Informationssicherheit Secure Messaging
List 3 character sets with their character.
- ASCII, 127 characters - ISO/IEC 8859, 256 characters - Unicode, 16-bit, 65'535 characters
Name the Cryptographic Message Syntax Content Types
- Enveloped Date -> standard digital envelope - Clear-Signed Data (multipart/signed) -> standard digital signature, only the signature is encoded using base64 - signed and enveloped data can be nested in any order
Describe the S/MIME Processing. (Sender)
- Initial S/MIME processing produces a PKS object (Public Key Cryptography Standard) PKS object includes information for processing by recipient & content - PKS obj. are in binary format, need further base64 encoding to produce final results - recipient performs steps in reverse
What problems exist with RFC 822 & SMTP? (2)
- executable files must be converted into ASCII - text data that includes special characters (e.g. German text)
How is the enveloped-data constructed? (5 steps)
1.A content-encryption key for a particular content-encryption algorithm is generated at random. 2.The content-encryption key is encrypted for each recipient. The details of this encryption depend on the key management algorithm used. Below two of four possible techniques are presented: • key transport: the content-encryption key is encrypted in the recipient's public key. • key agreement: the recipient's public key and the sender's private key are used to generate a pairwise symmetric key, then the content-encryption key is encrypted in the pairwise symmetric key. 3.For each recipient, the encrypted content-encryption key and other recipient- specific information are collected into a RecipientInfo value. 4.The content is encrypted with the content-encryption key. Content encryption may require that the content be padded to a multiple of some block size. 5.The RecipientInfo values for all the recipients are collected together with the encrypted content to form an EnvelopedData value.
What is the function of a MS?
A Message Store spans the boundary between the MTS world and the UA world. MSs don't have any routing or message processing responsibilities. An MS may be thought of as a "holding tank" for messages.
When does a MS accept messages from a MTS?
An MS accepts messages from an MTS, so that the MTS can get on with its task of moving messages along. However, there are many instances where a UA might not be able to accept a message at a given time. While many UAs are always available (time shared systems, for example), many UAs are systems which are turned off occasionally, or are mobile, such as laptops with a modem connection. Protocols such as POP and IMAP define how these intermittently-attached UAs communicate with a MS.
What is a MTA?
An MTA has a very limited, but critical, scope of responsibility. Its job is: - to receive a message - examine the address (routing information) on the envelope - determine whether the message is intended for a UA within its domain - and either deliver it (if the destination is within its domain) or give it to another MTA (if it isn't). One MTA never deletes a message until it receives absolute confirmation that another MTA, a Message Store or a UA has taken responsibility for the message. This is the fundamental concept of store- and-forward messaging.
What contains the envelope?
Contains addressing information needed to deliver (to:, cc: bcc: date:) The envelope is never seen by the recipient application; it is for the use of the Message Transfer Service only.
What happens with each 8-Bit value when it is converted into ASCII?
Each 8-Bit value will be replaced with 3 ASCII characters. Example: "Jörg Järman wohnt in Bümpliz" will lead to "J=F6rg J=E4rman wohnt in B=FCmpliz".
What does the content-type of the MIME header field describe?
It describes the data contained in the body, receiving agent can pick an appropriate method to represent the content.
What is RFC 822?
Its a message format. It defines a format for text messages to be sent using e-mail Internet standard. Example: Date: Tue, 16 Jan 2007 10:37:17 (EST) From: "Alice" <[email protected]> To: [email protected] Subject: Test Dear Bob, ...
Welche Bestandteile hat ein Message Handling System (MHS)?
MTS = Message Transfer Service MTA = Message Transfer Agent UA = User Agent MS = Message Store
What is a MIME?
Multipurpose Internet Mail Extensions, MIME defines message header fields, a number of content format (standardised representation of multimedia contents) and transfer encodings that protects the content from alteration by the mail transfer system.
Describe the S/MIME signing before encrypting.
Signature is only visible after decryption (Anonymity of Signature)
What is the function of a Base-64 Encoding scheme?
The Base64 encoding takes a series of 8 bit blocks and effectively spreads the bits out into a series of 6 bit blocks. The name comes from the fact that 6 bits can represent a total of 64 numbers (0 through 63). It is important to note that this is only mapping. Base64 is not an encryption algorithm, merely and encoding algorithm.
What is a MTS?
The Message Transfer Service (MTS) is comprised of the set of nodes which route electronic mail messages.
What consists the enveloped-data content type?
The enveloped-data content type consists of an encrypted content of any type and encrypted content-encryption keys for one or more recipients. The combination of the encrypted content and one encrypted content-encryption key for a recipient is a "digital envelope" for that recipient. Any type of content can be enveloped for an arbitrary number of recipients using any of the supported key management techniques for each recipient. The typical application of the enveloped-data content type will represent one or more recipients' digital envelopes on content of the data or signed-data content types.
What can we see in the header information?
The message delivery path can be traced back due to the Received.
What are the advantages of of the separation of an envelope and a message?
The separation of the envelope and the content allows for message delivery systems to look at addressing and routing information needed to deliver a message while maintaining the integrity of the contents. It also allows for the contents to be encrypted, if desired, and have no effect on the delivery capability.
What is the function of a UA?
There are many different types of User Agents: Originating UAs communicate with recipient UAs of like types. Protocols such as Simple Mail Transfer Protocol (SMTP) provide a common basis for various UAs to exchange commonly-formatted (RFC 822) messages.
What is a S/MIME Clear-Signing?
This format is a clear-signing format. Recipients without any S/MIME or CMS processing facilities are able to view the message. It makes use of the multipart/signed MIME type described in [MIME-SECURE]. The multipart/signed MIME type has two parts. The first part contains the MIME entity that is signed; the second part contains the "detached signature" CMS SignedData object.
What are UAs?
User Agents are the end-systems that process messages.
Name some main and sub MIME types.
main types: application, audio, image, message, model, multipart, text, video sub types: text/plain: ASCII-text, text/html: HTML pages, etc.
What happens at a content-transfer-encoding?
the problem of the encoding scheme is not solved: Arbitrary Bits must be transferred to 7-Bit-ASCII characters
