Deck 19: Electronic Mail Security

PGP incorporates tools for developing public-key certificate management and a public-key trust model.

The objective of MIME Transfer Encodings is to provide reliable delivery across the largest range of environments.

To enhance security an encrypted message is not accompanied by an encrypted form of the session key that was used for message encryption.

Only single user IDs may be associated with a single public key on the public-key ring.

Native form is a format,appropriate to the content type,that is standardized for use between systems.

A means of generating predictable PGP session keys is needed.

As a default,PGP compresses the message after applying the signature but before encryption.

A message component includes the actual data to be stored or transmitted as well as a filename and a timestamp that specifies the time of creation.

For the text type of body no special software is required to get the full meaning of the text aside from support of the indicated character set.

PGP provides confidentiality through the use of asymmetric block encryption.

The key legitimacy field is derived from the collection of signature trust fields in the entry.

Each PGP entity must maintain a file of its own public/private key pairs as well as a file of private keys of correspondents.

PGP has a very rigid public-key management scheme.

The MIME-Version field must have the parameter value 1.0 in order for the message to conform to RFCs 2045 and 2046.

PGP makes use of four types of keys: public keys,private keys,one-time session keys,and ___________ symmetric keys.

The key legitimacy field,the signature trust field and the owner trust field are each contained in a structure referred to as a ___________ .

PGP provides compression using the __________ algorithm.

To provide transparency for e-mail applications,an encrypted message may be converted to an ASCII string using _________ conversion.

The _________ type refers to other kinds of data,typically either uninterpreted binary data or information to be processed by a mail-based application.

Computed by PGP,a _________ field indicates the extent to which PGP will trust that this is a valid public key for this user;the higher the level of trust,the stronger the binding of this user ID to this key.

__________ is a security enhancement to the MIME Internet e-mail format standard based on technology from RSA Data Security.

The __________ MIME field describes the data contained in the body with sufficient detail that the receiving user agent can pick an appropriate agent or mechanism to represent the data to the user or otherwise deal with the data in an appropriate manner.

___________ is an open-source,freely available software package for e-mail security.

The _________ transfer encoding is useful when the data consists largely of octets that correspond to printable ASCII characters.

The _________ transfer encoding,also known as radix-64 encoding,is a common one for encoding arbitrary binary data in such a way as to be invulnerable to the processing by mail-transport programs.

A specification for cryptographically signing e-mail messages permitting a signing domain to claim responsibility for a message in the mail stream,_________ allow message recipients to verify the signature by querying the signer's domain directly to retrieve the appropriate public key and thereby confirming that the message was attested to by a party in possession of the private key for the signing domain.

A _________ is formed by taking the message digest of the content to be signed and then encrypting that with the private key of the signer,which is then encoded using base64 encoding.

The __________ is a directory lookup service that provides a mapping between the name of a host on the Internet and its numerical address.

S/MIME provides the following functions: enveloped data,signed data,clear signed data,and ________ .