MIME Object Security Services (MOSS). Privacy Enhanced Mail (PEM) was the first Internet standard to address security in email messages. The MOSS protocol.

Slides:

Advertisements

Similar presentations

Spring 2012: CS419 Computer Security Vinod Ganapathy SSL, etc.

Advertisements

CHAPTER 8: SECURITY IN COMPUTER NETWORKS Encryption Encryption Authentication Authentication Security Security Secure Sockets Layer Secure.

Lecture 5: security: PGP Anish Arora CSE 5473 Introduction to Network Security.

Lecture 5: security: PGP Anish Arora CIS694K Introduction to Network Security.

Secure Systems.

Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.

Chapter 5 Electronic mail security. Outline Pretty good privacy S/MIME Recommended web sites.

1 Pertemuan 12 Security Matakuliah: H0242 / Keamanan Jaringan Tahun: 2006 Versi: 1.

NS-H / Security. NS-H / Security is one of the most widely used and regarded network services currently message.

Electronic mail security

SSH : The Secure Shell By Rachana Maheswari CS265 Spring 2003.

Electronic mail security -- Pretty Good Privacy.

Henric Johnson1 Electronic mail security Henric Johnson Blekinge Institute of Technology, Sweden

Cryptography and Network Security Chapter 15 Fourth Edition by William Stallings Lecture slides by Lawrie Brown.

S/MIME and PKI Dartmouth College PKI Lab. What Is S/MIME? RFC 2633 (S/MIME Version 3)RFC 2633 Extensions to MIME Uses PKI certificates, keys, and.

Information Security. Information Security Requirements Confidentiality: Protection from disclosure to unauthorised persons Access control: Unauthorised.

1 Message Authentication and Hash Functions Authentication Requirements Authentication Functions Message Authentication Codes Hash Functions Security of.

Key Management Guidelines. 1. Introduction 2. Glossary of Terms and Acronyms 3. Cryptographic Algorithms, Keys and Other Keying Material 4. Key Management.

Masud Hasan Secure Project 1. Secure It uses Digital Certificate combined with S/MIME capable clients to digitally sign and.

Electronic Mail Security

Electronic Mail Originally –Memo sent from one user to another Now –Memo sent to one or more mailboxes Mailbox –Destination point for messages.

Masud Hasan Secue VS Hushmail Project 2.

Message Authentication  message authentication is concerned with: protecting the integrity of a message protecting the integrity of a message validating.

Hash Functions A hash function H accepts a variable-length block of data M as input and produces a fixed-size hash value h = H(M) Principal object is.

16.1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 16 Security at the Application Layer: PGP and.

Network Security. Security Threats 8Intercept 8Interrupt 8Modification 8Fabrication.

Electronic mail security. Outline Pretty good privacy S/MIME.

Security.  is one of the most widely used and regarded network services  currently message contents are not secure may be inspected either.

1 Section 10.9 Internet Security Association and Key Management Protocol ISAKMP.

Java Security Pingping Ma Nov 2 nd, Overview Platform Security Cryptography Authentication and Access Control Public Key Infrastructure (PKI)

Key Management Workshop November 1-2, Cryptographic Algorithms, Keys, and other Keying Material  Approved cryptographic algorithms  Security.

Chapter 9: Using and Managing Keys Security+ Guide to Network Security Fundamentals Second Edition.

Cryptography, Authentication and Digital Signatures

Network Security Essentials Chapter 7 Fourth Edition by William Stallings (Based on Lecture slides by Lawrie Brown)

Chapter 6 Electronic Mail Security MSc. NGUYEN CAO DAT Dr. TRAN VAN HOAI 1.

Cryptography and Network Security (CS435) Part Twelve (Electronic Mail Security)

Chapter 15: Electronic Mail Security

1 Electronic Mail Security Outline Pretty good privacy S/MIME Based on slides by Dr. Lawrie Brown of the Australian Defence Force Academy, University College,

1 Chapter 5 Electronic mail security. 2 Outline Pretty good privacy S/MIME Recommended web sites.

11.1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 11 Message Integrity and Message Authentication.

Pretty Good Privacy (PGP) Security for Electronic .

NETWORK SECURITY.

Security Many secure IT systems are like a house with a locked front door but with a side window open -somebody.

Chapter 11 Message Authentication and Hash Functions.

Pertemuan #9 Security in Practice Kuliah Pengaman Jaringan.

Security Using PGP - Prajakta Bahekar. Importance of Security is one of the most widely used network service on Computer Currently .

ECE-8813 / CS Prof. John A. Copeland fax Office:

S/MIME (Secure/Multipurpose Internet Mail Extensions) security enhancement to MIME – original Internet RFC822 was text only – MIME provided.

