Please enable JavaScript.
Coggle requires JavaScript to display documents.
(E-Mail Security β PGP & S/MIME) - Coggle Diagram
E-Mail Security β PGP & S/MIME
π Introduction to E-Mail Security
β Why it's needed
β οΈ Threats
Phishing
Spoofing
Eavesdropping
π‘οΈ Goals of Security
Confidentiality
Integrity
Authentication
Non-repudiation
π Pretty Good Privacy (PGP)
π€ Developed by: Phil Zimmermann
π How it works (Flow)
User composes message
Message hashed using SHA-1
Encrypted with symmetric key (AES/IDEA)
Symmetric key encrypted with recipientβs public key (RSA/DSA)
Digital signature added
𧱠Key Components (Tree)
ποΈ Public & Private Keys
π Key Rings
Public Key Ring
Private Key Ring
βοΈ Digital Signature
β Advantages
Strong security
Open-source
β Limitations
Complex key management
Not supported by all mail systems
π‘οΈ S/MIME (Secure/Multipurpose Internet Mail Extensions)
π‘ Based on MIME standard
ποΈ Uses X.509 certificates (PKI)
π How it works (Flow)
Message composed
Signed with senderβs private key
Encrypted using recipientβs public key
Sent and decrypted by recipient
𧱠Key Components (Tree)
π Public & Private Keys
ποΈ Certificate Authority (CA)
π Digital Certificate
β Advantages
Easy to use
Supported by most enterprise email clients
β Limitations
Centralized trust model (CA)
Can be expensive
βοΈ PGP vs. S/MIME (Comparison Tree)
π Key Management
PGP: Web of Trust
S/MIME: Centralized CA
π² Usability
PGP: Manual and user-dependent
S/MIME: Seamless integration
π Adoption
PGP: Open-source users
S/MIME: Corporates and businesses
π§ͺ Algorithms
PGP: RSA/DSA + AES + SHA
S/MIME: RSA + SHA + X.509
π References
William Stallings β
Cryptography and Network Security
Jonathan Rosenoer β
Cyber Law: The Law of Internet
John W Ritting House β
Cyber Security Operations Handbook