Exchange Security part 2

1
Exchange Security - Part 2Secure Corporate
Messaging with Outlook 2000 Greg
BaribaultProgram ManagerExchange
ServerMicrosoft Corporation
2
Security Concepts What we will cover today

• Brief Security Introduction
• Certificates, encryption, signatures
• S/MIME
• Outlook Configurations
• Internet only mode
• Corporate workgroup mode
• Using Outlook Security
• Enabling security features
• Exchanging secure mail with others

3
CertificatesAssociating keys with users

• Certificates securely bind the key holders
  identity to their public key
• Contain the users key and identity information
• Name, public key, e-mail, extensions, etc
• Signed by a Known andTrusted entity
• X.509 v3 adds extensions(i.e. key usage) and
  S/MIME compatibility

4
CA HierarchiesA PKI is based on trust

• A CA is a known and trusted third party which
  issues certificates
• CAs Private key used to sign certs
• Root CA certificate needed to verify sigs

5
Certificate TrustHow do I know which certs I
trust?

• Outlook uses the IE Cryptographic Service
  Provider (CSP)
• Tools ? Internet Options ? Content Tab
• Click the Certificates button to view which
  certificates are trusted
• Root CAs can be added or removed
• Individual users can be added or removed

6
CertificatesInitially trusting a certificate

• Trusting a Root CA
• Software (Windows NT, Internet Explorer,
  Windows 98) comes with some root CA certificates
  included
• Downloaded software like Internet Explorer uses
  Authenticode certificates for protection during
  download
• You can always verify a certificate thumbprint
  out-of-band

7
EncryptionProvides privacy of messages

• Allows messages to be sent via insecure channel
  (Internet) safely
• Only the intended recipient holding the correct
  private key can decrypt
• Entire message, including attachments are
  encrypted
• Message is encrypted end-to-end
• Encrypted by the client
• Decrypted by the client
• Remains encrypted in the store

8
EncryptionProvides privacy of messages

• How it works
• Sender composes and addresses message
• Outlook locates recipient(s) in the directory
• Retrieves recipients certificate
• Recipient public key is used to encrypt lockbox
  with symmetric key

9
Digital SignaturesAs binding as a signature on
paper

• Provides origin authentication since only sender
  holds private key used to generate signature
• Provides data integrity since the signature is a
  protected hash of the message
• Examples
• RSA, DSA

10
Digital SignaturesAs binding as a signature on
paper

• How it works
• Sender computes MD (hash)
• Sender encrypts MD with private key and attaches
  it to message m
• Send m and MDSender
• Receiver decrypts secured MD using senders
  Public Key and computes the messages MDReceiver
• If MDSender MDReceiver then message is
  authentic

11
Secure MIMEWhat is S/MIME?

• Secure Multipurpose Internet Mail Extensions
• Initially designed by RSA-led vendor consortium
  in 1995
• S/MIME messaging and S/MIME certificate handling
  are Internet RFCs
• S/MIME v3 currently is in Internet Draft process

12
Secure MIMEWhy S/MIME?

• Widely supported format for secure e-mail
  messages
• Uses X.509 v3 certificates
• S/MIME compliant clients interoperate
• Outlook 98 and 2000, Outlook 8.1 for Macintosh,
  Outlook Express, Netscape, Worldtalk, etc.
• More Info
• See http//www.rsa.com/smime/

13
S/MIME ExampleClear signed header

• From "Austin Powers"ltswinger_at_mojo.comgt
• To "Basil Exposition"ltbasil_at_mystery.comgt
• Subject A Clear signed message
• Date Thu, 30 Sep 1999 083451 -0700
• MIME-Version 1.0
• Content-Type multipart/signed
• boundary"--NextPart_000"
• protocol"application/x-pkcs7-signature"
• micalgSHA1

14
S/MIME ExampleClear signed message body part
----NextPart_000 Content-Type text/plain
charset"iso-8859-1" Content-Transfer-Encoding
7bit This is a plain text, clear signed message.
15
S/MIME ExampleClear signed signature body part
----NextPart_000 Content-Type
application/x-pkcs7-signature name"smime.p7s" Co
ntent-Transfer-Encoding base64 Content-Dispositio
n attachment filename"smime.p7s" MAsIAGCSqGSIb3
DQEHAqCAMIACAQExCzAJBgUrDgMCGgUAMaoAMCAQICEHn8nLDX
9lDR882gwea6pAwDQYJKoZIhv...N9I0uv5r2ru7ucMJeg
vIOQQ4Q4gMTnIDBbjHxlLaFZD4lIwEJHLARB/R1ub1ry0LAma
aI4n7952aNeHaAAAAAAAA ----NextPart_000--
16
S/MIME ExampleOpaque signed header

• From "Austin Powers"ltswinger_at_mojo.comgt
• To "Basil Exposition"ltbasil_at_mystery.comgt
• Subject An opaque signed message
• Date Thu, 30 Sep 1999 083451 -0700
• MIME-Version 1.0

17
S/MIME ExampleOpaque signed body

• Content-Type application/x-pkcs7-mime
• name"smime.p7m"
• Content-Transfer-Encoding base64
• Content-Disposition attachment filename"smime
  .p7m
• MIAGCSqGSIb3DQEHAqCAMIACAQExCzAJBgUrgMC GgUAMIAGC
  SqGSIb3DQEHAaCAJIAEggTKQ29udGV BtdWx0aXBhcnQvYWx0Z
  XJuYXRpdmU7DQoJYm91b mRhcnk9Ii0tL/A04skEHJN2b3Z7Mq
  5eR0Xqf1v gMME3nPEg8RzVoMNFLhWqOM1RMSbr5d9QmXt5X
  SPbRoAAAAAAAA

