When an e-mail message is sent between two distant sites, it will generally transit dozens of machines on the way. Any of these can read and record the message for future use. In practice, privacy is nonexistent, despite what many people think. Nevertheless, many people would like to be able to send e-mail that can be read by the intended recipient and no one else: not their boss and not even their government. This desire has stimulated several people and groups to apply the cryptographic principles we studied earlier to e-mail to produce secure e-mail. In the following sections we will study a widely-used secure e-mail system, PGP, and then briefly mention two others, PEM and S/MIME. For additional information about secure e-mail.
PGP supports four RSA key lengths. It is up to the user to select the one that is most appropriate. The lengths are
- Casual (384 bits): can be broken easily today.
- Commercial (512 bits): breakable by three-letter organizations.
- Military (1024 bits): Not breakable by anyone on earth.
- Alien (2048 bits): Not breakable by anyone on other planets, either.
Since RSA is only used for two small computations, everyone should use alien strength keys all the time.
Key management has received a large amount of attention in PGP as it is the Achilles heel of all security systems. Key management works as follows. Each user maintains two data structures locally: a private key ring and a public key ring. The private key ring contains one or more personal private-public key pairs. The reason for supporting multiple pairs per user is to permit users to change their public keys periodically or when one is thought to have been compromised, without invalidating messages currently in preparation or in transit. Each pair has an identifier associated with it so that a message sender can tell the recipient which public key was used to encrypt it. Message identifiers consist of the low-order 64 bits of the public key. Users are responsible for avoiding conflicts in their public key identifiers. The private keys on disk are encrypted using a special arbitrarily long password to protect them against sneak attacks.
The public key ring contains public keys of the user's correspondents. These are needed to encrypt the message keys associated with each message. Each entry on the public key ring contains not only the public key, but also its 64-bit identifier and an indication of how strongly the user trusts the key.
- White Bean and Parsnip Vegetable Soup
- Spicy Vegetable Korma with Chana Dal in a Cashew Coconut Tomato Sauce
- Chickpea Flour Scramble
- Savory Indian Potato Cakes
- Slow Cooker Spanish Chorizo Chickpea Stew
- Mung Beans in a Golden Karhi Sauce
- Urad Dal with Spices
- Pumpkin Pie Pudding with Banana and Avocado
- Chickpeas with Yogurt and Fresh Mustard Greens
- Spicy Kidney Bean and Chickpea Stew
0 Response to "[Information] E-Mail Security"
Post a Comment