文档介绍：Chapter 5
Electronic mail security
1
Outline
Pretty good privacy(PGP)
S/MIME
mended web sites
2
Pretty Good Privacy
Philip R. Zimmerman is the creator of PGP.
PGP provides a confidentiality and authentication service that can be used for electronic mail and file storage applications.
3
Why Is PGP Popular?
It is availiable free on a variety of platforms.
Based on well known algorithms.
Wide range of applicability
Not developed or controlled by governmental or anizations
PGP is now on an standard track-RFC3156
4
Operational Description
Consist of five services:
Authentication
pression
E-patibility
Segmentation and reassemblely
5
6
7
detached signature:
Although signatures normally found attached to the message or file that they sign, Detached signatures are supported. A detached signatures may be stored and transmitted separately from the message it signs.
The utility of a detached signature:
A detached signature is useful in several contexts. A user may wish to maintain a separate signature log of all messages sent or received.
8
A detached signature of an executable program can detect subsequent virus infection. Finally, detached signatures can be used when more than one party must sign a document, such as a legal contract. Each person's signature is independent and therefore is applied only to the document. Otherwise, signatures would have to be nested, with the second signer signing both the document and the first signature, and so on.
9
Compression
presses the message after applying the signature but before encryption
The placement of pression algorithm is critical.
pression algorithm used is ZIP (described in appendix 5A)
10