Book details of 'E-mail Security : How to Keep Your Electronic Messages Private'

Title	E-mail Security : How to Keep Your Electronic Messages Private
Author(s)	Bruce Schneier
ISBN	047105318X
Language	English
Published	January 1995
Publisher	John Wiley & Sons

---

Back to shelf Privacy
Amazon.com info for E-mail Security : How to Keep Your Electronic Messages Private

Score:

Vote for this book

The Virtual Bookcase Reviews of 'E-mail Security : How to Keep Your Electronic Messages Private':

Reviewer Rob Slade wrote:
This is the third work that I have seen on the PGP (Pretty Good Privacy) text encryption and authentication system. (I understand that at least two more are in the works.) It is also the first to truly present the general concept of email security by covering the only other realistic option--the Internet Privacy Enhanced Mail (PEM) standard and (Mark) Riordan's Internet Privacy Enhanced Mail (RIPEM) implementation. The book divides roughly into quarters discussing background, practical use, the PGP documentation, and the PEM RFCs. The work is considerably different, in style, to the Stallings (BKPRTPRV.RVW) and Garfinkel (BKPGPGAR.RVW) efforts. Those books, while not obtuse, were still written with a technical audience in mind. Schneier's work, while definitely showing the expertise he demonstrated in "Applied Encryptography" (BKAPCRYP.RVW), is clearly aimed at the general, non-technical reader. (Interestingly, while he *does* tell you where to find the RC4 algorithm posting, he *doesn't* mention the loophole recently pointed out in the Clipper "Skipjack" algorithm.) The straightforward style lulled me into thinking that chapter one was too long. It isn't: Schneier makes the important point that, for it to be *truly* effective, encryption must be used on *all* correspondence, even trivial items. So well crafted is his argument that it would be difficult to reduce the chapter by so much as a paragraph. Schneier uses this argument to good effect in pointing out some of the major deficiencies in the two systems. PGP is awkward to use, and PEM may use incompatible algorithms. Surprisingly, he does not emphasize (though he does mention) what is probably the major problem with each--the inability to use the same system within and outside of the United States. The PGP fiasco is too involved to get into here (see the Garfinkel work for details) and there is not yet an "international" implementation of PEM (although there may soon be an "authentication only" version available). This won't help you design your own algorithm, but it is definitely for any user of email, manager of communications systems, or student of privacy and confidentiality. copyright Robert M. Slade, 1995
Add my review for E-mail Security : How to Keep Your Electronic Messages Private

Book description:

Using non-technical, jargon-free language, it takes a look at the issues of privacy in E-mail, rates the security of the most popular E-mail programs and offers practical solutions in the form of two leading-edge encryption programs, Privacy Enhanced Mail (PEM) and Pretty Good Privacy (PGP). Highlights the potential problems with the security systems of the most popular commercial E-mail products including Lotus cc:Mail, DaVinci Mail, Microsoft Mail and the Apple Open Collaborative Environment. Anecdotes, dramatizing the vulnerability of many so-called ``secure'' communications systems, are also included.