Tony BrettOUCS Course Code ZAB 9 February 2004 E-Mail Security – Encryption and Digital Signatures Tony Brett Oxford University Computing Services February.

Slides:



Advertisements
Similar presentations
Security 1. is one of the most widely used and regarded network services currently message contents are not secure may be inspected either.
Advertisements

Digital Signatures. Anononymity and the Internet.
Pretty Good Privacy (PGP). How PGP works PGP uses both public-key cryptography and symmetric key cryptography, and includes a system which binds the public.
Lecture 5: security: PGP Anish Arora CSE 5473 Introduction to Network Security.
Lecture 5: security: PGP Anish Arora CIS694K Introduction to Network Security.
Shouting from the Rooftops: Improving Security Dr. Maury Pinsk FRCPC University of Alberta Division of Pediatric Nephrology.
Encryption and Firewalls Chapter 7. Learning Objectives Understand the role encryption plays in firewall architecture Know how digital certificates work.
Mar 12, 2002Mårten Trolin1 This lecture Diffie-Hellman key agreement Authentication Certificates Certificate Authorities SSL/TLS.
16.1 © 2004 Pearson Education, Inc. Exam Planning, Implementing, and Maintaining a Microsoft® Windows® Server 2003 Active Directory Infrastructure.
Summer School Certificates Diego Romano & Gilda Team.
Apr 22, 2003Mårten Trolin1 Agenda Course high-lights – Symmetric and asymmetric cryptography – Digital signatures and MACs – Certificates – Protocols Interactive.
Mar 4, 2003Mårten Trolin1 This lecture Diffie-Hellman key agreement Authentication Certificates Certificate Authorities.
Key Management public-key encryption helps address key distribution problems have two aspects of this: –distribution of public keys –use of public-key.
8-1 What is network security? Confidentiality: only sender, intended receiver should “understand” message contents m sender encrypts message m receiver.
CS 105 – Introduction to the World Wide Web  HTTP Request*  Domain Name Translation  Routing  HTTP Response*  Privacy and Cryptography  Adapted.
Pretty Good Privacy – How to do it. Tony Brett IT Systems Manager Corpus Christi College OxCERT Tel. (2)76695 OUCS ITSS lunchtime.
Introduction to PKI Mark Franklin September 10, 2003 Dartmouth College PKI Lab.
Henric Johnson1 Electronic mail security Henric Johnson Blekinge Institute of Technology, Sweden
03 December 2003 Public Key Infrastructure and Authentication Mark Norman DCOCE Oxford University Computing Services.
TrustPort Public Key Infrastructure. Keep It Secure Table of contents  Security of electronic communications  Using asymmetric cryptography.
Electronic Mail Security. Authentication and confidentiality problems Two systems: - PGP (Pretty Good Privacy) - S/MIME (Science Multipurpose Internet.
Computer Science Public Key Management Lecture 5.
Digital Signature Xiaoyan Guo/ Xiaohang Luo/
INTRODUCTION Why Signatures? A uthenticates who created a document Adds formality and finality In many cases, required by law or rule Digital Signatures.
Lecture 9: Security via PGP CS 436/636/736 Spring 2012 Nitesh Saxena.
Masud Hasan Secure Project 1. Secure It uses Digital Certificate combined with S/MIME capable clients to digitally sign and.
Networks and Security. Types of Attacks/Security Issues  Malware  Viruses  Worms  Trojan Horse  Rootkit  Phishing  Spyware  Denial of Service.
Masud Hasan Secue VS Hushmail Project 2.
Security Keys, Signatures, Encryption. Slides by Jyrki Nummenmaa ‘
Security.  is one of the most widely used and regarded network services  currently message contents are not secure may be inspected either.
Protecting Internet Communications: Encryption  Encryption: Process of transforming plain text or data into cipher text that cannot be read by anyone.
Public-Key Cryptography CS110 Fall Conventional Encryption.
Chapter 6 Electronic Mail Security MSc. NGUYEN CAO DAT Dr. TRAN VAN HOAI 1.
PGP ENCRYPTION Prepared by Noel Kigaraba. Introduction This presentation explains the basic information about PGP encryption software. It discusses the.
Cryptography. Introduction Encryption  The art (or science) of putting messages into a code, and the study of those coding techniques. Decryption  The.
1 Securing Data and Communication. 2 Module - Securing Data and Communication ♦ Overview Data and communication over public networks like Internet can.
Cryptography and Network Security (CS435) Part Twelve (Electronic Mail Security)
Chapter 15: Electronic Mail Security
1 Chapter 5 Electronic mail security. 2 Outline Pretty good privacy S/MIME Recommended web sites.
Computer and Network Security Rabie A. Ramadan Lecture 6.
Internet Security. 2 PGP is a security technology which allows us to send that is authenticated and/or encrypted. Authentication confirms the identity.
1 Information Security Practice I Lab 5. 2 Cryptography and security Cryptography is the science of using mathematics to encrypt and decrypt data.
Encryption / Security Victor Norman IS333 / CS332 Spring 2014.
CSCE 815 Network Security Lecture 11 Security PGP February 25, 2003.
Security PGP IT352 | Network Security |Najwa AlGhamdi 1.
Encryption. Introduction The incredible growth of the Internet has excited businesses and consumers alike with its promise of changing the way we live.
Security Using PGP - Prajakta Bahekar. Importance of Security is one of the most widely used network service on Computer Currently .
Electronic Commerce School of Library and Information Science PGP and cryptography I. What is encryption? Cryptographic systems II. What is PGP? How does.
Creating and Managing Digital Certificates Chapter Eleven.
© Copyright 2009 SSLPost 01. © Copyright 2009 SSLPost 02 a recipient is sent an encrypted that contains data specific to that recipient the data.
Digital Signatures and Digital Certificates Monil Adhikari.
Private key
Lecture 11 Overview. Digital Signature Properties CS 450/650 Lecture 11: Digital Signatures 2 Unforgeable: Only the signer can produce his/her signature.
Public / Private Key Example Dan Fleck CS 469: Security Engineering Coming up: Today 11.
Security  is one of the most widely used and regarded network services  currently message contents are not secure may be inspected either.
PGP Key Management Basic Principals AfNOG 2007 April 26, 2007 Abuja, Nigeria Hervey Allen.
Lecture 9 Overview. Digital Signature Properties CS 450/650 Lecture 9: Digital Signatures 2 Unforgeable: Only the signer can produce his/her signature.
Mar 28, 2003Mårten Trolin1 This lecture Certificates and key management Non-interactive protocols –PGP SSL/TLS –Introduction –Phases –Commands.
By Marwan Al-Namari & Hafezah Ben Othman Author: William Stallings College of Computer Science at Al-Qunfudah Umm Al-Qura University, KSA, Makkah 1.
Security By Meenal Mandalia. What is ? stands for Electronic Mail. much the same as a letter, only that it is exchanged in a different.
M2 Encryption techniques Gladys Nzita-Mak. What is encryption? Encryption is the method of having information such as text being converted into a format.
Security Depart. of Computer Science and Engineering 刘胜利 ( Liu Shengli) Tel:
Security is one of the most widely used and regarded network services
PGP Key Management Basic Principals
PGP Key Management Basic Principals
Campbell R. Harvey Duke University and NBER
An Installation Guide of PGP on Windows 2000
PGP Key Management Basic Principles
Unit 8 Network Security.
Presentation transcript:

