Homework answers / question archive / After reading chapter 19, determine the impact that cryptography plays on email exchange

After reading chapter 19, determine the impact that cryptography plays on email exchange

Computer Science

Share With

After reading chapter 19, determine the impact that cryptography plays on email exchange.  Should a company encrypt their email traffic and what would be the disadvantage for encrypting the data. You are also required to post a response to a minimum of two other student in the class by the end of the week. 

post by varun

In many organizations today, the critical challenge is maintaining the business emails from getting compromised. It is getting quite challenging to prevent spam emails and malicious content sent by unknown individuals. Organizations deal with such emails efficiently by configuring the email services to filter the content and mask or stripe off attachments that could contain potential malware. Some ways to prevent cyber-attacks and malicious content via emails are to configure VoIP and electronic email services to filter the content coming from unknown sources, completely block the incoming traffic from flagged sources, and train employees to identify and report the fake emails and malicious popups from these emails. These are some of the best practices to prevent cyber-attacks via emails. (Scarfone, 2015)

Encrypting emails can prevent unauthorized access; some of the standard protocols used in email encryption are SSL (Secure Socket Layer), TLS (Transport Security Layer), and STARTS; these are some of these the protocols that are used for secure emails transmission.

The function of the STARTS protocol is to notify the email server and email client to convert the insecure connection into a secure connection. (Witts, 2021)

During the client sends and receives an email, it deals with Transport Control Protocol to establish a handshake with the email server. In this window, the email client communicates with the email server regarding characteristics such as which version of SSL or TLS is running and the suitable compression methods and cipher configuration. Once it confirms these characteristics, it initiates a verification by sending a digital certificate acceptable by the client’s application; once it is trusted, the key is exchanged between both parties, and it enables the encryption for the emails sent and received. TLS is the latest tool for securely encrypting emails; it is proven to be quite robust. (Witts, 2021)

It is quite essential to encrypt emails because a weak unprotected email can be easily intercepted and taken advantage of; it can cause loss of user personal information and financial information. The current email encryption software is automated; they do not require users to exchange keys. The cost is of encryption is cheaper because it does not use Public key infrastructure for generating keys. (Scarfone, K. 2015)

post from yesha

Cryptography plays a vital role in email exchange by ensuring secure communication between sender and receiver. Different methods are used to secure email communication. One method is the application of Secure Multipurpose Internet Mail Extension (S/MIME). This method offers a generation of digital signatures using Secure Hash Algorithm-256 (Stallings, 2019). The digital signature is transmitted together with the message. There is also the option of using detached signatures send separately. S/MIME also offers encryption by creating a one-time-key using Advanced Encryption Standard-128 (Stallings, 2019). This one-time key is itself encoded using the destination's public-key cryptosystem. S/MIME also allows the return of a signed receipt report from the receiver and supports the provision of security labels (Stallings, 2019). The Domain Name System Security Extension (DNSSEC) secures communication through the use of digital signatures verifiable by the destination's resolver software (Stallings, 2019). DNSSEC also eliminates trust issues brought by intermediate name servers and resolvers by establishing continuous trust, starting from the trust anchor (Stallings, 2019). DNS- Based Authentication of Names offers security by utilizing DNSSEC, especially in situations when CA is unavailable (Stallings, 2019). Sender Policy Framework (SPF) enables a receiver to verify a source's IP address against specific encoded policies found at the sender’s domain (Stallings, 2019). Domain Keys Identified Mail (DKIM) is another cryptography method that enables the mail addressee to verify that the message is from the domain owner by prompting the domain to retrieve the sender’s encrypted signature (Stallings, 2019). Domain-Based Message Authentication, Reporting, and Conformance (DMARC) security technique is meant to control spoofing by specifying the criteria for delivery reports send by recipients and the frequency at which these reports are sent (Stallings, 2019).

Companies should encrypt their email communication, although encryption has a few disadvantages. There are several advantages to encrypting email communication. First, it secures confidential information like bank details and salary details. This prevents financial loss and reputation damage (Lausch, 2017). Secondly, it ensures that message is not altered, thus passing the intended objective. It also prevents spoofing and identity theft. Encryption saves time because cumbersome steps of securing messages are skipped (Lausch, 2017). The disadvantages to encryption include user unfriendliness and technicality for some security solutions, high costs, especially for digital certificates, and lack of cooperation from some parties (Lausch, 2017).