PrepAway - Latest Free Exam Questions & Answers

What kind of encryption is realized in the S/MIME-standard?

What kind of encryption is realized in the S/MIME-standard?

PrepAway - Latest Free Exam Questions & Answers

A.
Asymmetric encryption scheme

B.
Password based encryption scheme

C.
Public key based, hybrid encryption scheme

D.
Elliptic curve based encryption

Explanation:
Secure MIME (S/MIME) is a standard for encrypting and digitally signing electronic mail and for providing
secure data transmissions. S/MIME extends the MIME standard by allowing for the encryption of e-mail and
attachments. The encryption and hashing algorithms can be specified by the user of the mail package, instead
of having it dictated to them. S/MIME follows the Public Key Cryptography Standards (PKCS). S/MIME provides
confidentiality through encryption algorithms, integrity through hashing algorithms, authentication through the
use of X.509 public key certificates, and nonrepudiation through cryptographically signed message digests.
A user that sends a message with confidential information can keep the contents private while it travels to its
destination by using message encryption. For message encryption, a symmetric algorithm (DES, 3DES, or in
older implementations RC2) is used to encrypt the message data. The key used for this process is a one-time
bulk key generated at the email client. The recipient of the encrypted message needs the same symmetric key
to decrypt the data, so the key needs to be communicated to the recipient in a secure manner. To accomplish
that, an asymmetric key algorithm (RSA or Diffie-Hellman) is used to encrypt and securely exchange the
symmetric key. The key used for this part of the message encryption process is the recipient’s public key.
When the recipient receives the encrypted message, he will use his private key to decrypt the symmetric key,
which in turn is used to decrypt the message data.
As you can see, this type of message encryption uses a hybrid system, which means it uses both symmetric
and asymmetric algorithms. The reason for not using the public key system to encrypt the data directly is that it
requires a lot of CPU resources; symmetric encryption is much faster than asymmetric encryption. Only the
content of a message is encrypted; the header of the message is not encrypted so mail gateways can read
addressing information and forward the message accordingly.
Incorrect Answers:
A: The S/MIME-standard does not use asymmetric encryption to encrypt the message; for message encryption,
a symmetric algorithm is used. Asymmetric encryption is used to encrypt the symmetric key.
B: The S/MIME-standard does not use a password based encryption scheme.
D: The S/MIME-standard does not use Elliptic curve based encryption.

Harris, Shon, All In One CISSP Exam Guide, 6th Edition, McGraw-Hill, 2013, p. 850
http://www.techexams.net/technotes/securityplus/emailsecurity.shtml


Leave a Reply