INTEGRATION GUIDE
MS OUTLOOK 2003
VERSION 2.0
Document Code: ST_UT_MB_MSO_2.0_18042012
The data and information contained in this document cannot be altered without the express
written permission of SecuTech Solution Inc. No part of this document can be reproduced or
transmitted for any purpose whatsoever, either by electronic or mechanical means.
The general terms of trade of SecuTech Solution Inc. apply. Diverging agreements must be
made in writing.
Copyright © SecuTech Solution Inc. All rights reserved.
WINDOWS is a registered trademark of Microsoft Corporation.
The WINDOWS-logo is a registered trademark
(TM)
of Microsoft Corporation.
Software License
The software and the enclosed documentation are copyright-protected. By installing the
software, you agree to the conditions of the licensing agreement.
Licensing Agreement
SecuTech Solution Inc. (SecuTech for short) gives the buyer the simple, exclusive and nontransferable licensing right to use the software on one individual computer or networked
computer system (LAN). Copying and any other form of reproduction of the software in full or
in part as well as mixing and linking it with others is prohibited. The buyer is authorized to
make one single copy of the software as backup. SecuTech reserves the right to change or
improve the software without notice or to replace it with a new development. SecuTech is not
obliged to inform the buyer of changes, improvements or new developments or to make
these available to him. A legally binding promise of certain qualities is not given. SecuTech is
not responsible for damage unless it is the result of deliberate action or negligence on the
part of SecuTech or its aids and assistants. SecuTech accepts no responsibility of any kind
for indirect, accompanying or subsequent damage.
I
Contact Information
HTTP:
www.eSecuTech.com
E-Mail:
[email protected]
Please Email any comments, suggestions or questions regarding this document or our
products to us at: [email protected]
Version
Date
1.0
2011.4.29
2.0
2012.4.18
II
CE Attestation of Conformity
UniToken is in conformity with the protection requirements of CE
Directives 89/336/EEC Amending Directive 92/31/EEC. UniToken
satisfies the limits and verifying methods: EN55022/CISPR 22 Class
B, EN55024: 1998.
FCC Standard
This device is in conformance with Part 15 of the FCC Rules and
Regulation for Information Technology Equipment.
Operation of this product is subject to the following two conditions:
(1) this device may not cause harmful interference, and (2) this
device must accept any interference received, including interference
that may cause undesired operation.
The equipment of UniToken is USB based.
Conformity to ISO 9001:2000
The Quality System of SecuTech Solution Inc., including its
implementation, meets the requirements of the standard ISO
9001:2000
ROHS
All UniToken products are environmental friendly with ROHS
certificates.
III
Table of Contents
ABOUT THIS GUIDE ........................................................................................................ 1
CHAPTER 1:
PREPARING MICROSOFT OUTLOOK 2003 AND UNITOKEN® PRO ............... 3
1.1
Install the PKI package............................................................................................ 3
1.2
Request a VeriSign Certificate ................................................................................ 7
CHAPTER 2:
SIGN AND ENCRYPT MAIL ....................................................................... 11
2.1
User 1 mailbox (receiver.secutech) ........................................................................11
2.2
User 2 mailbox (helper.secutech) ...........................................................................14
CHAPTER 3:
3.1
OPEN AN ENCRYPTED MAIL.................................................................... 16
User 1 mailbox (receiver.secutech) ........................................................................16
GLOSSARY ................................................................................................................. 17
IV
About this guide
Data security has become one of the most important problems occurring in a
company. In order to combat the threats becoming more and more dangerous and
present, it has become necessary to prevent data leak and falsification.
In this guide, we will introduce how to integrate UniToken PRO and Microsoft
Outlook 2003 to perform mail signature and encryption with a digital certificate.
Compared to the usual protection method that uses only one security element (the
password), Encrypting and signing the mail with the certificate stored in UniToken
PRO provides 2 factors authentication that uses 2 security elements (password and
certificate stored inside the Token). In this way, security is greatly improved.
Secutech’s UniToken PRO can generate certificates on the hardware side and store
them. The certificate is being stored in the UniToken PRO hardware and not on the
user’s computer, thus providing a higher security level.
About SecuTech
SecuTech Solution Inc. founded in 2005, is the global leader in providing software
protection and license management solution, secure managed portable storage,
two-factor authentication, and cloud computing. Its best-of-breed product portfolio
meets the highest security, performance, and privacy standards of the most
demanding software vendors, enterprise, government, and financial customers.
