Available:*
Library | Item Barcode | Call Number | Material Type | Item Category 1 | Status |
---|---|---|---|---|---|
Searching... | 30000010335012 | TK5105.73 O67 2014 | Open Access Book | Book | Searching... |
On Order
Summary
Summary
"This book offers a comprehensive understanding of secure Internet messaging, and brings together all the relevant and critical information needed to use OpenPGP and S/MIME-compliant software. It explores the conceptual and technical approaches followed by the developers of both OpenPGP and S/MIME, and gives a thorough treatment of the latest and most-effective technologies for secure messaging. Ideal for security and network managers, as well as professional system and network administrators, this easy-to-understand book is a complete guide to OpenPGP, S/MIME, Web-based and gateway solutions, certified mail, delivery platforms, and instant messaging. "
Author Notes
Rolf Oppliger received his M.Sc. and Ph.D. in Computer Science from the University of Berne, Switzerland, and the Venia Legendi in Computer Science from the University of Zürich, Switzerland.
Oppliger is the founder and owner of eSECURITY Technologies Rolf Oppliger (www.esecurity.ch) and works for the Swiss Federal Strategy Unit for Information Technology (FSUIT) . He is also the author of Security Technologies for the World Wide Web (Artech House, 1999) , Internet and Intranet Security (Artech House, 1998), and Authentication Systems for Secure Networks (Artech House, 1996). Dr. Oppliger is the computer security series editor at Artech House.
050
Table of Contents
Preface | p. xi |
Acknowledgments | p. xv |
Chapter 1 Introduction | p. 1 |
Chapter 2 Internet Messaging | p. 9 |
2.1 Introduction | p. 9 |
2.2 Internet Message Format | p. 13 |
2.2.1 Header Section | p. 14 |
2.2.2 Message Body | p. 18 |
2.2.3 MIME | p. 18 |
2.3 Internet Messaging Protocols | p. 21 |
2.3.1 Message Transfer and Delivery | p. 22 |
2.3.2 Message Store Access | p. 26 |
2.3.3 Directory Access | p. 28 |
2.4 Final Remarks | p. 29 |
Chapter 3 Cryptographic Techniques | p. 33 |
3.1 Introduction | p. 33 |
3.1.1 Preliminary Remarks | p. 33 |
3.1.2 Cryptographic Systems | p. 35 |
3.1.3 Classes of Cryptographic Systems | p. 37 |
3.1.4 Secure Cryptosystems | p. 38 |
3.1.5 Historical Background Information | p. 41 |
3.2 Cryptosystems Overview | p. 42 |
3.2.1 Unkeyed Cryptosystems | p. 43 |
3.2.2 Secret Key Cryptosystems | p. 48 |
3.2.3 Public Key Cryptosystems | p. 54 |
3.3 Final Remarks | p. 67 |
Chapter 4 Certificate Management | p. 73 |
4.1 Introduction | p. 73 |
4.2 X.509 Certificates | p. 78 |
4.2.1 Certificate Format | p. 78 |
4.2.2 Hierarchical Trust Model | p. 81 |
4.3 OpenPGP Certificates | p. 84 |
4.3.1 Certificate Format | p. 84 |
4.3.2 Cumulative Trust Model | p. 85 |
4.4 Final Remarks | p. 86 |
Chapter 5 Secure Messaging | p. 91 |
5.1 Threats and Attacks | p. 91 |
5.1.1 Passive Attacks | p. 92 |
5.1.2 Active Attacks | p. 94 |
5.2 Secure Messaging | p. 97 |
5.2.1 What Does "Secure Messaging" Mean? | p. 97 |
5.2.2 How Can "Secure Messaging" Be Implemented? | p. 99 |
5.3 Final Remarks | p. 100 |
Chapter 6 OpenPGP | p. 103 |
6.1 Origins and History | p. 103 |
6.2 Technology | p. 106 |
6.2.1 Preliminary Remarks | p. 106 |
6.2.2 Key ID | p. 108 |
6.2.3 Message Format | p. 109 |
6.2.4 PGP/MIME | p. 114 |
6.2.5 Supported Algorithms | p. 117 |
6.2.6 Message Processing | p. 122 |
6.2.7 Cryptographic Keys | p. 128 |
6.3 Web of Trust | p. 130 |
6.3.1 Keyrings | p. 130 |
6.3.2 Trust Establishment | p. 132 |
6.3.3 Key Revocation | p. 137 |
6.3.4 Key Servers | p. 139 |
6.4 Security Analysis | p. 141 |
6.4.1 Specification | p. 141 |
6.4.2 Implementations | p. 142 |
6.5 Final Remarks | p. 144 |
Chapter 7 S/MIME | p. 149 |
7.1 Origins and History | p. 149 |
7.2 Technology | p. 152 |
7.2.1 Message Formats | p. 153 |
7.2.2 Cryptographic Algorithms | p. 162 |
7.2.3 Attributes | p. 166 |
7.2.4 Enhanced Security Services | p. 167 |
7.3 Certificates | p. 170 |
7.4 Security Analysis | p. 171 |
7.5 Final Remarks | p. 172 |
Chapter 8 Web-Based Messaging | p. 175 |
8.1 Introduction | p. 175 |
8.2 Service Providers | p. 177 |
8.3 Final Remarks | p. 180 |
Chapter 9 Gateway Solutions | p. 183 |
9.1 Introduction | p. 183 |
9.2 Products and Solutions | p. 185 |
9.2.1 Totemomail Encryption Gateway | p. 186 |
9.2.2 SEPPmail | p. 187 |
9.3 Final Remarks | p. 188 |
Chapter 10 Certified Mail | p. 191 |
10.1 Introduction | p. 191 |
10.2 Solutions | p. 194 |
10.2.1 Ad Hoc Solutions | p. 194 |
10.2.2 TTP-Based Solutions | p. 197 |
10.3 Message Delivery Platforms | p. 200 |
10.4 Final Remarks | p. 201 |
Chapter 11 Instant Messaging | p. 205 |
11.1 Introduction | p. 205 |
11.2 IM Security | p. 207 |
11.3 Off-the-Record Messaging | p. 210 |
11.4 Final Remarks | p. 213 |
Chapter 12 Research Challenges and Open Questions | p. 215 |
12.1 Spam Protection | p. 215 |
12.2 P2P Principles and Technologies | p. 217 |
12.3 New Approaches and Architectures | p. 219 |
Chapter 13 Conclusions and Outlook | p. 221 |
Appendix A Character Sets | p. 225 |
A.1 ASCII | p. 225 |
A.2 ISO/IEC 8859 | p. 227 |
A.3 Unicode | p. 227 |
A.4 ISO/IEC 10646-1, UCS, and UTF-8 | p. 228 |
Appendix B Transfer Encoding Schemes | p. 229 |
B.1 Quoted-Printable | p. 229 |
B.2 UU | p. 230 |
B.3 Base-64 | p. 234 |
B.4 Radix-64 | p. 235 |
Appendix C ASN.1 and Encoding Rules | p. 237 |
C.1 ASN.1- X.680 | p. 237 |
C.1.1 Simple Types | p. 239 |
C.1.2 Structured Types | p. 241 |
C.1.3 Tagged Types | p. 242 |
C.1.4 Other Types | p. 243 |
C.2 Encoding Rules-X.690 | p. 243 |
Appendix D Public Key Cryptography Standards | p. 247 |
Abbreviations and Acronyms | p. 251 |
About the Author | p. 257 |
Index | p. 259 |