This document discusses email security and encryption. It explains that email travels through unprotected networks and is exposed to attacks. It describes how email privacy aims to protect email from unauthorized access. Some remedies discussed are encrypting communication between servers using TLS and SASL authentication. The document also discusses using public-key cryptography for email encryption with tools like PGP and S/MIME, which can encrypt email content and add digital signatures for authentication. S/MIME is described as a security enhancement to the MIME email standard that provides encrypted and signed data functionality.

1. Network Security
S/MIME & E-mail Security
Prafull Johri 2011BTechCSE007
Pritam Kalwaniya 2011BTechCSE008
Yogesh Chaube 2011BTechCSE014
Shiva Johari 2011BTechCSE015

2. Why E-mail Security
???
The Internet is an expansive network of
computers, much of which is unprotected
against malicious attacks. From the time an
email composed to the time it is read, an email
travels through this unprotected Internet,
exposed to various electronic dangers.

3. What is E-mail Privacy
The protection of email from unauthorized
access and inspection is known as electronic
privacy. In countries with a constitutional
guarantee of the secrecy of correspondence,
email is equated with letters and thus legally
protected from all forms of eavesdropping.

4. Remedies
 To provide a reasonable level of privacy, all
routers in the email pathway, and all
connections between them, must be secured.
 At the ISP level, a further level of protection can be
implemented by encrypting the communication
between servers themselves, usually employing an
encryption standard called Transport Layer
Security (TLS). It is coupled with Simple
Authentication and Security Layer (SASL), which
confirms the target router's identity.

5. Remedies (contd.)
O E- Mail encryption
Email encryption can rely on public-key cryptography, in
which users can each publish a public key that others can
use to encrypt messages to them, while keeping secret a
private key they can use to decrypt such messages or to
digitally encrypt and sign messages they send.

6. PRETTY GOOD PRIVACY
(PGP)

7. It is a remarkable phenomenon
PGP provides a confidentiality and
authentication service that can be used for
electronic mail and file storage applications.
• Selected the best cryptographic algorithms as building
blocks
• Integrated these algorithms to a general purpose
application that is independent of operating system and
processor, and is based on a small set of easy to use
commands
• Made the package and its documentation, including the
source code, freely available via the Internet, bulletin
boards, and commercial networks such as AOL

8. S/Mime
O It is a security enhancement to the MIME
Internet e-mail format standard, based on
technology from RSA Data Security.
RFC 822

9. RFC 822
O It defines a format for text messages that
are sent using electronic mail
O It has been the standard for internet
based text mail message and remains in
common use

11. Mime is an extension to the RFC 822 framework that is
intended to address some of the problems and limitations of
the use of SMTP and RFC 822 foe e-mail.
O SMTP cannot transmit executable files or
other binary objects
O SMTP cannot transmit text data that includes
national language characters
O SMTP servers may reject mail message over
a certain size
O and many more…..

12. S/MIME Functionality
O Enveloped Data: This consist of encrypted content of
any type and encrypted content encryption keys for one or
more recipients
O Signed Data: A digital signature is formed by taking the
message digest of the content to be signed and then
encrypting that with the private key of the signer.