PGP Overview 2004/11/30 Information-Center meeting peterkim.

Slides:

Advertisements

Similar presentations

Security 1. is one of the most widely used and regarded network services currently message contents are not secure may be inspected either.

Advertisements

Cryptography Chapter 7 Part 4 Pages 833 to 874. PKI Public Key Infrastructure Framework for Public Key Cryptography and for Secret key exchange.

Authentication Cristian Solano. Cryptography is the science of using mathematics to encrypt and decrypt data. Public Key Cryptography –Problems with key.

Lecture 5: security: PGP Anish Arora CSE 5473 Introduction to Network Security.

Lecture 5: security: PGP Anish Arora CIS694K Introduction to Network Security.

Shouting from the Rooftops: Improving Security Dr. Maury Pinsk FRCPC University of Alberta Division of Pediatric Nephrology.

CS470, A.Selcuk Security1 CS 470 Introduction to Applied Cryptography Instructor: Ali Aydin Selcuk.

8-1 Internet security threats Mapping: m before attacking: gather information – find out what services are implemented on network  Use ping to determine.

8: Network Security – Integrity, Firewalls.

Electronic mail security -- Pretty Good Privacy.

Henric Johnson1 Electronic mail security Henric Johnson Blekinge Institute of Technology, Sweden

Cryptography and Network Security Chapter 15 Fourth Edition by William Stallings Lecture slides by Lawrie Brown.

Security Jonathan Calazan December 12, 2005.

TrustPort Public Key Infrastructure. Keep It Secure Table of contents  Security of electronic communications  Using asymmetric cryptography.

Electronic Mail Security. Authentication and confidentiality problems Two systems: - PGP (Pretty Good Privacy) - S/MIME (Science Multipurpose Internet.

SMUCSE 5349/49 Security. SMUCSE 5349/7349 Threats Threats to the security of itself –Loss of confidentiality s are sent in clear over.

Chapter 31 Network Security

Digital Certificates With Chuck Easttom. Digital Signatures  Digital Signature is usually the encryption of a message or message digest with the sender's.

Pretty Good Privacy by Philip Zimmerman presented by: Chris Ward.

24-1 Last time □ Message Integrity □ Authentication □ Key distribution and certification.

Electronic Mail Security

Chapter 14 Encryption: A Matter Of Trust. Awad –Electronic Commerce 2/e © 2004 Pearson Prentice Hall 2 OBJECTIVES What is Encryption? Basic Cryptographic.

Network Security7-1 Today r Collect Ch6 HW r Assign Ch7 HW m Ch7 #2,3,4,5,7,9,10,12 m Due Wednesday Nov 19 r Continue with Chapter 7 (Security)

AQA Computing A2 © Nelson Thornes 2009 Section Unit 3 Section 6.4: Internet Security Digital Signatures and Certificates.

Secure r How do you do it? m Need to worry about sniffing, modifying, end- user masquerading, replaying. m If sender and receiver have shared secret.

1 Chapter 5 Electronic mail security. 2 Outline Pretty good privacy S/MIME Recommended web sites.

16.1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 16 Security at the Application Layer: PGP and.

Security.  is one of the most widely used and regarded network services  currently message contents are not secure may be inspected either.

Securing Electronic Transactions University of Palestine Eng. Wisam Zaqoot April 2010 ITSS 4201 Internet Insurance and Information Hiding.

ICT 6621 : Advanced NetworkingKhaled Mahbub, IICT, BUET, 2008 Lecture 12 Network Security (2)

Cryptography Encryption/Decryption Franci Tajnik CISA Franci Tajnik.

Cryptography, Authentication and Digital Signatures

Chapter 6 Electronic Mail Security MSc. NGUYEN CAO DAT Dr. TRAN VAN HOAI 1.

1 Firewalls. 2 What is a firewall? Device that provides secure connectivity between networks (internal/external; varying levels of trust) Used to implement.

SECURITY MANAGEMENT Key Management in the case of public-key cryptosystems, we assumed that a sender of a message had the public key of the receiver at.

Key Management. Session and Interchange Keys  Key management – distribution of cryptographic keys, mechanisms used to bind an identity to a key, and.

