Cryptography Reference
In-Depth Information
will see, securing email involves the use of cryptography, which then requires
recipients to have the capability of processing a secure email message. This is why
secure email applications generally work better in large organisations, which can
provide the capability for securing internal email communication on all the email
clients of employees.
One option for a home user who wishes to occasionally protect an email
message is to send the sensitive data in a protected attachment. File encryption,
as discussed in Section 12.7.1, is probably the easiest way to do this. However, if
email requires security on a wider basis then it may be more convenient to use a
dedicated email security application, which we now discuss.
EMAIL SECURITY APPLICATIONS
There are two well-known standards for protection of email, each of which are
implemented by a wide range of email security applications. Both
Open Pretty
Good Privacy
(OpenPGP) and
Secure/Multipurpose Internet Mail Extensions
(S/MIME) broadly work in the same way, although precise implementations
may have minor differences. They both provide confidentiality and data origin
authentication (non-repudiation) through support for encryption and digital
signatures. They are either supported by default in certain email clients or can
be installed through plug-ins.
There are three ways in which email messages can be protected using these
applications:
Confidentiality only
. This is provided by hybrid encryption (see Section 5.5.2).
The symmetric encryption key is either generated using a deterministic
generator (see Section 8.1.4) or a software-based non-deterministic generator
(see Section 8.1.3). The body of the email message is then encrypted using this
symmetric key, and the symmetric key is encrypted using the public key of the
recipient.
Data origin authentication only
. This is provided by a digital signature scheme
with appendix (see Section 7.3.4). The email message is first hashed and then
signed using the signature key of the sender. The receiver will need to obtain the
corresponding verification key in order to verify the resulting digital signature.
Confidentiality and data origin authentication
. This is typically provided by
following the MAC-then-encrypt construction (see Section 6.3.6). In other
words, a symmetric encryption key is generated and the email message is
digitally signed, as described above. The email message and the resulting
signature are then both encrypted using the symmetric encryption key. Finally
the symmetric encryption key is itself encrypted using the public encryption
key of the recipient.
The main differences between OpenPGP and S/MIME are with respect to:
Cryptographic algorithms supported
. OpenPGP implementations support a
range of cryptographic algorithms. On the other hand, S/MIME is more
restrictive and specifies the use of AES or Triple DES for symmetric encryption
