Cryptography Reference
In-Depth Information
There is a means in S/MIME to provide both authentication and secrecy.
S/MIME Message Authentication and Secrecy
This involves the
nesting of protocols
. In other words, Alice nests the
enveloped-only data with the signed-only data, so that either she signs the
message first or envelopes it first. The pros and cons of enciphering first versus
authentication first were discussed on pages 266 and 267.
Diagram 8.8 Enveloped-Only S/MIME Message
MIME
Body
−−−−−−−−−−−−−→
e
B
(
k
)
←−−−−
k
e
B
m
C
(
B
)
e
B
(
k
)
E
I
RSA
(
E
k
(
c
(
m
))
,
e
B
(
k
)
,
C
(
B
)
,
I
RSA
)=
ED
Convert to
Canonical Form
−−−−−−−→
E
k
(
c
(
m
))
c
(
m
)
−−−−→
ED
Base
64
Encode
−
OUTPUT
←−−−−
In Diagram 8.9, for the sake of simplicity of presentation, we do not explicitly
give the conversion to canonical form, but assume this has tacitly been done.
Diagram 8.9 Signed-Only S/MIME Message
I
e
A
C
(
A
)
I
SHA
−
1
I
RSA
d
A
(
I
e
A
,
C
(
A
)
,
I
RSA
,
I
SHA
−
1
,
d
A
(
h
(
m
))
,
m
)=
SDM
MIME
Body
m
−−−−→
h
(
m
)
−−−−→
h
d
A
(
h
(
m
))
→
−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−→
m
SDM
Base
64
Encode
−
OUTPUT
←−−−−
Search WWH ::
Custom Search