Email Security Flashcards

1
Q

What are the four main services PGP provides?

A

Pretty Good Privacy provides confidentiality, authentication, compression and compatibility.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

True or false, PGP only works on linux operation systems?

A

False, it is independent of OS.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

How does PGP authenticate?

A

Digital Signatures. SHA-1 is used to generate a 160 bit hash code. This Hash is then encrypted using RSA with the sender’s private key.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

How does PGP provide integrity?

A

With the hash code generated in the digital signature.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Which symmetric encryption algorithms does PGP use?

A

CAST-128, IDEA or 3DES

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

How many times are symmetric keys reused in PGP? How long are these keys?

A

They are not reused. For each message, a new set of symmetric keys are generated and shared. The keys are 128 bits.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

How are the keys exchanged in PGP?

A

Since the key is only used once, the symmetric key is bound to the message, and transmitted with it (after being encrypted with the receiver’s public key). There is an option to use Diffie Hellman for key exchange.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Do we encrypt the digital signature in PGP?

A

Yes, we encrypt it with the plaintext.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

How does PGP compress what it sends? When does compression take place?

A

Using ZIP. This is done after signing, but before encrypting.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Which algorithm does PGP use for email compatibility?

A

Radix-64

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What algorithm is S/MIME based on?

A

RSA

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

What are the four S/MIME functions?

A

Enveloping data, signing data, clear-signing data, signing and enveloping data.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

What is S/MIME enveloping?

A

It involves encrypting any type of data.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Why might we need to clear-sign data in S/MIME?

A

To allow users who don’t use S/MIME to view the message.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Which algorithms does S/MIME use? Think about digital signatures, exchanging session keys, hashing, message encryption.

A

For digital signatures: DSS or RSA. For session key exchange: Diffie Hellman. For generating a hash for digital signatures: SHA-1. For message encryption: 3DES.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

How do PGP and S/MIME use certificates?

A

S/MIME’s trust model is based around the use of CAs, but PGP has a more anarchic trust model.

17
Q

How are message signatures verified in DKIM?

A

The receiver will verify by querying the sender’s domain directly, to obtain the appropriate public key.

18
Q

Name some problems which DKIM can address?

A

Spam emails from unknown ips. Bulk spam attackers. Email based fraud schemes.

19
Q

Which key signs a DKIM message?

A

The private key of the administrative domain from which the email originates.

20
Q

Who queries the signatures?

A

The Mail Delivery Agent at the receiver end.

21
Q

True or false, with S/MIME messages can still be secure if only one of the parties is using S/MIME?

A

False.

22
Q

True or false, DKIM is not transparent to the user, as it takes place in their Message User Agent?

A

False. It is transparent and does not take place in the user agent.

23
Q

What algorithm does DKIM use to sign?

A

RSA with SHA-256

24
Q

If Alice wants to send Bob a message with PGP, how is the session key generated?

A

Alice will generate this, and encrypt it with Bob’s public key, and append it to the message.

25
Q

Which protocol authenticates mail as coming from a certain domain?

A

DKIM

26
Q

In which protocol are clients required to authenticate themselves before submitting emails for delivery.

A

SMTP/Auth

27
Q

Which protocol authenticates an email message as coming from an organization’s authorized MTA.

A

SPF

28
Q

Which protocol publishes Information about an organization’s authorized MTAs in DNS.

A

SPF

29
Q

Which protocol ensures that email is submitted from a properly configured email client (and not a spam sending virus or open relay, for instance).

A

Smart Host

30
Q

In which protocol is outgoing email submitted via the ISP’s MTA.

A

Smart Host

31
Q

Where are PGP and S/MIME implemented?

A

In the mail user agent.

32
Q

Name one problem with SMTP?

A

There is no built in authentication. The MAIL FROM field is set by the sender, and the recipients mail server only sees the IP address of the direct peer from which it received the message.

33
Q

What is an open relay, and what might it do if it is hacked?

A

An open relay will forward SMTP messages to any destination. Normally, they will add the correct “RECEIVED” header revealing the IP source of the message, but a hacked one might not.

34
Q

Why might spammers want to hide the source of their mail?

A

To avoid blacklists. This is why they often use botnets.

35
Q

Name and describe some measures against spam.

A

Blacklisting dodgy IP addresses.
Greylisting new senders.
Use smart hosts, which do not allow outgoing traffic from their customers to port 25, and instead they must use their ISPs SMTP relay to send outgoing mail.
Use SMTP-auth, where the sender is required to authenticate first.
Use POP before SMTP, where you must check for incoming mail, before sending.