Questions tagged [s-mime]

Secure/Multipurpose Internet Mail Extensions, or short S-MIME, is a standard for public key encryption and signing of MIME data.

S/MIME provides the following cryptographic security services for electronic messaging applications:

authentication,
message integrity,
non-repudiation of origin (using digital signatures),
privacy and data security (using encryption).

S/MIME specifies the MIME type application/pkcs7-mime (smime-type "enveloped-data") for data enveloping (encrypting) where the whole (prepared) MIME entity to be enveloped is encrypted and packed into an object which subsequently is inserted into an application/pkcs7-mime MIME entity.

11 questions

votes

2 answers

Is the software that uses PGP broken, or is it PGP itself?

PGP is all over the news (even on TV) and there seems to be a lot of confusion about it. For the time being, people face articles like Attention PGP users: new vulnerabilities require you to take action now which tell readers to deactivate their PGP…

asked May 14 '18 at 17:39

Mike Edward Moras

18,161
12
87
240

votes

3 answers

Is there benefit to signing unencrypted emails?

I came to this article from another comment on Crypto StackExchange. After reading it, I am wondering if there is any benefit to using a digital signature on unencrypted S/MIME emails?

encryption signature s-mime

asked Sep 27 '14 at 20:24

Nikolay Spassov

votes

2 answers

Can S/MIME be still considered secure?

Previoulsy I had asked this question at https://stackoverflow.com/questions/18235983/can-s-mime-be-still-considered-secure but I feel this forum is topic-wise the right place. Recently there has been a discussion whether secret service agencies have…

public-key certificates s-mime

asked Sep 07 '13 at 15:15

user2683038

votes

1 answer

Which algorithm to use for S/MIME

I'm wondering if the algorithm 1.2.840.113549.1.1.1 (rsaEncryption) is still secure to use for S/MIME encryption. I'm afraid that the scheme is vulnerable against attacks against raw/textbook RSA. I'm considering to change to 1.2.840.113549.1.1.7…

rsa s-mime

asked Nov 12 '18 at 14:37

0xcd

votes

1 answer

Why does 3DES need private key to decrypt?

I create two files, my.cer and my.pem ( include certificate and private key), I encrypt a file with my.cer, I use openssl smime -encrypt command. When decrypting data, it needs my.pem. I think 3DES is symmetric cryptography so it should just need…

encryption openssl 3des s-mime

asked Jun 16 '16 at 03:51

user2693571

votes

2 answers

Security of S/MIME in case of CA compromise

Suppose Alice and Bob are exchanging messages using S/MIME, protected by certificates that have been issued by either the same CA or by two mutually independent CAs. There exists an adversary Mallory who wants to get the ability to compromise the…

pki man-in-the-middle s-mime

asked Sep 08 '13 at 06:56

Henrick Hellström

10,556
1
32
59

vote

1 answer

Does CMS AuthEnvelopedData type provide message authentication?

I was looking through the S/MIME Message specification (RFC 8551) to find out what security services it offers. Section 2.4.4 of this document describing AuthEnvelopedData content type (which uses the CMS type of the same name) says: This content…

authentication authenticated-encryption integrity cms s-mime

asked Jan 14 '22 at 21:48

Kirill Khakimov

vote

0 answers

PKCS#7 digest encryption algorithm - difference between rsaEncryption and sha256WithRsaEncryption

As part of our linux secure boot implementation using dm-verity and root hash signature checking, I need to sign a file with the following openssl command (example): openssl smime -sign -nocerts -noattr -binary -in unsigned.txt -inkey private.key…

rsa openssl pkcs1 cms s-mime

asked Sep 22 '21 at 16:56

Werner Breitwieser

vote

1 answer

extract ciphertext from encrypted SMIME file

the main question of this message is how to get the true ciphertext from S/MIME file? I created RSA keys and encrypted a message with S/MIME as follow : 1) generate private key : openssl genrsa -out maCle.pem 1024 2) create certificate(public key)…

openssl s-mime cms

asked Nov 16 '14 at 13:32

user2199104

votes

1 answer

Can I use a government-issued certificate in Outlook?

My government issues certificates for many purposed, including e-mail signing. The government doesn't provide e-mail addresses, but it does declare my e-mail in the certificate. Can I use this certificate to sign e-mail in S/MIME? Can I use this…

signature s-mime

asked Oct 11 '19 at 15:30

KrNeki

votes

0 answers

Self-signed certificate for S/MIME signature

I'm trying to programatically send an email with an S/MIME signature using a self-signed certificate, but Thunderbird keeps showing an error on the signature. Digital signature is not valid This message includes a digital signature, but the…

signature openssl certificates s-mime

asked Sep 19 '24 at 09:42

Martin Devillers