18
Outlook Configurations
19
Outlook ConfigurationOutlook configurations

• Internet Only Mode
• Protocols POP, SMTP, LDAP, IMAP
• Enroll through any X.509 v3 CA
• Enrollment via Web control
• Corporate Workgroup
• Certificates published in Exchange directory
• Provides key recovery using KMS
• Compatibility with Exchange 4.0/5.0 (v1)

20
Internet Only ModeSupported protocols

• Mail Protocol Support
• Encrypted and/or signed mail can sent using many
  internet standard protocols
• POP, SMTP, IMAP
• Directory Protocol Support
• Lookup of others certificates
• LDAP

21
Internet Only ModeEnabling security

• Enrollment via web control
• Select Tools ? Options ? Security Tab
• Click Get a Digital ID
• Launches website with links to various well known
  CAs
• Enroll through any X.509 v3 CA
• VeriSign, Thawte, GTE Cybertrust, etc
• Import certificates into Outlook

22
Enrollment ProtocolUsing Microsoft Certificate
Server

• Click Get a Digital ID enroll button
• User enters personal info into form
• ActiveX control generates Public key pair
• Public key is sent to CS in cert request
• Certificate Server returns public key wrapped in
  X.509 v3 certificate
• Client stores private key and certificate in IE
  Protected Store

23
Demo Internet Only Mode
24
Corporate Workgroup Mode Features provided by
Exchange

• Integrated with Exchange directory
• Automatic lookup of recipient certificates
• Certificate Trust and Revocation Lists published
  by certificate server are picked up by the client
• Can enroll through Key Management Service
• Provides private encryption key recovery
• Provides interoperability with legacy (Outlook 97
  and earlier) clients

25
Corporate Workgroup Mode Integration with
Exchange Directory

• Automatic lookup of recipient certificates
• When sending encrypted mail, the recipient
  certificate is found in the Global Address List
  (GAL)
• CTL and CRL are published into the directory by
  CS and KMS
• Client checks these lists for each signed email
  received, and each encrypted email sent

26
Corporate Workgroup Mode Enrolling through KMS

• Provides private encryption key recovery
• Approximately 10 of all corporate users will
  lose their private encryption keys
• If lost, any existing encrypted mail will
  be unusable
• KMS issues v1 certificates
• Provides interoperability with legacy (Outlook 97
  and earlier) clients

27
Enrollment ProtocolUsing Key Management Service

• KMS administrator enables user for Advanced
  Security
• One-time token is delivered to user (via email or
  out-of-band)
• Click Get a Digital ID enroll button
• Select Exchange Server
• User enters token when prompted
• Signing key pair is generated by client
• Public signing key is sent to KMS

28
Enrollment ProtocolUsing Key Management Service

• KMS generates Encryption key pair
• Private encryption key is archived
• Both public keys are sent to CS and certificates
  are generated and returned
• KMS archives certificates
• KMS encrypts private encryption key and sends
  certs and keys back to user
• Certificates are published and keys are placed in
  the IE protected store

29
Demo Corporate Workgroup Mode
30
Key StorageHow are my private keys protected?

• Private keys are stored encrypted
• All key material is encrypted so other people
  using the same computer cannot access your
  private keys
• Key is derived from your password
• IE4 Keys are kept in the PStore (Protected
  Store)
• IE5 Keys are kept in the registry

31
Key StorageWhat if I have multiple computers?

• Keys can be exported from the computer you enroll
  through and imported into another computer
• IE5 allows keys to be kept in the roaming
  profile for the user
• When you move to a new machine, the keys follow
  you

32
The Exchange Directory

• Contains all users certificates
• Outlook automatically locates certificates for
  recipients
• Certificate attribute names
• v3 raw PKCS 7 certificateLDAP userCertificate
  MAPI ID 0x8C6A
• v3 wrapped client capabilitiesLDAP
  userSMIMECertificateMAPI ID 0x3A70
• v1 (Nortel) CertificateLDAP userCertMAPI ID
  0x3A22

33
Verifying Certificate TrustAdditional ways of
determining trust

• Trust and Revocation List checking
• Outlook checks all certificates against the CRL
  and CTL published in the directory
• Chasing CRL Distribution Points (CDPs)
• IE5 will use CDPs in the certificates to locate a
  revocation list
• Machine must be on-line
• Disabled by default

34
InteroperabilitySecure mail with non-Outlook
users

• Outlook will interoperate with any S/MIME
  compliant client
• Outlook Express
• Netscape
• Many more
• KMS introduces a Dual Key architecture which is
  not interoperable with some clients

35
Directory-less SecurityIndividual key exchange

• If there is no central repository
  for certificates, users must exchange them
• Sending signed mail sends the originators
  certificate(s)
• Add to Contacts or
• Add to Personal Address Book and Import the
  certificate

36
International IssuesMail sent between security
levels

• How do I send mail to users with a different
  encryption strength?
• Mail is encrypted with the recipients public key
  in their certificate
• Their certificate will indicate the level of
  security they support, and Outlook will encrypt
  at that level
• What if I am sending to a mixed DL?
• Outlook will automatically negotiate to the
  lowest common level

37
Related Sessions

• Key Management Service and Certificate
  ServerImmediately following this session
• Microsoft Exchange and Secure Internet
  ConnectionsSpeaker Spyros SakellariadisHeld
  yesterday, but see handouts

38
(No Transcript)
39
For More Information

• BackOffice Resource Kit, Part 1
• Exchange Server Resource GuideChapter 7,
  Security
• Outlook Web site
• http//officeupdate.microsoft.com/outlook/outlook
  2000/highencrypt/securemail.htm
• Presentations/Papers
• Fundamentals of Security session
• ideaExchange Security Interview
  http//www.microsoft.com/exchange/55/gen/iesecuri
  ty.htm

40
(No Transcript)