Cryptography and Network Security (CS435) Part Twelve (Electronic Mail Security)

1 Electronic Mail Security Outline Pretty good privacy S/MIME Based on slides by Dr. Lawrie Brown of the Australian Defence Force Academy, University College,

1 Chapter 5 Electronic mail security. 2 Outline Pretty good privacy S/MIME Recommended web sites.

Internet Security. 2 PGP is a security technology which allows us to send that is authenticated and/or encrypted. Authentication confirms the identity.

Network Security7-1 CIS3360: Chapter 8: Cryptography Application of Public Cryptography Cliff Zou Spring 2012 TexPoint fonts used in EMF. Read the TexPoint.

Pretty Good Privacy (PGP) Security for Electronic .

CSCE 815 Network Security Lecture 11 Security PGP February 25, 2003.

NETWORK SECURITY.

Security PGP IT352 | Network Security |Najwa AlGhamdi 1.

8-1 Chapter 8 Security Computer Networking: A Top Down Approach 6 th edition Jim Kurose, Keith Ross Addison-Wesley March 2012 part 2: Message integrity.

8: Network Security8-1 Chapter 8 Network Security A note on the use of these ppt slides: We’re making these slides freely available to all (faculty, students,

X.509 Topics PGP S/MIME Kerberos. Directory Authentication Framework X.509 is part of the ISO X.500 directory standard. used by S/MIME, SSL, IPSec, and.

CSCE 201 Security Fall CSCE Farkas2 Electronic Mail Most heavily used network-based application – Over 210 billion per day Used across.

Security Using PGP - Prajakta Bahekar. Importance of Security is one of the most widely used network service on Computer Currently .

Electronic Mail Security Prepared by Dr. Lamiaa Elshenawy

7.6 Secure Network Security / G.Steffen1. In This Section Threats to Protection List Overview of Encrypted Processing Example.

2/19/2016clicktechsolution.com Security. 2/19/2016clicktechsolution.com Threats Threats to the security of itself –Loss of confidentiality.

Security  is one of the most widely used and regarded network services  currently message contents are not secure may be inspected either.

By Marwan Al-Namari & Hafezah Ben Othman Author: William Stallings College of Computer Science at Al-Qunfudah Umm Al-Qura University, KSA, Makkah 1.

2013Prof. Reuven Aviv, Mail Security1 Pretty Good Privacy (PGP) Prof. Reuven Aviv Dept. of Computer Science Tel Hai Academic College.

Prof. Reuven Aviv, Nov 2013 Public Key Infrastructure1 Prof. Reuven Aviv Tel Hai Academic College Department of Computer Science Public Key Infrastructure.

@Yuan Xue Case Study (Mid-term question) Bob sells BatLab Software License Alice buys BatLab Credit card information Number of.

Network Security Chapter 8 roadmap 8.1 What is network security? 8.2 Principles of cryptography (confidentiality) 8.3 Message integrity 8.4 End-point authentication.

Lecture 8 (Chapter 18) Electronic Mail Security Prepared by Dr. Lamiaa M. Elshenawy 1.

Key management issues in PGP

Electronic mail security

Security is one of the most widely used and regarded network services

Security Services for

Public Key Infrastructure

Security at the Application Layer: PGP and S/MIME

刘振上海交通大学计算机科学与工程系电信群楼3-509

Secure How do you do it? Need to worry about sniffing, modifying, end-user masquerading, replaying. If sender and receiver have shared secret keys,

刘振上海交通大学计算机科学与工程系电信群楼3-509

PGP CSC 492 Presentation May 2, 2007 Brandon Skari Ruby Matejcik.

Presentation transcript:

PGP Overview 2004/11/30 Information-Center meeting peterkim

servers POP3: Post Office Protocol, port #110 IMAP: Internet Mail Access Protocol, port #143 SMTP: Simple Main Transfer Protocol, port #25

Pretty good privacy (PGP) Internet encryption scheme, de-facto standard. uses symmetric key cryptography, public key cryptography, hash function, and digital signature as described. provides secrecy, sender authentication, integrity. inventor, Phil Zimmerman, a undergraduate from FAU in BEGIN PGP SIGNED MESSAGE-- - Hash: SHA1 Bob:My husband is out of town tonight.Passionately yours, Alice ---BEGIN PGP SIGNATURE--- Version: PGP 5.0 Charset: noconv yhHJRHhGJGhgg/12EpJ+lo8gE4vB3 mqJhFEvZP9t6n7G6m5Gw2 ---END PGP SIGNATURE--- A PGP signed message:

