1 / 8

Internal Email Encryption TLS Protocol (Transport Layer Security)

Internal Email Encryption TLS Protocol (Transport Layer Security). Current Email Configuration. Messages transmitted in clear text. Mail Hub. Current Email Configuration. Future Email Configuration. Messages encrypted in transit. Mail Hub. TLS Transport Layer Security.

gannon
Download Presentation

Internal Email Encryption TLS Protocol (Transport Layer Security)

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Internal Email EncryptionTLS Protocol(Transport Layer Security)

  2. Current Email Configuration Messages transmitted in clear text Mail Hub Current Email Configuration

  3. Future Email Configuration Messages encrypted in transit Mail Hub

  4. TLSTransport Layer Security • A Protocol that ensures privacy between communicating applications. • TLS is composed of two layers: • TLS Record Protocol • TLS Handshake Protocol. • The TLS Handshake Protocol first negotiates a key exchange using an asymmetric algorithm such as RSA or Diffie-Hellman. • The TLS Record Protocol • Opens an encrypted channel using a symmetric algorithm such as RC4, IDEA, DES, or 3DES. • Hashing algorithms such as MD5 and SHA are used to ensure that communications are not altered in transit.

  5. TLSTransport Layer Security Security Benefits of Using TLS • Each mail server authenticates to the other, making it harder to send spoofed e-mail.Spoof: To deceive for the purpose of gaining access to someone else's resources • The contents of the e-mails sent between the servers are encrypted, protecting them from prying eyes while in transit. • The encryption of the conversation between the hosts makes it exceedingly difficult for an attacker to tamper with the e-mail's contents. • Low cost to implement, excellent ROI

  6. TLS Implementation Progress Resources Required • OET is hiring an independent contractor to assist with agency implementations • SOW is in process • Scheduling agency implementations in early December, 2006.

  7. Questions

  8. Rick EnsenbachCISSP-ISSMP, CISA, CISM Rick.Ensenbach@state.mn.us 651.201.2790 Joe Arel Joe.Arel@state.mn.us 651.201.1031

More Related