SecuTech' UniToken Software Rights Management products are the 1st Driverless
Hardware key choice of software developers and publishers to protect intellectual
property, increase revenues, and reduce losses from software piracy. UniToken is a
USB-based authentication solution. The UniToken secure Web gateway provides
the most advanced protection against the latest Web-based threats and attacks.
UniOTP is an open, flexible authentication solution that supports any form of
authentication, including Windows Logon, Active Directory authenticating, cloud
computing, and mobile authentication, it is natural that SecuTech includes OATH
compatibility within its UniOTP two-factor authentication architecture.
Over 1,000 customers in 62 countries choose SecuTech security products to protect
their invaluable data and networks. SecuTech has resellers and offices in 16
countries, a worldwide network of channel partners, and has won numerous awards
for innovation.
SecuTech UniToken MS Outlook 03 Integration guide Version 2.0
1 of 18
About UniToken PRO
UniToken PRO is an authentication token developed by SecuTech Solution Inc.
Featuring a high performance SmartCard, it allows to further strengthen security.
Besides the function “Windows Logon” brought by the SmartCard, UniToken PRO
also supports PKCS#11 and MS-CAPI digital certificates. Inside the 256KB
integrated memory, you can store many certificates. Apart from logon features, you
can also use UniToken PRO to protect Microsoft office and PDF documents, sign
and encrypt mails and strengthen website authentication, there are many different
ways to use it.
Technology
UniToken PRO uses PKI technology. This includes PKCS#11 and MS-CAPI
compatibility which are the standards most used in the cryptographic sector.
Certificates generated by UniToken are stored directly inside of it and not on the
user’s computer. Credentials are generated on the hardware side and are never
stored on the computer, preventing cold boot attacks and making hacking virtually
impossible.
Configuration used
Windows XP
UniToken PRO
Microsoft Outlook 2003
SecuTech UniToken MS Outlook 03 Integration guide Version 2.0
2 of 18
Chapter 1: Preparing Microsoft
Outlook 2003 and UniToken® PRO
This part explains how to install the PKI package that you can find inside the SDK.
The End User package can be found inside the folder Redist/Enduser.
1.1 Install the PKI package
Right-Click on the PKI package installation file and choose “Run as administrator”.
Please execute the installer with an account that has administrator rights on the
current computer.
SecuTech UniToken MS Outlook 03 Integration guide Version 2.0
3 of 18
Please click on [Next] in the welcome screen.
Input your username and Company Name and click on [Next]
SecuTech UniToken MS Outlook 03 Integration guide Version 2.0
4 of 18
Select [Complete] and click on [Next].
Click on [Install] to begin the installation of the PKI package.
SecuTech UniToken MS Outlook 03 Integration guide Version 2.0
5 of 18
Verify that the install wizard completed correctly and click on [Finish]
SecuTech UniToken MS Outlook 03 Integration guide Version 2.0
6 of 18
1.2 Request a VeriSign Certificate
Open Internet Explorer and go to the page:
https://digitalid.verisign.com/client/class1MS.htm
You can buy a digital certificate or download a free evaluation version that is fully
usable for 60days
SecuTech UniToken MS Outlook 03 Integration guide Version 2.0
7 of 18
In the field “Cryptographic Service Provider Name” choose “UniToken PRO CSP
v2.0”.
Click on [Accept] to request the certificate.
Type in the correct user PIN for UniToken PRO and click on [OK]
SecuTech UniToken MS Outlook 03 Integration guide Version 2.0
8 of 18
Please check the mailbox that you used to request the certificate. You should have
received an email explaining how to continue the request procedure.
Copy the Digital ID PIN and go to the URL written in the mail:
https://digitalid.verisign.com/enrollment/mspickup.htm
Paste the Digital ID PIN that you copied from the mail in the corresponding field and
click on [Submit]
SecuTech UniToken MS Outlook 03 Integration guide Version 2.0
9 of 18
Click on [INSTALL] to import the certificate inside your UniToken PRO. If you have
UniToken Monitor running, you should get a “certificate imported successfully”
message.
The request procedure is complete. You can now use this certificate to protect
documents as well as sign and encrypt mail.
SecuTech UniToken MS Outlook 03 Integration guide Version 2.0
10 of 18
Chapter 2: Sign and encrypt mail
2.1 User 1 mailbox (receiver.secutech)
In Microsoft Outlook 2003, below the main menu, select [New] to create a new
message.
Below the main menu, in the tool bar click on [Options].