PGP overview — mechanism Anybody creates his/her RSA public key and private key (512, 768, or 1024 bits) (automatically generated by PGP) Anybody (e.g., Alice) can send encrypted (as well as signed) to anybody else (e.g., Bob).  Generate a one-time random key to encrypt the using a secret key system (e.g., IDEA)  Encrypt the random key with Bob ’ s public key  May sign the with her own private key  May compress the before encryption Bob can use his private key to decrypt the encrypted .  Moreover, “ pass phrase ” is required for decryption  The “ pass phrase ” is typed by Bob when PGP generates RSA keys for him

PGP overview — key distribution Public key system (RSA), key distribution  PEM: rigid hierarchy of CAs.  S/MIME: (being agnostic), assume that a number of parallel independent hierarchies.  PGP: anarchy, each user decides which keys to trust. You contact Alice in person to get Alice ’ s public key, and trust it You find the public key of Alice on her web page or from , you can copy it to your PGP system to trust it if you want. Public key server (e.g., paderborn.de/pgp/).

PGP--certificates Certificates are an optional in PGP anyone can issue a certificate to anyone else If you trust Alice and get Carol ’ s public key certificate signed by Alice, you will trust Carol ’ s public key If you get Carol ’ s two public key certificates, one signed by Alice, and the other signed by Bob, both Alice and Bob are trusted by you, then you can trust both Carol ’ s certificates. Therefore PGP is very flexible and easy to use

Security services for Privacy/confidentiality Authentication Integrity Non-repudiation Proof of submission (same as certified mail) Proof of delivery (same as post mail request return receipt) Anonymity Message flow confidentiality Containment Audit Accounting Self destruct Message sequence integrity

Secure (Encode and check sign) Alice:  generates random symmetric private key, K S.  encrypts message with K S (for efficiency)  also encrypts K S with Bob’s public key.  sends both K S (m) and K B (K S ) to Bob.  Alice wants to send confidential , m, to Bob. K S ( ). K B ( ) K S (m ) K B (K S ) + m KSKS KSKS KBKB + Internet K S ( ). K B ( ). - KBKB - KSKS m K S (m ) K B (K S ) +

Secure (Encode and check sign) Bob:  uses his private key to decrypt and recover K S  uses K S to decrypt K S (m) to recover m  Alice wants to send confidential , m, to Bob. K S ( ). K B ( ) K S (m ) K B (K S ) + m KSKS KSKS KBKB + Internet K S ( ). K B ( ). - KBKB - KSKS m K S (m ) K B (K S ) +

Secure (Sign) Alice wants to provide sender authentication message integrity. Alice digitally signs message. sends both message (in the clear) and digital signature. H( ). K A ( ) H(m ) K A (H(m)) - m KAKA - Internet m K A ( ). + KAKA + K A (H(m)) - m H( ). H(m ) compare

Secure (Another Application) Alice wants to provide secrecy, sender authentication, message integrity. Alice uses three keys: her private key, Bob’s public key, newly created symmetric key H( ). K A ( ). - + K A (H(m)) - m KAKA - m K S ( ). K B ( ). + + K B (K S ) + KSKS KBKB + Internet KSKS

PGP overview Not just for , it performs encryption and integrity protection on files  Your is treated as a file  Encrypt the file  Send the encrypted file by regular er.  The receiver saves the to a file and then, decrypt the file by PGP Directly embedded in for convenience. Visit:

Certificate and key revocation You can revoke (delete) any public key anytime A public key of a person can be revoked by the corresponding private key The issuer of a certificate can revoke the certificate  Does not mean that the holder of revoked certificate is a bad person, but the issuers does not want to vouch for its authenticity. Validity period of a key and a certificate

PGP — key ring A data structure containing key materials  pubring.pgp: containing your public keys, other people ’ s public keys, information about people, and certificates.  secring.pgp: containing your private keys. Three trust levels currently in PGP: none, partial, complete. A trust level of a person may determine the trust level of the certificates signed by the person.

Final Demo Show WinPT - Windows Privacy Tools Windows Privacy Tools (WinPT) is a collection of multilingual applications for digital encryption and signing of content. WinPT is GnuPG-based, compatible with OpenPGP compliant software (like PGP) and free for commercial and personal use under the GPL.