Rights Management and Encryption Part 2: Secure Multipurpose Internet Mail Extension

Video Activity
Join over 3 million cybersecurity professionals advancing their career
Sign up with
or

Already have an account? Sign In »

Time
6 hours 59 minutes
Difficulty
Intermediate
CEU/CPE
7
Video Transcription
00:00
Welcome back sideburns to the M s. 3. 65 Security Administration. Course.
00:05
I'm your senator, Jim Daniels.
00:08
And we're a module for in this for 65 for protection
00:12
rights management in encryption
00:14
secure, multipurpose Internet Mel extension
00:19
in this lesson.
00:21
Unlike the mind Bulow, we're gonna ask you listen
00:24
and learn how s mime and email signatures are applied within M s 3. 65.
00:30
We have a little bit of fun. This wasn't
00:33
so Here are two examples of secure minds.
00:36
In the first example, we see that there are two minds that air in a Well, it's like a old school prison like a cell.
00:44
And the other one,
00:46
they're actually in a
00:47
invisible sale, one of them trying to push out and the other is riding on the invisible bars.
00:54
So secure mine.
00:56
Here we go. This is two examples.
00:59
Let's look at some famous duos.
01:00
Famous duos. We have Wayne and Garth.
01:04
We have Barton, Ernie PB and J went Millie. We have the nilly Mario E. G went Woody and Buzz Lightyear, Beavis and Butthead. Who can forget them? Right?
01:15
But perhaps
01:17
the most famous duo of all
01:19
is the old do of digital signatures, plus a message encryption.
01:26
I guarantee you, when you sat down to watch his video, you have zero clue
01:30
that Beavis and Butthead and digital signatures a message encryption. We're gonna be in the same sentence.
01:38
You're welcome.
01:40
Digital signatures provide
01:42
authentication,
01:44
non repudiation and data integrity.
01:47
Message encryption provides confidentiality
01:49
and data integrity.
01:52
Again. Message encryption does not provide authentication.
01:57
Confidentiality? Yes, but authentication no
02:01
s mime is based on using certificates that worked with a product key and public key.
02:07
If you sign a message with a product key, you can only be validated by using the public key.
02:14
Somebody encrypts a message with the public key. It can only be decrypted with the private key.
02:21
Let's look at the digital signatures with That's fine
02:24
Again, they provide several capabilities
02:28
authentication,
02:30
non repudiation and that ends agree
02:32
authentication
02:34
and a signature works by allowing the recipient to know the message was sent by the personal organization and claims to have sent the message.
02:42
It is authentically from that person or that organization.
02:46
The uniqueness of a signature prevents the owner of a signature from disowning the signature
02:53
that's called non repudiation.
02:54
You can't say Hey, it wasn't me,
02:58
right? Non repudiation.
03:00
If you have kids
03:00
that make a mess,
03:02
those kids blame it on the other one, right? So how it works,
03:07
so there's no non repudiation in that situation. However,
03:12
if one kid had fingerprints all over
03:14
or you had your camera, that will provide non repudiation because, you know kid number two days.
03:20
Data integrity is a result of specific operations that make digital signatures possible.
03:27
Although digital signatures provide that integrity,
03:30
they do not provide confidentiality
03:32
to apply digital signature.
03:36
It works by performing a signing operation on the text of the email message when the messages sent
03:42
and verifying that operation when it's red.
03:45
So the center sounds a message message sent. Recipient
03:49
has a sign. Message verified. There you go,
03:53
one under the hood.
03:53
The message. Bodies captured. The hash is calculated.
03:58
The centers private keys retrieved. The hash value is in Krivda with the centers product key
04:03
and crypto hash Value is appended to the message, and the message is set.
04:09
So that's what happens when a signature is applied. So the receiver gets all of that information.
04:15
When they're recipient opens
04:16
that message verification is performed.
04:20
So again, the message received.
04:24
Encrypted hash is retrieved,
04:26
the bodies retrieved.
04:28
The hash has calculated the public he's retrieved
