NET 3106

Network
Security

Internet Security - Application

1
 Contents
•Application layer security
PGP
S/MIME

2
 Secure
Application Layer Protocols
•PGP
•S/MIME
•SSH
•Kerberos

3
Email Protocols
Two types of protocols are
used for transferring email:
Used to move messages Used to transfer messages
through the Internet from between mail servers
source to destination • IMAP and POP are the most
• Simple Mail Transfer Protocol commonly used
(SMTP)
 Email Security
•There are two main schemes which are especially designed to
provide confidentiality and authentication for electronic mail
systems. These are:
PGP (Pretty Good Privacy)
 Pretty old, not build –in
 Requires plugins to work

S/MIME (Secure/Multipurpose Internet Mail Extension)

 Build into many email clients

5
 Pretty Good Privacy (PGP)
•PGP commonly refers to any encryption program or application that
implements the OpenPGP public key cryptography standard.
•PGP was a popular program used to encrypt and decrypt email over
the internet, as well as authenticate messages with digital signatures.
•Developed by Phil Zimmerman in 1995. Source code is freely available.
•The package is independent of operating system and processor.
•PGP combines the best available cryptographic algorithms to achieve
secure e mail communication.
•It is assumed that all users are using public key cryptography and have
generated a private/public key pair.
6
Pretty Good Privacy (PGP)

7
 PGP Services
•Authentication
Utilizes hash functions

•Confidentiality
Message encryption

•Compression
 Zip compression

•E-mail compatibility
Raw 8-bit binary stream to stream of printable ascii characters
Email system only permit the use of blocks consisting of ASCII text.
Uses Radix-64

8
 S/MIME
•MIME stands for Multipurpose Internet Mail Extensions. It is a
standard that extends the capabilities of email messages beyond
plain text by allowing the inclusion of multimedia content.

•S/MIME (Secure/Multipurpose Internet Mail Extensions) is an

extension of MIME that adds cryptographic security features to email
messages. It provides confidentiality, integrity, and authentication for
email communication.

•Using S/MIME result in to mitigating variety of attacks

9
 Milestones and
Versions of S/MIME
•1995: S/MIME 1.0 - It introduced cryptographic security features to email.
•1999: S/MIME 2.0 - Improved algorithms and support more cryptographic functions.
•2001: S/MIME 3.1 - Support ECC and key agreement algorithms.
•2002: S/MIME 3.2 - Expanded the support for more cryptographic algorithms and
made improvements to the certificate handling process.
•2004: S/MIME 3.3 - Support certificate revocation checking using the Online
Certificate Status Protocol (OCSP)
•2007: S/MIME 3.4 – Support AES and SHA-256 hash function.
•2012: S/MIME 3.5 – Support for Elliptic Curve Digital Signature Algorithm (ECDSA)
and Elliptic Curve Diffie-Hellman (ECDH) key agreement.

10
S/MIME Functions

11
 Simplified
S/MIME Functional Flow

12
 Popular Email
Programs Support S/MIME
•Microsoft Outlook
•Gmail
•Mozilla Thunderbird
•Apple Mail
•IBM Notes (formerly Lotus Notes):
•Evolution: An open-source email client for Linux distributions.
•Mailbird: Popular email client for Windows
•Qualcomm Eudora
•BlackBerry Hub
13
Q&A

14