S/MIME is an extension to the existing MIME# email infrastructure focus on security enhancements in Application Layer# which is supported in many mail agents such as MS Outlook, Mozilla, Mac Mail etc. It is similar to Pretty Good Privacy (PGP) which offers ability to sign and/or encrypt messages. The public keys are distributed in the form of Public-Key Certificate# which both parties have to obtain the cert.
It provides several additional content-types for MIME email:
- Enveloped data which data and associated keys are encrypted
- Signed data which the digest is signed and the message is encoded
- Clear-signed data which digest is signed and encoded
- Signed and enveloped data where there are nesting of signed and encrypted entities
- Registration request which is used to apply Public-Key Certificate# from CA
- Certificate-only message which is issued by the CA to the user
S/MIME utilises several Cryptographic schemes to provide secrecy to the MIME email. For Digital Signature#, it uses DDS or Rivest-Shamir-Adleman (RSA)#. Hash Functions# used are SHA-1 and MD5. ElGamal or Rivest-Shamir-Adleman (RSA)# is used to encrypt session key. The message encryption is done by Advanced Encryption Standard (AES)#, Triple Data Encryption Standard (3DES)#, RC2/40 or others.