Pkcs7-signature signature subpart of a
multipart/signed message - Pkcs10-mime a certificate registration request
40Securing a MIME Entity
- Secures with signature, encryption or both
- May be entire message or one or more subparts of
the message - Entity prepared according to rules of MIME plus
security related data - Algorithm identifiers
- Certificates
41- Produces PKCS object wrapped in MIME
- Message converted to canonical form
- Since PKCS object is binary encoded into base64
42Enveloped Data
- Generate session key for rc2/triple DES
- Encrypt session key with recipients public RSA
key - Prepare RecipientInfo block containing
- Senders public key certificate
- Id of algorithm used to encrypt session key
- Encrypted session key
- Encrypt message content with session key
- Encode into base64
43Signed Data
- Select message digest algorithm SHA or MD5
- Compute message digest
- Encrypt message digest with signers private key
- Prepare SignerInfo block containing
- Signers public key certificate
- ID of message digest algorithm
- ID of algorithm used to encrypt message digest
- Encrypted message digest
44Clear Signing
- Uses multipart content type with signed subtype
- Message sent in the clear
- Message consists of two parts
- Message contents
- Signature with a content type of application and
a subtype of pkcs7-signature
45Registration Request
- Application/pkcs10 entity
- Request includes
- certificationRequestInfo block
- Name of certificate subject
- Users public key
- Id of public key encryption algorithm
- Signature of certificationRequestInfo block
46Certificates-Only Message
- Message containing only certificates or
certificate revocation list - Same as signedData message
47S/MIME Certificate Processing
- Uses X.509 certificates
- Each client must be configured with list of
trusted keys - Used to verify incoming signatures
48User agent (client) Role
- Key generation Diffie-hellman DSS, RSA
- Registration public key registered in order to
obtain certificate - Certificate storage and retrieval
- List of other users certificates to verify
incoming signatures and encrypt messages
49Verisign
- Most widely used CA
- Compatible with S/MIME
- Issues X.509 certificates
- Calls certificate Digital ID
- 14.95/year or 60 day free trial certificate for
class 1 digital ID
50Digital ID contains
- Owners public key
- Owners name or alias
- Expiration date
- Serial number
- Name of CA
- Digital signature of CA
51Optional information
- Address
- E-mail address
- Other information (country, zip, age, gender etc)
52Three Classes
- Class 1 confirms users email address
- Class 2 verifies information in application
through automated comparison with a consumer
database - Class 3 user provides notarized credentials or
apply in person
53Enhanced Security Services
- Signed receipts proof of delivery
- Security labels
- Access control
- Priority
- Role based
- Secure mailing lists
54Obtaining An ID
- Complete the application form
- Verisign will send an email with a PIN
- Access Verisigns web site and paste PIN
- Versign will download and install Digital ID in
browser - Accessing your certificates in browser will
show your certificate
55(No Transcript)
56(No Transcript)
57(No Transcript)
58(No Transcript)
59(No Transcript)
60(No Transcript)
61(No Transcript)
62(No Transcript)
63(No Transcript)
64- In the case of Netscape V7 you have to configure
Netscape to use the certificate for a specific
email account
65(No Transcript)
66- I then sent a signed (but not encrypted) message
to another account - I was just distributing my certificate so that
person could send an encrypted message to me
67(No Transcript)
68(No Transcript)
69- Once that person has my certificate (public key)
she could send a signed and encrypted message to
me - Encrypted with my public key and decrypted with
my private key - Next slide show message
- Note symbols in upper right hand corner
70(No Transcript)
71- Once I had read the message her certificate would
automatically be added to my certificate manager
72(No Transcript)
73(No Transcript)
74(No Transcript)
75 Pretty Good Privacy - PGP
76History
- Phil Zimmermann created in response to the
perceived need for privacy - Created originally to circumvent government
regulations on public key cryptography - Selected best available cryptographic algorithms
RSA, DSS, Diffe-Hellman, CAST-128, IDEA, TDEA,
SHA-1
77- Provides confidentiality and authentication
services for electronic mail and file storage - Integrated into MS Outlook and Eudora mail
clients - Can be used with any other mail client by
cut/pasting message between client and PGP - Commercial version of PGP sold by Network
Associates until 2002
78- PGP Corporation formed and bought rights to PGP
from Network Associates - First release, version 8.0, release by PGP Corp
in December 2002 - www.pgp.com
- First version fully compatible with Windows XP
and AES
79OpenPGP
- Derived from PGP
- Defined by the OpenPGP Working Group of the
Internet Engineering Task Force (IETF) standard
RFC 2440. - OpenPGP Alliance is a group of companies that are
implementers of the OpenPGP standard. The
Alliance works to facilitate technical
interoperability and marketing synergy between
OpenPGP implementations.
