Presentation is loading. Please wait.

Presentation is loading. Please wait.

1 SC700 A2 Internet Information Protocols 4/17/2001 Application Presentation by J. Chu Pretty Good Privacy.

Published byEstella Melanie Singleton Modified over 8 years ago

Similar presentations

Presentation on theme: "1 SC700 A2 Internet Information Protocols 4/17/2001 Application Presentation by J. Chu Pretty Good Privacy."— Presentation transcript:

1 1 SC700 A2 Internet Information Protocols 4/17/2001 Application Presentation by J. Chu Pretty Good Privacy

2 2 SC700 A2 Internet Information Protocols 4/17/2001 Pretty Good Privacy (PGP) The first version of PGP was programmed in 1991 by Phil R. Zimmerman, who later founded PGP Security Consulting. PGP is one of the most popular encryption and authentication algorithm world-wide. PGP is more widely used in electronic mail security than any other areas. Pretty Good Privacy – J. Chu Phil R. Zimmerman Background

3 3 SC700 A2 Internet Information Protocols 4/17/2001 Pretty Good Privacy (PGP) PGP is a hybrid cryptosystem; it is a combination of some of the best known encryption algorithms in existence. While PGP has the speediness of a symmetric-key encryption algorithm, it maintains the high level of security of a public-key encryption algorithm. Pretty Good Privacy – J. Chu Background (continues)

4 4 SC700 A2 Internet Information Protocols 4/17/2001 Pretty Good Privacy (PGP) "If all the personal computers in the world - 260 million - were put to work on a single PGP-encrypted message, it would still take an estimated 12 million times the age of the universe, on average, to break a single message.” - Deputy Director William Crowell National Security Agency 3/20/1997 Pretty Good Privacy – J. Chu Background (continues)

5 5 SC700 A2 Internet Information Protocols 4/17/2001 Why choose PGP over RSA? RSA is very secured given a large enough key. However, it is definitely no fun having to compute 567^2 128 for every single letter in order to encrypt or decrypt a message. During the 80’s and early 90’s, not too many computer in the world can handle such complex computations in a short period of time. This is when PGP comes in…It is fast, secured, and best of all, everyone** can use! (**note: by publishing the source code of PGP on the Internet, Phil Zimmerman actually got prosecuted by the United States Government for exporting a weapon.) Pretty Good Privacy – J. Chu Introduction

6 6 SC700 A2 Internet Information Protocols 4/17/2001 The following algorithms are employed by PGP: 1.IDEA Cipher - developed by James Massey & Xuejia Lai in 1990 2.RSA Public Key Encryption - developed by Rivest, Shamir, and Adelman in 1977 3.GZIP - A combination of Lempel-Ziv and Huffman Encoding Pretty Good Privacy – J. Chu Introduction (continues)

7 7 SC700 A2 Internet Information Protocols 4/17/2001 About the IDEA cipher: 1.IDEA: International Data Encryption Algorithm 2.Message is encrypted with a 128-bit IDEA key via different combinations of operations: a. Additions (mod 2 16 ) b. Multiplication (mod 2 16 + 1) c. Additions (mod 2) (i.e. XOR) 3.There are currently no known effective attacks against the IDEA cipher. Pretty Good Privacy – J. Chu Algorithm

8 8 SC700 A2 Internet Information Protocols 4/17/2001 The IDEA cipher algorithm: 1.Original text is divided into 64-bit blocks. 2.Each 64-bit block is further divided into four 16-bit sub- blocks: X 1, X 2, X 3, X 4. 3.The 128-bit IDEA session key is divided into eight 16-bit key-blocks: K i,1, K i,2, K i,3, K i,4, K i,5, K i,6, K i,7, K i,8. 4.Addition and Multiplication are perform on each block of X n and K i,j. 5.The combination of operations are performed eight times to get the final encryption. Pretty Good Privacy – J. Chu Algorithm (continues)

