2. Table of Contents
Email Security Flaws
Encryption Techniques
Public key Infrastructure (PKI)
Pretty Good Privacy (PGP)
Application
Future Development
3. Email Security Flaws
Email is sent in plain text.
Email uses outdated protocol, Simple Mail
Transfer Protocol (SMTP).
Includes a header full of revealing metadata.
Can easily become intercepted.
4. Encryption Techniques - PKI
Public Key Infrastructure
Introduced public/private key encryption using
certificates
Relied on Third-Party vendors
Widely used in Corporate environment
https://en.wikipedia.org/wiki/Public_key_infrastructure#mediaviewer/File:Public-Key-Infrastructure.svg
5. Encryption Technique - PGP
Pretty Good Privacy
Decentralised version of PKI
Removed Third-Party Involvement
Uses ‘Web of Trust’ authentication
https://www.sandboxgeneral.com/?p=974
7. Future Development
Focus on End-to-End Email Encryption and
Usability
Dark Mail Project
Extensible Messaging and Presence Protocol
(XMPP)
http://www.darkmail.info
10. Works Cited
Bradbury, D. (2014, March). Can we make email secure? Network Security, 2014(3), 13-16.
Retrieved May 27, 2014, from ACM Database.
Ellison, C., & Schneier, B. (2000). Risks of pki: Secure email. Communications of the ACM,
43(1), 160.
Hallam-Baker P. (2014). Privacy protected email. Retrieved from
https://www.w3.org/2014/strint/papers/01.pdf
Nguyen P. (2004). Can we trust cryptographic software? cryptographic flaws in gnu privacy guard
V1.2.3. In C. Cachin and J. Camenisch (Eds.), Advances in Cryptology - EUROCRYPT 2004, 3027, 555-
570.
Shelley L. I. (2003). Organized crime, terrorism and cybercrime. In A. Bryden, P. Fluri (Eds.),
Security sector reform: Institutions, society and good governance (pp. 303-312).
Baden-Baden, DE: Nomos Verlagsgesellschaft.
Yu J., Cheval V., Ryan M. (2014). Challenges with end-to-end email encryption. Retrieved from
https://www.w3.org/2014/strint/papers/08.pdf