DOC PREVIEW
MASON ECE 646 - PGP versus S/MIME

This preview shows page 1-2-3 out of 8 pages.

Save
View full document
View full document
Premium Document
Do you want full access? Go Premium and unlock all 8 pages.
Access to all documents
Download any document
Ad free experience
View full document
Premium Document
Do you want full access? Go Premium and unlock all 8 pages.
Access to all documents
Download any document
Ad free experience
View full document
Premium Document
Do you want full access? Go Premium and unlock all 8 pages.
Access to all documents
Download any document
Ad free experience
Premium Document
Do you want full access? Go Premium and unlock all 8 pages.
Access to all documents
Download any document
Ad free experience

Unformatted text preview:

PGP versus S/MIMEAGENDAOpenPGP OverviewS/MIME Version 3 OverviewApplication to 100 UsersApplication to 1,000 UsersApplication to Up To 20,000 UsersConclusionsPGP versus S/MIMEAPPLICATION TO LARGE ENTERPRISESTom KramlikECE590:003AGENDA• OpenPGP and S/MIME version 3 Overview• Application to 100 Users• Application to 1,000 Users• Application to 20,000 Users• ConclusionsOpenPGP Overview• Major change: incorporates X.509 certificates• Compatible with MIME messages• Special export versions available • Compatible with popular software• Mandates non-proprietary technology, with options for other technologyAlgorithm Mandatory OptionalDigest Algorithm SHA-1 MD5Signature Algorithm DSS RSASession Key Encryption Diffie-Hellman (ElGamal) RSAContent Encryption Triple-DES (CFB-mode) IDEA, CAST-128Message Authentication Codes HMAC with SHA-1 NoneS/MIME Version 3 Overview• A secure extension to MIME format• Relies on use of public key infrastructure• Incorporated into many of most popular commercial communications products• Mandated technologies are non-proprietary, and the same as OpenPGPAlgorithm Manda tory OptionalDigest Algorithm SHA-1 MD5Signature Algorithm DSS RSASession Key Encryption Diffie Hellman (ElGamal) RSAContent Encryption Triple-DES (CBC-mode) RC2 (CBC-mode)Message Authentication Codes HMAC with SHA-1 NoneApplication to 100 Users• Commercial PGP and S/MIME products have similar cost– S/MIME integrated into popular products– Free versions of PGP available, and some commercial options low cost• Less expensive to use web-of-trust than public key infrastructure– Small enough for use of web-of-trust– Depends on need for legally binding signatures• Advantage: PGPApplication to 1,000 Users• Scale of organization is too large for multiple individual webs-of-trust for all users– Requires server to coordinate certificates and avoid duplication of effort– However, much more cost effective to use informal than formal PKI certificates; corporate effort to maintain web-of-trust• PGP and S/MIME products support socket-layer encryption– Desk-top encryption only for those who need to use legally binding digital signatures• Advantage: TieApplication to Up To 20,000 Users• Public key infrastructure becomes necessary• Competition between S/MIME and PGP security servers rather than desktop competition– S/MIME advantage to a large company as integrated security solution in existing software is less attractive than the PKI savings of encrypting from server based application– PGP and S/MIME solutions very similar at server level• Costs for S/MIME products are better than for PGP• Advantage: S/MIMEConclusions• Competition between the standards is not over, and the IETF will continue to consider both• For all size organizations, there are competitive benefits to using each standard– Availability of integrated solutions favors S/MIME– Informal web-of-trust and X.509 compatibility favors PGP• Netscape and Microsoft distribute products with S/MIME, so potential for defacto standard exists• Associated PKI costs will be major


View Full Document

MASON ECE 646 - PGP versus S/MIME

Documents in this Course
Load more
Download PGP versus S/MIME
Our administrator received your request to download this document. We will send you the file to your email shortly.
Loading Unlocking...
Login

Join to view PGP versus S/MIME and access 3M+ class-specific study document.

or
We will never post anything without your permission.
Don't have an account?
Sign Up

Join to view PGP versus S/MIME 2 2 and access 3M+ class-specific study document.

or

By creating an account you agree to our Privacy Policy and Terms Of Use

Already a member?