Professional Documents
Culture Documents
Team Members
Pankaj Bhambhani (200901047) (pankajb64@gmail.com) Pratik Kumar (200901239) (pratik.kumar.bharat@gmail.com) Dipesh Shah (200901094) (dipesh1005@gmail.com) Jignesh Kakadiya (200901201) (jigneshhk1992@gmail.com) Ajay Dhameliya (200901203) (dhameliyaajay26@yahoo.in)
Topics
Why E-mail security? CEM - Certified Electronic Mail Properties of CEM Existing Protocol - S/MIME properties Missing properties in S/MIME and their importance Sample Certified Email Protocol How to do- Design Conclusion and our thoughts References
Added value to traditional electronic mail. Examination of various properties. Use a sample certified email protocols to demonstrate properties. Its use in improvement of existing protocol : S/MIME
Postal services force the recipient to sign a receipt token before delivering the envelope which contains the certified message.
Here the recipient only recognizes that it received an envelope which, in turn, can be empty (intentionally or not).
Hence there is a difference with respect to the digital evidence of receipt (linked to the message and not to the envelope).
Types of non-repudiation
Direct Communication Model Non-Repudiation of Origin (NRO) is intended to protect against the originators false denial of having originated the message. Evidence of Origin (EOO) is generated by the originator, or a TTP on its behalf, and will be held by the recipient.
Non-Repudiation of Receipt (NRR) is intended to protect against the recipients false denial of having received the message. Evidence of Receipt (EOR) is generated by the recipient, or a TTP on its behalf, and will be held by the originator.
Indirect Communication Model Non-Repudiation of Submission (NRS) is intended to provide evidence that the originator submitted the message for delivery. Evidence of Submission (EOS) is generated by the delivery agent, and will be held by the originator. Non-Repudiation of Delivery (NRD) is intended to provide evidence that the message has been delivered to the recipient. Evidence of Delivery (EOD) is generated by the delivery agent, and will be held by the originator
Exchange of message and NRO for NRR linked to the message. Exchange of message and NRO for acknowledgement of receipt. Exchange of message for NRR linked to the message. Exchange of message for acknowledgement of receipt.
Exchange of envelope and, if possible, NRO for NRR, if possible, linked to the message.
Exchange of envelope and, if possible, NRO for acknowledgement of receipt.
Communication Model
The originator and the recipient potentially do not trust each other. The originator is not sure that the recipient will acknowledge a message it has received. On the other hand, the recipient will only acknowledge messages it has received.
In order to facilitate a fair exchange in which neither party will gain an advantage during the transaction, a TTP will usually be involved.
The extent of the trusted third partys involvement varies among different protocols
Evidence
This is the data that can be used if a dispute arises. It can be either generated and stored by the local user or by a third party. Its format depends on the cryptographic mechanisms agreed in the service. Examples: digital signatures (public key cryptography) and secure
If this data is certified by a Time Stamp Authority (TSA), it could include a time-stamp service identifier.
Fairness is mandatory, so one of these properties must be compulsory. Weak Fairness is enough, although strong fairness is desirable. Probabilistic Fairness is not desirable
Off-line TTP is desired, but the involvement of the TTP depends on the application. Transparent and Verifiable TTP are desired, but only one of them can be achieved because they are incompatible.
Strong Stateless TTP is the most desirable property from a resource and storage point of view.
We could also consider privacy of the originator (anonymity). However anonymity and NRO cannot be provided at the same time.
are as follows:
1. The communication channel is unreliable. In this case, data can be lost. 2. The communication channel is resilient (also called asynchronous network). In this case, data is delivered after a nite but unknown amount of time. 3. The communication channel is operational (also called synchronous network).In this case, data is delivered after a known, constant amount of time. An unreliable channel will in most cases be transformed into a resilient channel by the use of an appropriate transport protocol (e.g. retransmissions).
fT : flag indicating the purpose of the message where T identifies the corresponding message in that protocol
Message confidentiality via encryption Message integrity via digital signature Message origin authentication via digital signature Non-repudiation of origin via digital signature
Non-repudiation of receipt
S/MIME does not protect the sender of information against the denial of the receiver, who may say the sender never sent the information, or that he/she did
References
Josep Lluis Ferrer-Gomilla a , Jose A. Onieva b , Magdalena Payeras a , Javier Lopez b, * : Certied electronic mail: Properties revisited Computers & Security Volume 29, Issue 2, March 2010, Pages 167179 Secure Multi-Party Non-Repudiation Protocols and Applications, Jos A. Onieva, University of Malaga Spain, Javier Lopez ,University of Malaga ,Spain, Jianying Zhou, Institute for Infocomm Research, Singapore Ch 2 Fundamentals of Non-Repudiation Pages 17-34 Selective Receipt in Certified E-Mail, Steve Kremer and Olivier Markowitch fskremer,omarkowg@ulb.ac.be, 2001 (http://www.ulb.ac.be/di/scsi/markowitch/publications/ic01.pdf) Oppliger R. Certied mail: the next challenge for secure messaging. ACM Press. Communications of the ACM 2004;47: 759
References
Extending a Key-Chain Based Certified Email Protocol with Transparent TTP Zhiyuan Liu, Jun Pang, Chenyi Zhang, Conference: Embedded and Ubiquitous Computing - EUC , pp. 630-636, 2010, DOI: 10.1109/EUC.2010.101 Understanding S/MIME (http://technet.microsoft.com/en-us/library/aa995740(v=exchg.65).aspx) Prof. Manik Lal Das Slides (L11 - E-Mail Security.pdf)