9 9 SC700 A2 Internet Information Protocols 4/17/2001 IDEA Algorithm: Pretty Good Privacy – J. Chu Algorithm (continues)

10 10 SC700 A2 Internet Information Protocols 4/17/2001 Problems with IDEA cipher: 1.IDEA is a symmetric-key cryptosystem. In order to decrypt a cipher, one must know the very same key that is used to encrypt the message. 2.Since the IDEA key is 128-bit long, it is not easy to memorize and therefore it must be recorded. Pretty Good Privacy – J. Chu Algorithm (continues)

11 11 SC700 A2 Internet Information Protocols 4/17/2001 PGP Improvements: 1.Instead of using the the same key each time, PGP randomly generated a new IDEA key for every session. The same message sent at different times will be totally different and remembering the key will be useless and unnecessary. 2.The IDEA key is encrypted via RSA public key encryption algorithm. Decryption can be achieved only by those who knows the complementary key. 3.PGP compresses packages with GZIP. Pretty Good Privacy – J. Chu Algorithm (continues)

12 12 SC700 A2 Internet Information Protocols 4/17/2001 How PGP Encrypts: 1.Original text is encrypted into IDEA cipher text with a 128-bit random key via IDEA encryption. 2.The IDEA session key is encrypted with a large public key via RSA encryption. 3.The encrypted IDEA session key is appended to the IDEA cipher text. 4.GZIP is used to compress the data into a PGP package. Pretty Good Privacy – J. Chu Algorithm (continues)

13 13 SC700 A2 Internet Information Protocols 4/17/2001 How PGP Encrypts: Pretty Good Privacy – J. Chu Algorithm (continues)

14 14 SC700 A2 Internet Information Protocols 4/17/2001 How PGP Decrypts: 1.PGP package is decompressed and is separated into the encrypted IDEA session key and the encrypted IDEA cipher text. 2.IDEA session key is decrypted with RSA private key. 3.IDEA session key decrypts the IDEA cipher text into the original plain text. Pretty Good Privacy – J. Chu Algorithm (continues)

15 15 SC700 A2 Internet Information Protocols 4/17/2001 How PGP Decrypts: Pretty Good Privacy – J. Chu Algorithm (continues)

16 16 SC700 A2 Internet Information Protocols 4/17/2001 PGP over IDEA & RSA: Although IDEA and RSA are very strong encrypting algorithms, they do have their weaknesses: IDEA uses a single and lengthy key while RSA employs complex and lengthy computations. By combining both IDEA and RSA, PGP uses the strengths of one algorithm to compensate for the weaknesses of the other. As the result, PGP is one of the strongest and fastest encrypting algorithm in existence. Pretty Good Privacy – J. Chu Conclusion

17 17 SC700 A2 Internet Information Protocols 4/17/2001 Back, Adam, “PGP Timeline.” “http://www.cypherspace.org/~adam/timeline/”, 1998. Brown, Lawrie, “Cryptography and Computer Security.” “http://www.cs.adfa.oz.au/teaching/studinfo/csc/lectures/”, 2001. Davie and Peterson, Larry L., Computer Networks. 2 nd ed. Boston: Morgan Kaufmann, 2000. Page 599-601. Feisthammel, Patrick, “PGP – Pretty Good Privacy.” “http://www.rubin.ch/pgp/pgp.en.html”, 2000. Gimon, Charles A., “The Phil Zimmerman Case.” “http://www.skypoint.com/members/gimonca/philzima.html”, 1996. “PGP International Homepage.” “http://www.pgpi.org”, 2001. “PGP Security BIND vulnerability COVERT CyberCop Gauntlet.” “www.pgp.com”, 2001. Pretty Good Privacy – J. Chu References

Download ppt "1 SC700 A2 Internet Information Protocols 4/17/2001 Application Presentation by J. Chu Pretty Good Privacy."

