The popularity of wireless LANs is increasing as is the use of wireless Internet access points, so the need for secure and encrypted e-mail exchanges is becoming more critical. While there are many implementations of e-mail encryption, one of the most popular e-mail servers is Microsoft Exchange 2003 Server which has built-in encryption capabilities.
Microsoft Exchange 2003 Server allows for the exchange of encrypted e-mail with other e-mail servers using Transport Layer Security (TLS) protocol. Without the encryption, user names and passwords can be easily intercepted on a LAN by an employee running a packet sniffing utility or by a hacker sniffing packets coming out of the LAN.
Later in this article, I will demonstrate an example of an intercepted message by the Microsoft Network Monitor without TLS encryption and you will see the full text of the unencrypted message. I will also show an example of how an encrypted message appears in the same packet sniffing utility.
The Exchange server requires an X.509 server certificate for TLS encryption. An X.509 server certificate is a digital form of identification that is typically issued by a certification authority and contains identification information, a validity period, a public key, a serial number and the digital signature of the issuer.
But first some basics.
What is Transport Layer Security protocol?
TLS is a successor to Secure Sockets Layer protocol. TLS provides secure communications on the Internet for such things as e-mail, Internet faxing, and other data transfers. There are slight differences between SSL 3.0 and TLS 1.0, but the protocol remains substantially the same. It is good idea to keep in mind that TLS resides on the Application Layer of the OSI model. This will save you a lot of frustrations while debugging and troubleshooting encryption problems related to TLS.
The TLS Handshake Protocol allows the server and client to authenticate each other and to negotiate an encryption algorithm and cryptographic keys before data is exchanged. In a typical scenario, only the server is authenticated and its identity is ensured while the client remains unauthenticated. The mutual authentication of the servers requires public key deployment to clients. When a server and client communicate, TLS protocol ensures that no third party may eavesdrop, tamper with any message, and message forgery.
The TLS Protocol Version 1.0 is defined in RFC document RFC 2246 .