SecuTech UniToken MS Outlook 03 Integration guide Version 2.0
11 of 18
On the [Message Options] page, click on [Security Settings]
On the [Security Properties] page, check [Add digital signature to this
message] and click on [Change Settings]
SecuTech UniToken MS Outlook 03 Integration guide Version 2.0
12 of 18
Click on [Choose] to Select the certificate stored inside the UniToken and click on
[OK] consecutively until you get back to [New Message] window.
In the new mail window, click on [Send] to send the signed mail. You will be asked
for the UniToken password.
SecuTech UniToken MS Outlook 03 Integration guide Version 2.0
13 of 18
2.2 User 2 mailbox (helper.secutech)
Go the mail account that you’ve just sent the signed mail to, and click on
[Send/Recv]. Open the signed mail, right-click on the sender name and choose
[Add to Outlook Contacts]
Click on [Save and Close] to save the information about User 1 (receiver.secutech)
as well as his certificate.
SecuTech UniToken MS Outlook 03 Integration guide Version 2.0
14 of 18
Back to the main window of Microsoft 2003, select the signed email and click on
[Reply].
Now that you have received that user’s digital signature, you can send encrypted
mails to that user (The public key of that user is included in the signature)
Click on the [
] icon on the top right of the windows and click on [Send] to send
the encrypted message. If the signature and encryption icon doesn’t appear, you
can configure message encryption from [Options…] [Security settings] [Encrypt
message and attachment]
SecuTech UniToken MS Outlook 03 Integration guide Version 2.0
15 of 18
Chapter 3: Open an encrypted mail
3.1 User 1 mailbox (receiver.secutech)
Go back to User 1’s mailbox and check your mail. You should have received the
encrypted mail from User 2. Double-click on it to open it.
If your UniToken is inserted, you will be able to see the content of the mail.
Note: If you’ve just inserted UniToken, you will be asked for the user password to
decrypt the mail. Otherwise, there is no need to input the password once again.
If UniToken is not inserted or if the certificate is incorrect, the message [Cannot
Open this item. Your digital ID name cannot be found by the underlying
system]
SecuTech UniToken MS Outlook 03 Integration guide Version 2.0
16 of 18
Glossary
Digital Signature: is a mathematical scheme for demonstrating the authenticity of a
digital message or document. A valid digital signature gives a recipient reason to
believe that the message was created by a known sender, and that it was not
altered in transit
Public Key Infrastructure (PKI) is a set of hardware, software, people, policies,
and procedures needed to create, manage, distribute, use, store, and revoke digital
certificates.
Microsoft Cryptography API, MS-CAPI is an application programming interface
included with Microsoft Windows operating systems that provides services to enable
developers to secure Windows-based applications using cryptography.
PKCS refers to a group of public-key cryptography standards devised and
published by RSA Security.
SecuTech UniToken MS Outlook 03 Integration guide Version 2.0
17 of 18
Follow us!
Twitter
Facebook
Youtube
Linked in
About SecuTech
SecuTech Solution Inc. is a company specializing in data protection and strong authentication, providing total
customer satisfaction in security systems & services for banks, financial instituitions & other industries. Having
extensive and in-depth experience within the information security market, SecuTech has drawn upon this
experience to utilize today’s cutting-edge technologies, enables enterprises, financial institutions, and
government to safely adopt the economic benefits of mobile and cloud computing that are effective against
increasingly sophisticated cyber attacks.
www.eSecuTech.com SecuTech Solution Inc.
North America
China
APAC
EMEA
1250 Boulevard RenéLévesque Ouest, #2200,
Montreal, QC, H3B 4W8,
Canada
T: +1 -888-259-5825
F: + 1 -888-259-5825 ext.0
E: [email protected]
Level 12, #67 Bei Si Huan
Xi Lu,
Beijing, China, 100080
T: +8610-8288 8834
F: + 8610-8288 8834
E: [email protected]
Suite 5.14, 32 Delhi Rd,
North Ryde,
NSW, 2113, Australia
T: 00612-9888 6185
F: 00612-9888 6185
E: [email protected]
4 Cours Bayard 69002
Lyon, France
T: +33-042-600-2810
F: +33-042-600-2810
M: +33-060-939 6463
E: [email protected]
©Copyright 2012 SecuTech Solution Inc. All rights reserved. Reproduction in whole or in part without written permission from SecuTech is prohibited. SecuTech UniToken and the
SecuTech logo are trademarks of SecuTech Inc. Windows and all other trademarks are properties of their respective owners. Features and specifications are subject to change
without notice.
SecuTech UniToken MS Outlook 03 Integration guide Version 2.0
18 of 18