Similar presentations

Security and Privacy over the Internet Chan Hing Wing, Anthony Mphil Yr. 1, CSE, CUHK Oct 19, 1998.

Security and Privacy over the Internet Chan Hing Wing, Anthony Mphil Yr. 1, CSE, CUHK Oct 19, 1998.
International Data Encryption Algorithm

International Data Encryption Algorithm
An Introduction to Secure Sockets Layer (SSL). Overview Types of encryption SSL History Design Goals Protocol Problems Competing Technologies.

An Introduction to Secure Sockets Layer (SSL). Overview Types of encryption SSL History Design Goals Protocol Problems Competing Technologies.
Public Key Encryption Algorithm

Public Key Encryption Algorithm
Lecture 5: Email security: PGP Anish Arora CIS694K Introduction to Network Security.

Lecture 5: security: PGP Anish Arora CIS694K Introduction to Network Security.
Creating Secret Messages. 2 Why do we need to keep things secret? Historically, secret messages were used in wars and battles For example, the Enigma.

Creating Secret Messages. 2 Why do we need to keep things secret? Historically, secret messages were used in wars and battles For example, the Enigma.
Public-key Cryptography Montclair State University CMPT 109 J.W. Benham Spring, 1998.

Public-key Cryptography Montclair State University CMPT 109 J.W. Benham Spring, 1998.
CC3.12 Erdal KOSE Privacy & Digital Security Encryption.

CC3.12 Erdal KOSE Privacy & Digital Security Encryption.
Dr Alejandra Flores-Mosri Message Authentication Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to:

Dr Alejandra Flores-Mosri Message Authentication Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to:
Wireless Security In wireless networks. Security and Assurance - Goals Integrity Modified only in acceptable ways Modified only by authorized people Modified.

Wireless Security In wireless networks. Security and Assurance - Goals Integrity Modified only in acceptable ways Modified only by authorized people Modified.
Public Key Crytography1 From: Introduction to Algorithms Cormen, Leiserson and Rivest.

Public Key Crytography1 From: Introduction to Algorithms Cormen, Leiserson and Rivest.
Public Key Cryptography

Public Key Cryptography
McGraw-Hill©The McGraw-Hill Companies, Inc., 2004 1 Security PART VII.

McGraw-Hill©The McGraw-Hill Companies, Inc., Security PART VII.
WS 2006-07 Algorithmentheorie 03 – Randomized Algorithms (Public Key Cryptosystems) Prof. Dr. Th. Ottmann.

WS Algorithmentheorie 03 – Randomized Algorithms (Public Key Cryptosystems) Prof. Dr. Th. Ottmann.
Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.

Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
CS 682 - Network Security Lecture 2 Prof. Katz. 9/7/2000Lecture 2 - Data Encryption2 DES – Data Encryption Standard Private key. Encrypts by series of.

CS Network Security Lecture 2 Prof. Katz. 9/7/2000Lecture 2 - Data Encryption2 DES – Data Encryption Standard Private key. Encrypts by series of.
Electronic mail security -- Pretty Good Privacy.

Electronic mail security -- Pretty Good Privacy.
Fall 2010/Lecture 311 CS 426 (Fall 2010) Public Key Encryption and Digital Signatures.

Fall 2010/Lecture 311 CS 426 (Fall 2010) Public Key Encryption and Digital Signatures.
Cryptography and Network Security Chapter 15 Fourth Edition by William Stallings Lecture slides by Lawrie Brown.

Cryptography and Network Security Chapter 15 Fourth Edition by William Stallings Lecture slides by Lawrie Brown.
8: Network Security8-1 Symmetric key cryptography symmetric key crypto: Bob and Alice share know same (symmetric) key: K r e.g., key is knowing substitution.

8: Network Security8-1 Symmetric key cryptography symmetric key crypto: Bob and Alice share know same (symmetric) key: K r e.g., key is knowing substitution.

Similar presentations

Ads by Google