Friday, August 12, 2011

Use of S MIME technology for securing online communication - The authenticity of sender... (Page 2 of 3 )

Friday, August 12, 2011
1. Authentication: The authenticity of sender of message
2. Message integrity: The data cannot be modified / changed on sending

3. Non-Repudiation of origin: The sender cannot repudiate later

4. Confidentiality: Data is hidden from all those unauthorized to read it

The digitally signed e-mail tends to increase recipients trust in email infrastructure. S/MIME functionality is built into the vast majority of modern e-mail software and interoperates between them. Financial organizations, retailers and other business entities doing business on internet or exchanging confidential information must adopt the practice of digitally-signing their mail to customers with S/MIME signatures using a certificate signed by a widely-published CA's.

S/MIME uses two X. 509 certificates. The author digitally signs the email with their private key. The message is then encrypted using recipients public key and sent. When message reaches the recipient the message is decrypted with the recipient's private key, and the verified usign author's public key.

One of the reasons S/MIME has not become popular with end users is the lack of awareness of the technology and its benefits. Another barrier in adopting e-mail security techniques has been the deployment of different and mutually incompatible standards for email security like Privacy Enhanced Mail (PEM), Open PGP, and S/MIME.


Post a Comment