Page 453 - (ISC)² CISSP Certified Information Systems Security Professional Official Study Guide
P. 453
encryption/decryption algorithm, and the SHA-1 hashing function.
Many commercial providers also offer PGP-based email services as
web-based cloud email offerings, mobile device applications, or
webmail plug-ins. These services appeal to administrators and end
users because they remove the complexity of configuring and
maintaining encryption certificates and provide users with a managed
secure email service. Some products in this category include StartMail,
Mailvelope, SafeGmail, and Hushmail.
S/MIME
The Secure/Multipurpose Internet Mail Extensions (S/MIME)
protocol has emerged as a de facto standard for encrypted email.
S/MIME uses the RSA encryption algorithm and has received the
backing of major industry players, including RSA Security. S/MIME
has already been incorporated in a large number of commercial
products, including these:
Microsoft Outlook and Office 365
Mozilla Thunderbird
Mac OS X Mail
GSuite Enterprise edition
S/MIME relies on the use of X.509 certificates for exchanging
cryptographic keys. The public keys contained in these certificates are
used for digital signatures and for the exchange of symmetric keys
used for longer communications sessions. RSA is the only public key
cryptographic protocol supported by S/MIME. The protocol supports
the AES and 3DES symmetric encryption algorithms.
Despite strong industry support for the S/MIME standard, technical
limitations have prevented its widespread adoption. Although major
desktop mail applications support S/MIME email, mainstream web-
based email systems do not support it out of the box (the use of
browser extensions is required).
Web Applications