© Copyright 2009 SSLPost 01. © Copyright 2009 SSLPost 02 a recipient is sent an encrypted that contains data specific to that recipient the data.

L o g o Modern DBMSs security problems Nguyen Chi Thanh Nguyen Thanh Toan Group:

Electronic Mail Security Prepared by Dr. Lamiaa Elshenawy

7.6 Secure Network Security / G.Steffen1. In This Section Threats to Protection List Overview of Encrypted Processing Example.

Lecture 11 Overview. Digital Signature Properties CS 450/650 Lecture 11: Digital Signatures 2 Unforgeable: Only the signer can produce his/her signature.

Lecture 9 Overview. Digital Signature Properties CS 450/650 Lecture 9: Digital Signatures 2 Unforgeable: Only the signer can produce his/her signature.

By Marwan Al-Namari & Hafezah Ben Othman Author: William Stallings College of Computer Science at Al-Qunfudah Umm Al-Qura University, KSA, Makkah 1.

Security By Meenal Mandalia. What is ? stands for Electronic Mail. much the same as a letter, only that it is exchanged in a different.

Chapter 7 : Web Security Lecture #1-Week 12 Dr.Khalid Dr. Mohannad Information Security CIT 460 Information Security Dr.Khalid Dr. Mohannad 1.

Secure Instant Messenger in Android Name: Shamik Roy Chowdhury.

1 CNLab/University of Ulsan Chapter 16 Electronic Mail Security  PGP (Pretty Good Privacy)  S/MIME.

Lecture 8 (Chapter 18) Electronic Mail Security Prepared by Dr. Lamiaa M. Elshenawy 1.

第五章电子邮件安全. Security is one of the most widely used and regarded network services currently message contents are not secure –may be inspected.

Security is one of the most widely used and regarded network services

S/MIME T ANANDHAN.

Security at the Application Layer: PGP and S/MIME

Security in Network Communications

ELECTRONIC MAIL SECURITY

ELECTRONIC MAIL SECURITY

Security Risanuri Hidayat 21 February 2019 security.

Presentation transcript:

MIME Object Security Services (MOSS)

Privacy Enhanced Mail (PEM) was the first Internet standard to address security in messages. The MOSS protocol is a derivative of PEM. Multipurpose Internet Mail Extensions (MIME) was developed to provide for multi-part textual and non textual message bodies. It defines a structure for the format of the body. MOSS enhances the MIME protocol without changing its currently supported functions or features. A MOSS implementation must address the protection of the public/private key pairs used by the protocol. text

Basic operation I nput a MIME object and to output a MIME object. The MOSS protocol is independent of the cryptographic algorithm used in support of its security services. The current specification includes recommended choices to facilitate interoperability

The MOSS protocol supports the application of a digital signature by hashing the MIME object to be digitally signed and encrypting the hash value with a private key of an originator. A set of header/value pairs is created, formatted according to RFC822, and, where the header names match header names used by PEM, the values are set exactly as they are for PEM. In addition to other management information, the signature (encrypted hash value) is included in the set of headers.

The MOSS protocol supports encryption by generating a new encryption key for each MIME object to be encrypted and encrypting the object with it. The encryption key is then encrypted with the public key of the recipient(s) for whom the object is intended, including the originator if that is desired.

Protection of Private Keys Protection of Public Keys There are three issues not specifically addressed by the MOSS protocol specification that are important to any implementation. Unpredictable Bits

If private keys are kept on-line, they are vulnerable to access by unauthorized users. File permissions alone are not adequate for protecting private keys on most systems, though they are part of an overall solution. Private keys protected only by file permissions are vulnerable to account intruders and the accidental misssetting of the file permissions.

There are two issues relevant to the protection of public keys. The first is establishing the identity of the owner of the public key and the second is protecting the binding of the identity and the public key. In addition, an originator needs a mechanism with which an identity and a public key may be conveyed to recipients for storage in the recipient s’ local databases.

The ready availability of a sequence of unpredictable bits, which are distinct from random bits, is absolutely essential to the generation of public/private key pairs and encryption keys. Randomness is a statistical property of a sequence of values. The requirement is for an adversary to be unable to predict the next bit in a sequence even when all previous bits are known. Pseudo-random number generators rarely include this absolutely essential property

Conclusions Software-based solutions have been proposed for creating and protecting the signature and encryption keys used in MOSS. The proposals have been implemented, tested, and found to provide effective protection against various disclosure and modification threats. The MOSS protocol, in conjunction with MIME, provides a flexible, extensible.

1.Play Presentations on TV with Stunning DVD menus 2.Share Favorite Shows in most Popular Video Formats 3.Show Your Best Presentations within Webpages