Plan for e-mail messaging cryptography
Updated: April 9, 2009
Applies To: Office Resource Kit
Microsoft Office Outlook 2007 supports security-related features to help users send and receive cryptographic e-mail messages. These features include cryptographic e-mail messaging, security labels, and signed receipts.
To obtain full security functionality in Outlook, you must install Outlook with local administrative rights.
Cryptographic messaging features in Outlook
Outlook supports cryptographic messaging features that enable users to do the following:
Digitally sign an e-mail message. Digital signing provides nonrepudiation and verification of contents (the message contains what the person sent, with no changes).
Encrypt an e-mail message. Encryption helps to ensure privacy by making the message unreadable to anyone other than the intended recipient.
Additional features can be configured for security-enhanced messaging. If your organization provides support for these features, security-enhanced messaging enables users to do the following:
Send an e-mail message with a receipt request. This helps to verify that the recipient is validating the user's digital signature (the certificate that the user applied to a message).
Add a security label to an e-mail message. Your organization can create a customized S/MIME V3 security policy that adds labels to messages. An S/MIME V3 security policy is code that you add to Outlook. It adds information to the message header about the sensitivity of the message. See Security labels and signed receipts later in this topic.
How Outlook implements cryptographic messaging
The Outlook cryptography model uses public key encryption to send and receive signed and encrypted e-mail messages. Outlook supports S/MIME V3 security, which allows users to exchange security-enhanced e-mail messages with other S/MIME e-mail clients over the Internet or intranet. E-mail messages encrypted by the user's public key can be decrypted using only the associated private key. This means that when a user sends an encrypted e-mail message, the recipient's certificate (public key) encrypts it. When a user reads an encrypted e-mail message, the user's private key decrypts it.
In Outlook, users are required to have a security profile to use cryptographic features. A security profile is a group of settings that describes the certificates and algorithms used when a user sends messages that use cryptographic features. Security profiles are configured automatically if the profile is not already present when:
The user has certificates for cryptography on his or her computer.
The user begins to use a cryptographic feature.
You can customize these security settings for users in advance. You can use registry settings or Group Policy settings to customize Outlook to meet your organization's cryptographic policies and to configure (and enforce, with Group Policy) the settings you want in the security profiles. These settings are described in the table in Set consistent Outlook 2007 cryptography options for an organization.
Digital IDs: A combination of public/private keys and certificates
S/MIME features rely on digital IDs, which associate a user's identity with a public and private key pair. The combination of a certificate and private/public key pair is called a digital ID. The private key can be saved in a security-enhanced store, such as the Microsoft Windows certificate store, on the user's computer or on a Smart Card. Outlook fully supports the X.509v3 standard, which requires that public and private keys are created by a certificate authority such as VeriSign, Inc.
Users can obtain digital IDs by using public World Wide Web-based certificate authorities such as VeriSign and Microsoft Certificate Server. For more information about how users can acquire a digital ID, see the Outlook Help topic Get a Digital ID. As an administrator, you can provide digital IDs to a group of users. Outlook also continues to support working with Microsoft Exchange Key Management Server to obtain or provide digital IDs.
When certificates for digital IDs expire, users typically must obtain updated certificates from the issuing certificate authority. If your organization relies on Microsoft Exchange Key Management Server for certificates, Outlook automatically manages certificate update for users.
Security labels and signed receipts
Outlook includes support for S/MIME V3 Enhanced Security Services (ESS) extensions about security labels and signed receipts. These extensions help you to provide security-enhanced e-mail communications within your organization and to customize security to fit your requirements.
If your organization develops and provides S/MIME V3 security policies to add custom security labels, the code in the security policies can enforce attaching a security label to an e-mail message. Here are two examples of security labels:
An Internal Use Only label might be implemented as a security label to apply to mail that should not be sent or forwarded outside your company.
A label can specify that certain recipients cannot forward or print the message, if the recipient also has the security policy installed.
Users can also send security-enhanced receipt requests with messages to verify that the recipients recognize the user's digital signature. When the message is received and saved (even if it is not yet read) and the signature is verified, a receipt implying that the message was read is returned to the user's Inbox. If the user's signature is not verified, no receipt is sent. When the receipt is returned, because the receipt is also signed, you have verification that the user received and verified the message.
Classes of encryption strengths
There are two classes of encryption key strengths available from Microsoft: high (128-bit) and low (40-bit). Microsoft provides 128-bit encryption capabilities in Windows 2000 and Windows XP, the operating systems required for the 2007 Microsoft Office system. Ensuring that users have software versions that support high encryption helps to provide a high level of security-enhanced e-mail messaging.
The Outlook Security Labels application programming interface (API) creates security label policy modules that define the sensitivity of message content in your organization. For a detailed description of creating policy modules and code samples, see the MSDN article Creating Security Label Policy Modules.
Public key cryptography can help you maintain security-enhanced e-mail systems. For more information about the use of public key cryptography in Outlook, search for the Outlook 98 Security whitepaper in the Knowledge Base search page of the Microsoft Product Support Services Web site.
Microsoft Exchange Key Management Server version 5.5 issues keys for Microsoft Exchange Server security only. Microsoft Exchange Key Management Server 5.5 Service Pack 1 supports both Exchange security and S/MIME security. For more information, see the Microsoft Exchange Server version 5.5 Resource Guide in the Microsoft BackOffice Resource Kit, Second Edition.
Download this book
This topic is included in the following downloadable books for easier reading and printing:
See the full list of available books at Office Resource Kit information.