Security of network services
E-mail security

Usually, when an email is sent, its contents are open for anybody to read. Email is like sending a postcard: everybody who gets it in their hands can read it. To keep data sent via email confidential and/or authentic, it is necessary to encrypt it. In the case of confidentiality, only the intended recipient will be able to decipher the message while anybody else sees but gibberish.

The most accepted mechanisms to provide e-mail security are S/MIME and PGP.

S/MIME is a standard that provides the following cryptographic security services for electronic messaging applications: authentication, message integrity, non-repudiation of origin (using digital signatures) and data confidentiality (using encryption). The use of S/MIME requires digital certificates

Figure 16 shows how S/MIME is applied in order to provide confidentiality.

Fig. 16 – S/MIME confidentiality scheme