CS 465 Computer Security
BYU | Computer Science

Fall 2021

Section 1: TTh 3:30pm - 4:45pm - JFSB B092 (changed from MARB 130)

Project 10: S/MIME and PGP

Objectives

  • Gain experience sending a secure email message using S/MIME and PGP.

  • Learn about the usability challenges of secure email.

  • Write a clear report on your experience usign secure email technology.

Assignment

  • Learn about S/MIME and PGP technology. You will need to find your own sources to learn how to setup secure email for your OS and email system. You are welcome to create a new email account to experiment with and install new software. For example, you could try out a desktop email system instead of a webmail system.

  • Create the necessary keys and/or certificates in order to exchange secure email.

  • Send and receive signed and signed/encrypted email messages with a fellow student in the class using both S/MIME and PGP.

  • Write a 2 - 3 page report (excluding screenshots) describing what you learned about secure email and how successful or unsuccessful you were in trying to use it.

    • List the name of the student you exchanged secure email with and state what success or failure you had with each system.

    • Explain the email systems and tools you used.

    • Explain the technical details of the keys and certificates you generated.

    • Rate each system using SUS . Give your answer for each question and compute your score for each system.

    • Explain which parts of the process were difficult to understand or use.

    • Now that you know about secure email technology, will you continue using it in the future? Why or why not?

Tips

For S/MIME, you will need to obtain a certificate. Here are some sourcs for obtaining a free certificate.

For PGP, you may want to try mailpile, which uses TOFU exchange of PGP keys, Enigmail for Thunderbird, or Mailvelope.

Grading

  • 20 points - Well written report

  • 10 points - Successfully exchanged S/MIME messages (signed and encrypted)

  • 10 points - Successfully exchanged PGP messages (signed and encrypted)

  • 10 points - SUS scores

You can earn 8 points for both PGP and S/MIME if you are unable to finish after 3 hours of effort and explain completely what you tried and what difficulties you encountered.

You can do the assignment on your own (by sending an email to yourself at another account) but will lose 5 points for this.

Submission

Turn in a PDF of your report on Learning Suite.