The S/MIME specification allows for encryption before signing or signing and encrypting. Each has different security pro

[answerhappygod]

The S/MIME specification allows for encryption before signing or
signing and encrypting. Each has different security properties. PGP
specifies that one should sign and then encrypt. Use CPSA to
determine what attacks are possible against each approach or if
either are secure. Is PGP correct to specify only one way to
perform authentication and confidentiality? Model the protocols,
specified below for your convenience, and identify any attacks
against the protocols or if the messages are securely received
(authenticated and confidential). Determine if you receive an
authentic message, was it intended for you or someone else or if
when you receive the message, is it authentic.
If you identify any attacks, can you change the protocol to
prevent the attacks?
For the following descriptions, M is the message, K is a freshly
chosen symmetric key, PubK(N) is the public key of N, and PrivK(N)
is the private key of N. {}K stands for encryption with key K.
Hash(X) is hashing of message X.
Sign then encrypt:
A -> B: {M, A, {Hash(M)}PrivK(A)}K, {K}PubK(B)
Encrypt then sign:
A -> B: {M}K, A, {Hash({M}K)}Privk(A), {K}PubK(B)
if you believe that you have found an attack and can fix it,
describe the fix and verify it with CPSA.