Electronic mail security:

Nowadays the electronic mail transactions are getting the importance because any user can send message to another user which may contain video, music, pictures etc. The wide usage of Email system has increased the need of security with the same. An email message consists of two parts:

1) Contents (OR) body 2) Headers

Various protocols are used with email transaction to provide the security services such as:

1. Origin Authentication

Making sure you know who the message came from.

2. Content Integrity

Ensuring the message has not been altered after being sent.

3. Non-Repudiation

Making sure the originator cannot deny sending a message at a later date

4. Encryption

Encoding the content of the message to prevent unauthorized reading.

The following protocols are supporting the secured email transaction.

SMTP(Simple Mail Transfer Protocol) PEM (Privacy Enhanced Mail)

PGP (Pretty Good Privacy)

1.1SMTP: (Simple Mail Transfer Protocol)

This SMTP is mainly used for email communications. The sender’s end gives the email message to the local SMTP server.

This server in turn transfers the message to the receiver’s SMTP server. This SMTP protocol works on top of TCP/IP.

Three steps:

1. Sender to Sender SMTP

2. Sender SMTP to receiver’s SMTP 3. Receiver’s SMTP to receiver.

Characteristics:

1. It is very simple architecture.

2. It uses human understandable ASCII test format.

3. The receiver’s end can access the SMTP server by using any other simple email protocols like Post Office Protocol (POP), Internet Mail Access Protocol (IMAP) etc.

Detailed steps:

1. Based on the client’s request, the server sends a Ready for Mail (RFM) reply, indicating that it can accept an email message from the client.

2. The client then sends a Hello command to start the session.

Sender Senders

SMTP

Receivers SMTP

Receiver

3. The server then sends back an acknowledgement by sending its own DNS name.

4. The client now sends one or more email messages to the server.

5. The email transfer begins with a MAIL command.

6. The recipient allocates buffers to store the incoming email message and sends back an OK response to the client.

7. The client now sends the list of the intended recipients of the email message by one or more RCPT command( One per recipient)

8. After all RCPT commands, the client sends a DATA command, to indicate that the client is ready to start transmission.

9. The server responds back with start mail input message which indicated that it is ready to accept the email message 10. The client sends the email message an identifier provided by

the server to indicate that the transmission is over.

Some of the more common SMTP security provisions include:

o Checking the IP address of a device attempting connection and refusing to even start an SMTP session unless it is in a list of authorized client devices.

o Restriction of certain commands or features, such as e-mail relaying, to authorized users or client servers. This is sometimes done by requiring authentication via the SMTP extention AUTH before the command will be accepted.

o Limiting the use of commands such as EXPN to prevent unauthorized users from determining the e-mail addresses of users on mailing lists.

o Checking the validity of envelope information before accepting a message for delivery. Some servers will first verify that the originator's e-mail address is valid before agreeing to accept the MAIL command. Many will check the recipient's address and refuse the message if delivery is not to a local mailbox. Others use even more advanced techniques.

o Limiting the size of e-mail messages that may be sent or the number that may be sent in a given period of time.

o Logging all access to the server to keep records of server use and check for abuse.

1.2PGP :(Pretty Good Privacy):

Introduction:

Phil Zimmerman introduced the Pretty Good Privacy (PGP) protocol.

Characteristics:

1. It supports the basic requirements of cryptography.

2. It is quite simple to use and its source code and documentation is completely free to use.

3. It is more widely used comparing to PEM.

4. It mainly supports Encryption, Non repudiation and integrity of the message.

How PGP works?

PGP combines some of the best features of both conventional and public key cryptography. PGP is a hybrid cryptosystem. When a user encrypts plaintext with PGP, PGP first compresses the plaintext. Data compression saves modem transmission time and disk space and, more importantly, strengthens cryptographic security. Most cryptanalysis techniques exploit patterns found in the plaintext to crack the cipher.

Compression reduces these patterns in the plaintext, thereby greatly enhancing resistance to cryptanalysis. (Files that are too short to compress or which don't compress well aren't compressed.)

PGP then creates a session key, which is a one-time-only secret key. This key is a random number generated from the random movements of your mouse and the keystrokes you type.

This session key works with a very secure, fast conventional encryption algorithm to encrypt the plaintext; the result is cipher text. Once the data is encrypted, the session key is then encrypted to the recipient's public key. This public key-encrypted session key is transmitted along with the cipher text to the recipient.

Decryption works in the reverse. The recipient's copy of PGP uses his or her private key to recover the temporary session key, which PGP then uses to decrypt the conventionally-encrypted cipher text.

The combination of the two encryption methods combines the convenience of public key encryption with the speed of conventional encryption. Conventional encryption is about 1, 000 times faster than public key encryption. Public key encryption in

turn provides a solution to key distribution and data transmission issues. Used together, performance and key distribution are improved without any sacrifice in security.

Steps in PGP:

1. Digital Signature 2. Compression 3. Encryption

4. Digital enveloping 5. Base – 64 encoding.

Step1: Digital signatures:

A digital signature serves the same purpose as a handwritten signature. However, a handwritten signature is easy to counterfeit. A digital signature is superior to a handwritten signature in that it is nearly impossible to counterfeit, plus it attests to the contents of the information as well as to the identity of the signer.

The basic manner in which digital signatures are, Instead of encrypting information using someone else's public key, user encrypts it with his own private key. If the information can be decrypted with user’s public key, then it must have originated from the very same user.

Step 2: Compression:

An improvement on the above scheme is the addition of a one-way hash function in the process. A one-way hash function takes variable-length input — in this case, a message of any length, even thousands or millions of bits — and produces a fixed-length output; say, 160-bits. The hash function ensures that, if the information is changed in any way — even by just one bit — an entirely different output value is produced.

PGP uses a cryptographically strong hash function on the plaintext the user is signing. This generates a fixed-length data item known as a message digest Then PGP uses the digest and the private key to create the "signature." PGP transmits the signature and the plaintext together. Upon receipt of the message, the recipient uses PGP to recompute the digest, thus verifying the signature. PGP can encrypt the plaintext or not; signing plaintext is useful if some of the recipients are not interested in or capable of verifying the signature.

Step 3: Encryption:

The compressed output of step 2 is encrypted with a symmetric key. Normally IDEA algorithm in CFB mode is used.