Data Security and Integrity in Open Networks: A Prototype Implementation of Internet Standard Privacy-Enhanced Electronic Mail [open pdf - 8MB]
"Data security and integrity are crucial issues for virtually every private corporation and government agency using data communications networks to transfer information from one point to another. This is especially true for agencies which employ distributed databases, electronic mail, and electronic funds transfers in their everyday activities. For most agencies, information is an asset to which value can be attributed, and the loss of assets which accompany the loss (through disclosure) of information can indeed be great. In this paper, a prototype implementation of a proposed standard for providing data security and integrity in an electronic mail system will be presented. The paper begins by examining some of the threats to data integrity and security in computers and networks. Next, methods of protecting against such threats are reviewed, and one method, data encryption, will be shown as having widespread popularity over other methods. The Data Encryption Standard (DES) is reviewed, and difficulties with its use are discussed. A recent invention, public key cryptology, is then reviewed in detail, and reasons for its preference over DES are presented. Next, the RSA Public Key Cryptosystem is briefly reviewed, and its use in a proposed standard for providing privacy and data integrity in an electronic mail system is discussed. A prototype implementation of the proposed Internet-standard privacy enhanced electronic mail is then presented."
Defense Technical Information Center (DTIC): http://www.dtic.mil/dtic/