80PGP Licensing Options
- PGP Freeware
- PGPmail, PGPKeys, PGPTray
- PGP Personal Edition
- Freeware PGPDisk, personal email plugins
eudora, ICQ, Outook - PGP Desktop
- Personal Edition emails plugins Group Wise,
Lotus Notes, Exchange Server - PGP Enterprise
- Desktop PGPadmin, PGP Keyserver
81Services Provided
- Authentication
- Confidentiality
- Compression
- E-mail compatibility
- Segmentation
82Authentication
- Sender creates a message
- SHA-1 generates 160 bit hash of message
- Hash encrypted with RSA using senders private
key and prepended to message - Receiver uses RSA with senders public key to
decrypt and recover hash - Receiver generates new hash and compares with
decrypted hash
83Confidentiality
- Uses conventional encryption algorithm using
CAST-128, IDEA, TDEA, Blowfish - 64 bit cipher feedback mode is used
- Conventional key used just once
- 128 bit random key
- Key distributed with message by encrypting with
receivers public key
84- Sender generates message and random 128 bit
number for session key - Message is encrypted with session key
- Session key is encrypted with RSA using
receivers public key and prepended to message - Receiver uses RSA with its private key to decrypt
and recover session key - Session key used to decrypt message
85Confidentiality and Authentication
- Both can be done
- Signature generated for plaintext message
- Plaintext message plus signature encrypted
- Session key encrypted using RSA
86Compression
- PGP compresses message after applying the
signature but before encryption - Saves space for email transmission and for file
storage - Compression algorithm used is ZIP
- Takes advantages of repeating patterns
87Cryptographic Keys and Key Rings
- PGP uses 4 types of keys
- One time session conventional keys
- Public keys
- Private keys
- Pass phrase-based conventional keys
88Requirements
- A means of generating unpredictable session keys
is needed - Users allowed to have multiple public/private key
pairs - Each PGP entity must maintain file of its own
public/private key pairs as well as a file of
public keys for correspondents
89(No Transcript)
90(No Transcript)
91(No Transcript)
92(No Transcript)
93(No Transcript)
94(No Transcript)
95(No Transcript)
96(No Transcript)
97(No Transcript)
98(No Transcript)
99How are key used?
- Signing a message
- Encrypting a message
- Decrypting a message
- Authenticating a message
100Signing a message
- PGP retrieves senders private key using userid
as index - PGP prompts for passphrase to decrypt private key
- Signature constructed
101(No Transcript)
102(No Transcript)
103Encrypting a message
- PGP generates session key and encrypts message
- PGP retrieves recipients public key using userid
- Session key component of message constructed
104(No Transcript)
105(No Transcript)
106Decrypting a message
- PGP retrieves receivers private key from private
key ring - PGP prompts for passphrase to decrypt private key
- PGP recovers session key and decrypts message
107(No Transcript)
108Authenticating Message
- PGP retrieves senders public key from public_key
ring - PGP recovers transmitted message digest
- PGP computes message digest for received message
and compares to transmitted digest
109E-Mail Filtering
- Antivirus filtering and filtering for other
executable code - Especially dangerous because of scripts in HTML
bodies - Spam Unsolicited commercial e-mail
110- Volume is growing rapidly Slowing and annoying
users (porno and fraud) - Filtering for spam also rejects some legitimate
messages - Sometimes employees attack spammers back only
hurts spoofed sender and the company could be sued
111- Inappropriate Content
- Companies often filter for sexually or racially
harassing messages - Could be sued for not doing so
112E-Mail Retention
- On hard disk and tape for some period of time
- Benefit Can find information
- Drawback Can be discovered in legal contests
could be embarrassing - Must retain some messages for legal purposes
113E-Mail Retention
- Shredding on receivers computer to take messages
back - Send key to decrypt
- Make key useless after retention period so cannot
retrieve anymore
114E-Mail Retention
- Shredding on receivers computer to take messages
back - Might be able to copy or print before retention
limit date - Not good for contracts because receiver must be
able to keep a copy
115E-Mail Retention
- Message authentication to prevent spoofed sender
addresses - Employee training
- E-mail is not private company has right to read
- Your messages may be forwarded without permission
116E-Mail Retention
- Employee training
- Never to put anything in a message they would not
want to see in court, printed in the newspapers,
or read by their boss - Never forward messages without permission
117E-Mail Best Practices
- Do not forward hoaxes, rumors, urban legends,
chain letters etc - Be careful with attachments
- Create separate email account used when posting
to newsgroups - Be selective about mailing list subscriptions
- Be selective on who you copy on email messages or
replies
118- Never send email messages in the heat of the
moment - Use major distribution lists sparingly
- Remember how public email generally is
- Follow corporate policies