Message Security Services and the Components in an Exchange 2003-Based Message Security Solution

To understand how the components that make up an Exchange 2003-based message security system provide S/MIME services, first consider each service individually, as discussed in Understanding Message Security. This section adds to that discussion with an explanation of what component is responsible for each step. Where the discussion in Understanding Message Security was applicable to any S/MIME implementation, this additional information is specific for Exchange 2003 and changes the explanation from a general discussion to one that is specific for this implementation.

Digital Signatures and Exchange 2003 Message Security System

"How Digital Certificates Are Used for Digital Signatures" in Understanding Digital Certificates explains in detail how digital signatures work. The processing of digital signatures closely mirrors the conceptual diagram in Understanding Message Security. Each step of the process has a clear, single owner. When the process is handed to a different component, the new component clearly receives ownership. This linear processing is important when troubleshooting because resolving problems requires an understanding of the chain of events and the component responsible for each step. The following figure shows the sequence of digital certificates and digital signing of an e-mail message from "How Digital Certificates Are Used for Digital Signatures" in Understanding Digital Certificates and also shows the components discussed in this topic.

Digital certificates and digital signing of an e-mail message in an Exchange 2003 message security system, with primary component identified

1. Message is captured.

2. Hash value of the message is calculated.

3. Sender's private key is retrieved from sender's digital certificate.

4. Hash value is encrypted with sender's private key.

5. Encrypted hash value is appended to the message as a digital signature.

6. Message is sent.

The following figure shows the sequence of verifying a digital signature with digital certificates from "How Digital Certificates Are Used for Digital Signatures" in Understanding Digital Certificates and also shows the components discussed in this topic.

Digital certificates and verifying a digital signature of an e-mail message in an Exchange 2003 message security system, with primary component identified

1. Message is received.

2. Digital signature containing encrypted hash value is retrieved from the message.

3. Message is retrieved.

4. Hash value of the message is calculated.

5. Sender's public key is retrieved from the sender's digital certificate.

6. Encrypted hash value is decrypted with the sender's public key.

7. Decrypted hash value is compared against the hash value produced on receipt.

8. If the values match, the message has not been modified while in transit.

The e-mail client has a central role in handling S/MIME messages. This role matches the central placement of the e-mail client in the conceptual diagram of an Exchange 2003-based message security system. The e-mail client interacts with both Exchange 2003 and PKI. In addition to forming the primary means by which a user interacts with S/MIME messages, the e-mail client also figures centrally into the planning and deployment of a message security solution.

Message Encryption and an Exchange 2003 Message Security System

As with digital signatures, the e-mail client is the central focus in message encryption, with Exchange 2003 and PKI both supporting the e-mail client. The following figure shows the sequence of message encryption with digital certificates from "How Digital Certificates Are Used for Message Encryption" in Understanding Digital Certificates and also shows the components discussed in this topic.

Digital certificates and encryption of an e-mail message in an Exchange 2003 message security system, with primary component identified

1. Message is captured.

2. Public key is retrieved from the recipient's digital certificate.

3. One-time symmetric session key is generated.

4. Encryption operation is performed on the message using a session key.

5. Session key is encrypted using recipient's public key.

6. Encrypted session key is included with encrypted message.

7. Message is sent.

The following figure shows the sequence of decrypting with the addition of the Exchange 2003 components.

Digital certificates and decrypting an e-mail message in an Exchange 2003 message security system, with primary component identified

1. Message is received.

2. Encrypted message and encrypted session key are retrieved from the message.

3. Recipient's private key is retrieved from the recipient's digital certificate.

4. Session key is decrypted with the recipient's private key from the recipient's digital certificate.

5. Message is decrypted with the decrypted session key.

6. Unencrypted message is returned to the recipient.

As with digital signatures, the e-mail client is the central focus with Exchange 2003 and PKI providing support.

Digital Signatures and Message Encryption in an Exchange 2003 Message Security System

Digitally signing and encrypting mail in an Exchange 2003 system is a predictable combination of the two services. For completeness, the following figure shows the combined operation of digitally signing and encrypting a message.

Digital certificates and digitally signing and encrypting of an e-mail message in an Exchange 2003 message security system, with primary component identified

1. Message is captured.

2. Hash value of the message is calculated.

3. Sender's private key is retrieved from the sender's digital certificate.

4. Recipient's public key is retrieved from the recipient's digital certificate.

5. Hash value is encrypted with the sender's private key.

6. Encrypted hash value is appended to the message as a digital signature.

7. One-time symmetric session key is generated.

8. Encryption operation is performed on the message using a session key.

9. Session key is encrypted using the recipient's public key.

10. Encrypted session key is included with the encrypted message.

11. Message is sent.

The following figure shows the sequence of decrypting and verifying the digital signature with the addition of the supporting elements of public key cryptography.

Digital certificates and decrypting an e-mail message and verifying a digital signature in an Exchange 2003 message security system, with primary component identified

1. Message is received.

2. Encrypted message and encrypted session key are retrieved from the message.

3. Recipient's private key is retrieved from the recipient's digital certificate.

4. Session key is decrypted with the recipient's private key from the recipient's digital certificate.

5. Message is decrypted with the decrypted session key.

6. Digital signature containing encrypted hash value is retrieved from the message.

7. Message is retrieved.

8. Hash value of the message is calculated.

9. Sender's public key is retrieved from the sender's digital certificate.

10. Encrypted hash value is decrypted with the sender's public key.

11. Decrypted hash value is compared against the hash value produced on receipt.

12. If the values match, the message has not been altered in transit.

13. Unencrypted message is returned to the recipient.

Note that in a combined digital signing and message encryption operation, PKI is involved in two steps rather than in a single step in both the sending and the receiving of the message. There are two steps rather than a single step because PKI is performing a public key and a private key operation. These cannot be combined because they are different operations.