four major email encryption protocols : MOSS, PGP, PGP/MIME, and S/MIME.

1 smine which refers to 发送和接收安全的mime. 使用公匙前必须用x.509 public key infrastructure (PKIX) certificates 来确认它的真伪，smine agents 同时必须按照PKIX 和 KEYN 所描述的process 过程来完成certificate 的process.这种特性是与 cryptographic message syntax CMS 兼容的，并遗传了其中所有基於key管理的支持。

AC介绍，在一个 x.509公匙证书中可以含有两个509AC(even with same subject name and public key, 但要调整好之间overlap的合理性)，每个 509AC 还可以邦定多个attributes。

definition of a certificate: binding an entity name with public key using a digital signature.

no Internet mail addresses in a certificate matches the sender of
a message, if the certificate contains at least one mail address
no certificate chain leads to a trusted CA
no ability to check the CRL for a certificate
an invalid CRL was received
the CRL being checked is expired
the certificate is expired
the certificate has been revoked

Hash:

instead of decrypting the text, comparison for identification is used. 例如

MD message digest algoithm:3个版本，2，4，5。

md2, plaintext with a hashing of 128bits long. when messages are less then 128 bits, to still exceed the 128 bit length padding must be added to it. ***128bits long means 2的128次，3，402，823，669，209，384，634，633，746，074，300，000，000，000，000，000，000，000，000，000，000，000，000个可能性。***

md4, plaintext with a hasing of 128 bits, adding a padding to 512 bits length.

md5,same as md4 padding up to 512, also hash algorithm use a 4 variables of 32 bits each in a round robin fashion to create a value that is compressed to generate the hash. sth to notice here, the compressed which would cause a weakness.*snmp v2 uses md5*

SHA, secure hash algorithm: lies somewhere between md4 and 5. has a hash of 160 bits, padding less then 512 bits with 0s and an interger that describes the original length message, padding message then runs through the sha algorithm to produce the hash.

digital signatures: a public key that has been digitally signed by a recognized authority CA, for testing the the owner of the key is whom he say he is. it's like when i send a message to you, my certificate verifies that i actually am the person using my public keys. encrypting: hash value is encrypted by the senders private key, to encrypt the entire message you would have to use the receiver's public key. then combining the message and the digital signature for transmit.*note, sometimes not to encrypt the whole message for necessary prove of whome it came from*

example in details: a wants to send a message to b, a generates a hash value, encrypt it with a's private key and also the entire message with b's public key-----b then receives the message, decrypt the message with his public key, decrypt the digital signature with a's public key, then b runs the value with the decrypted digital signature, value match sender defined.

PGP for windows and GPG for win, unix, linux: statement, encrypt using PGP can be decrpyted using GPG, vice versa.

how it works: PGP and GPG use both asymmetric and symmetric cryptography. generat a randon symmetric key to encrypt the message, then the symmetric key is encrypted by the receiver's public key. receiver decrypt symmetric key using his private key then using the decrypt symmetric key to decrypt the rest of the message.

RSA algorithm:

a public key cryptosystem, provides both encryption and digital signatures. 假设 x and y, n=xy, n叫做modulus. kkkkk, 受不了了 i'm not a coder here.....

chain letters:chain letters contains a message consisting and inducing the 接受方复制很多份这封信并继续遗传给新的接受者。

email hoax: deliberate email messages warning about fauls viruses. a suggestion to remove an important file or send the false warning to everyone in your emaili address book.

twofishkey两条鱼: 128 bit block cipher.offical algorithm uses 16 rounds, but it can be used with less rounds. best way to do is key of 256 bit and full 16 rounds.

advanced encryption standard AES= block cipher, block cipher is a typr of symmetric key. plaintext--- using key and block cipher encryption--- gives us ciphertext. AES taking over the DES data encryption standard.128 bits fixed block size, key size 128 ,192,256 bits.