04:31
in crypto hash is decrypt it with the senders. Public key
04:35
decrypt a hash is compared with a calculator. Hash
04:40
everything. Masses.
04:41
It's validated.
04:43
The signature is verified.
04:45
If somebody intercepts it,
04:48
it changes the thumbprint of the message. If they tamper with it, it changes the thumbprint
04:55
so the validation will fill.
04:58
Encryption is a way to change the content so it cannot be read or understood until it's changed back
05:03
to a readable and understandable for
05:06
message. Encryption provides to services,
05:09
confidentiality and data integrity.
05:12
The message isn't credited by utilizing recipients public. He
05:15
available to everyone because it's public,
05:17
says it right in the name public.
05:20
Thus, message encryption does not provide off indication,
05:25
and it does not provide repudiation.
05:27
Message Encryption makes the content unreadable. Performance encryption operation When it set.
05:32
So the center
05:33
encrypts the message
05:35
sends it, and recipient must decrypt a message.
05:40
The way this works,
05:41
the bodies captured
05:43
the public he's retrieved.
05:45
The one time session key is generated. The message body is encrypted with that session. Key
05:50
concession keys encrypted with the recipients public he
05:55
session keys added to the encrypted message the message sent.
06:00
So then, when the recipient guessing and they decrypt it,
06:04
give the message. In
06:05
the creative message. Body and session key are retrieved.
06:10
The product key is retrieved from the recipient.
06:14
The session keys decrypted with the recipients. Private Key.
06:17
The message body is decrypted with a decrypted session key,
06:21
and then the decrypted messages returned to the recipient
06:26
Digital State in Terms and Message encryption are not mutually exclusive.
06:30
The two services are designed to be used in conjunction with each other
06:33
because each sigh separately. Address is one side of the sender recipient relationship.
06:40
Triple wrap messages.
06:43
One of my favorite things Air triple wrapped.
06:45
The Triple wrap Trump's Supreme
06:46
look at that. I mean, it's just beefy and cheesy and
06:49
crunchy and melty.
06:53
If you're for Taco Bell and you're looking for sponsorships or something since something to me since something that's library like hookers up, I mean, look, you're right there in the video. You're in a cyber security video talking about right there.
07:06
I want the enhancements of the latest s mind. Version three
07:11
is known as Triple wrapping,
07:13
a triple ramp as my message is one that sign
07:15
encrypted and assigned again.
07:18
Extra layer of encryption provides an additional layer of security
07:24
when users sign and encrypt messages with that look on the Web using s mind the messages automatically triple wrapped
07:30
Quiz.
07:32
If you're not too hungry from thinking about a triple wrap
07:35
from Taco Bill
07:38
seeking an answer, this message encryption provides wish specific security services.
07:44
Choose all that apply
07:46
message encryption,
07:47
authenticity,
07:49
data integrity, non repudiation,
07:53
confidentiality and secrecy.
07:56
Which of those services
07:59
are provided with messages Different that integrity, confidentiality or provided with message Encryption authenticity. Non repudiation or not,
08:11
secrecy is just 30 off, so you should have automatically tell secrecy out.
08:16
So to recap, today's lesson
08:18
S mime is based on using certificates that work with that private and public key.
08:24
Encryption is a way to change the content so it cannot be read or understood
08:31
until it's changed back into its readable and understandable form.
08:35
Message encryption provides to security services, confidentiality and that integrity.
08:41
Hopefully, you are in a little bit about s mime When this lesson
08:45
Thank you. I hope you see you for the next one. Take care
Up Next
MS-500: Microsoft 365 Security Administration

The Microsoft 365 Security Administration course is designed to prepare students to take and pass the MS-500 certification exam. The course covers the four domains of the exam, providing students with the knowledge and skills they need to earn their credential.

Instructed By