2. Introduction
Email is one of the mostly used and regarded network
services.
Email security is dealing with the issues of unauthorized
access and inspection of electronic Mail.
Email has to go many untrusted servers before it reached
to its destination.
One can intercept and modify it to harm the sender and to
make some profits.
3. Threats to Email
Message interception
Emails sent in clear text over the Internet.
Message modification
Anyone with system admin rights on the mail servers your
message visits can not only read your message, but also
delete or change the message before it reaches its
destination (and the recipient won’t be able to tell if the
message has been modified).
False messages
It is very easy to create an email with someone else’s name
and address.
4. Contd..
Message Replay
Messages can be saved,
modified, and re-sent later.
Repudiation
You can’t prove that someone
sent you a message since email
messages can be forged.
5. CIA for Email
Confidentiality: Email should be only viewed by the
person it is intended to.
Integrity: original content should be received by the
receiver.
Availability: Receiver should be able to access the mail
whenever he/she requires.
6. Steps to Secure Email
Security at sender’s side
Can be implemented by non technical person.
Use incognito mode while sending emails.
Avoid using public computers
Security at Receiver’s Side.
Avoid downloading attachment from unknown sender’s.
Check Email Headers to verify identity of Sender.
8. PGP
Pretty Good Privacy.
PGP provides a confidentiality and authentication service
that can be used for electronic mail and file storage
applications.
Available free worldwide.
Based on extremely secure algorithm.
Not developed by governmental organization.
9. S/MIME
Secure / Multipurpose Internet Mail Extensions.
S/MIME is standard for exchanging secure mails with the
help of encryption.
Previously, Mails were supposed to carry text only.
S/MIME provides support for varying content.
Supported by major email programs like Outlook,
Netscape.