1

Multipurpose Internet Mail Extension (MIME) Protocol

Multipurpose Internet Mail Extension (MIME) is a standard which was proposed by Bell
Communications in 1991 in order to expand limited capabilities of email.
MIME is a kind of add on or a supplementary protocol which allows non-ASCII data to be sent
through SMTP. It allows the users to exchange different kinds of data files on the Internet:
audio, video, images, application programs as well.

Why do we need MIME?

Limitations of Simple Mail Transfer Protocol (SMTP):
SMTP has a very simple structure
It’s simplicity however comes with a price as it only send messages in NVT 7-bit ASCII format.
It cannot be used for languages that do not support 7-bit ASCII format such as- French,
German, Russian, Chinese and Japanese, etc. so it cannot be transmitted using SMTP. So, in
order to make SMTP more broad we use MIME.
It cannot be used to send binary files or video or audio data.

Purpose and Functionality of MIME –

Growing demand for Email Message as people also want to express in terms of Multimedia. So,
MIME another email application is introduced as it is not restricted to textual data.
MIME transforms non-ASCII data at sender side to NVT 7-bit data and delivers it to the client
SMTP. The message at receiver side is transferred back to the original data. As well as we can
send video and audio data using MIME as it transfers them also in 7-bit ASCII data.

Features of MIME –
It is able to send multiple attachments with a single message.
Unlimited message length.
Binary attachments (executables, images, audio, or video files) which may be divided if needed.
MIME provided support for varying content types and multi-part messages.

Working of MIME –
Suppose a user wants to send an email through user agent and it is in a non-ASCII format so
there is a MIME protocol which converts it into 7-bit NVT ASCII format. Message is transferred
through e-mail system to the other side in 7-bit format now MIME protocol again converts it back
into non-ASCII code and now the user agent of receiver side reads it and then information is
finally read by the receiver. MIME header is basically inserted at the beginning of any e-mail
transfer.
 2

MIME Object Security Services (MOSS) ​is a protocol that uses the multipart/signed and
multipart/encrypted framework to apply digital signature and encryption services to MIME
objects.
The services are offered through the use of end-to-end cryptography between an originator and
a recipient at the application layer. Asymmetric (public key) cryptography is used in support of
the digital signature service and encryption key management. Symmetric (secret key)
cryptography is used in support of the encryption service. The procedures are intended to be
compatible with a wide range of public key management approaches, including both ad hoc and
certificate-based schemes. Mechanisms are provided to support many public key management
approaches.[1]

S/MIME (Secure/Multipurpose Internet Mail Extensions)?

S/MIME is a protocol for the secure exchange of e-mail and attached documents originally
developed by RSA Security. Secure/Multipurpose Internet Mail Extensions (S/MIME) adds
security to Internet e-mail based on the Simple Mail Transfer Protocol (SMTP) method and adds
support for digital signatures and encryption to SMTP mail to support authentication of the
sender and privacy of the communication. Note that because HTTP messages can transport
MIME data, they can also use S/MIME.
How It Works
S/MIME is an extension of the widely implemented Multipurpose Internet Mail Extensions
(MIME) encoding standard, which defines how the body portion of an SMTP message is
structured and formatted. S/MIME uses the RSA public key cryptography algorithm along with
the Data Encryption Standard (DES) or Rivest-Shamir-Adleman (RSA) encryption algorithm. In
an S/MIME message, the MIME body section consists of a message in PKCS #7 format that
contains an encrypted form of the MIME body parts. The MIME content type for the encrypted
data is application/pkcs7-mime.
 3

Cryptography and its Types

Cryptography is technique of securing information and communications through use of codes so
that only those person for whom the information is intended can understand it and process it.
Thus preventing unauthorized access to information. The prefix “crypt” means “hidden” and
suffix graphy means “writing”.
In Cryptography the techniques which are use to protect information are obtained from
mathematical concepts and a set of rule based calculations known as algorithms to convert
messages in ways that make it hard to decode it. These algorithms are used for cryptographic
key generation, digital signing, verification to protect data privacy, web browsing on internet and
to protect confidential transactions such as credit card and debit card transactions.

Features Of Cryptography are as follows:

Confidentiality​:
Information can only be accessed by the person for whom it is intended and no other person
except him can access it.
Integrity​:
Information cannot be modified in storage or transition between sender and intended receiver
without any addition to information being detected.
Non-repudiation​:
The creator/sender of information cannot deny his or her intention to send information at later
stage.
Authentication​:
The identities of sender and receiver are confirmed. As well as destination/origin of information
is confirmed.

Types Of Cryptography:
Symmetric Key Cryptography:
It is an encryption system where the sender and receiver of message use a single common key
to encrypt and decrypt messages. Symmetric Key Systems are faster and simpler but the
problem is that sender and receiver have to somehow exchange key in a secure manner. The
most popular symmetric key cryptography system is Data Encryption System(DES).
Hash Functions:
There is no usage of any key in this algorithm. A hash value with fixed length is calculated as
per the plain text which makes it impossible for contents of plain text to be recovered. Many
operating systems use hash functions to encrypt passwords.
Asymmetric Key Cryptography:
Under this system a pair of keys is used to encrypt and decrypt information. A public key is used
for encryption and a private key is used for decryption. Public key and Private Key are different.
Even if the public key is known by everyone the intended receiver can only decode it because
he alone knows the private key.
 4

EDI vs. paper-based transaction process

paper-based method:
● Once a reorder level is reached, the inventory system automatically notifies the buyer
that an order should be placed for the specific item.
● The buyer enters the data manually into a system, which then generates the necessary
paperwork. The PO is mailed using the postal service to the supplier.
● After several days, the supplier receives the PO. The order is entered into their order
system.
● The supplier generates and prints an invoice. The invoice is enclosed with the shipment
or is sent separately by mail.
● The buyer manually enters the shipment details and invoice into the payments system..
EDI-based process:
● Once a reorder level is reached, the inventory system, which now uses EDI software
automatically generates an EDI formatted PO and transmits it using Internet EDI to the
supplier.
● Almost immediately, the supplier’s system receives the EDI formatted PO. The system
then informs the shipping department to ship the items, generates an invoice and
submits it directly to the buyer’s accounts system.
● From the above examples, it is easy to see why EDI is so much better, more efficient
and cost effective.
Credit Card Transaction Processing Works:
Step 1: The customer pays with Mastercard
The customer purchases goods/services from a merchant.
Step 2: The payment is authenticated
The merchant point-of-sale system captures the customer’s account information and securely
sends it to the acquirer.
Step 3: The transaction is submitted
The merchant acquirer asks Mastercard to get an authorization from the customer’s issuing
bank.
Step 4: Authorization is requested
Mastercard submits the transaction to the issuer for authorization.
Step 5: Authorization response
The issuing bank authorizes the transaction and routes the response back to the merchant.
Step 6: Merchant payment
The issuing bank routes the payment to the merchant’s acquirer who deposits the payment into
the merchant’s account..