Tony BrettOUCS Course Code ZAB 9 February Security – Encryption and Digital Signatures Tony Brett Oxford University Computing Services February 2004

Tony BrettOUCS Course Code ZAB 9 February 2004 Agenda What and why? PGP Keys and key pairs Encrypting messages Signing messages Verifying keys – key signing Installation on windows XP and exercise

Tony BrettOUCS Course Code ZAB 9 February 2004 What and Why? is not secure –as easy to fake as a typed letter. –Anyone can read it on the network. How to know you are who you say you are? Ways to secure –Digital signatures –Encryption Secure transactions

Tony BrettOUCS Course Code ZAB 9 February 2004 PGP – Pretty Good Privacy 1976 – Diffie/Hellman – Rivest/Shamir/Adleman – Zimmermann writes PGP. Send securely to a known recipient. Digitally sign so that the recipient(s) can be sure it is from you. Can also be used with file transfers. Similar is used for secure web pages.

Tony BrettOUCS Course Code ZAB 9 February 2004 Keys and Key Pairs Encryption is a way of changing something to something else. –e.g. simple 3-letter shift. –tony brett becomes wrqb euhww. But the recipient has to know the “key”. –How do you tell them securely? Asymmetric keys are the answer! Public/Private keys. –“Fingerprint” for verification –Pass phrase on private for security –Include address(es)

Tony BrettOUCS Course Code ZAB 9 February 2004 Where do I find someone’s key? (and publicise mine) Key Servers or Personal Web Pages

Tony BrettOUCS Course Code ZAB 9 February 2004 Encrypting Messages Use recipient's public key. Then only they can decrypt it. Can encrypt to several if more than one recipient. Then any one private key can decrypt message. No guarantee it is from you, but only they can read it.

Tony BrettOUCS Course Code ZAB 9 February 2004 Signing Messages Use your own private key. So long as recipient is sure they have your key they can be sure the message came from you. Your public key is widely available

Tony BrettOUCS Course Code ZAB 9 February 2004 For the Paranoid…. Encrypt the message with recipient’s public key and sign with your own private key. Then it’s verifiably from you and you can be sure only they can read it!

Tony BrettOUCS Course Code ZAB 9 February 2004 How do you know this key is mine? Anyone could generate a key for anyone else. Signing a key confirms that it belongs to the right person. –Verify identity by voice, passport, driving licence etc. –Use fingerprint to make sure you have the right one. Creates chain of trust. Key signing events do happen –

Tony BrettOUCS Course Code ZAB 9 February 2004 How to Install PGP on Windows Download from: Note License Restrictions Extract PGP8.EXE from ZIP file

Tony BrettOUCS Course Code ZAB 9 February 2004 Installation

Tony BrettOUCS Course Code ZAB 9 February 2004 Installation Choose to create keys and set install directory – defaults are fine!

Tony BrettOUCS Course Code ZAB 9 February 2004 Select Components

Tony BrettOUCS Course Code ZAB 9 February 2004 Finish install and restart computer

Tony BrettOUCS Course Code ZAB 9 February 2004 Creating your key pair Run PGP Keys. Choose “New Key” from “Keys”. You’ll need name and .

Tony BrettOUCS Course Code ZAB 9 February 2004 The Passphrase is VITAL! It’s your only protection from others using your private key!

Tony BrettOUCS Course Code ZAB 9 February 2004 Key gets generated

Tony BrettOUCS Course Code ZAB 9 February 2004 Exercises Send public key to a server. Try using the clipboard encryption facility Keep your private key safe and passphrase protected. –You can’t revoke a key without the private key. Get public key for and try to send me an encrypted message Get your public key signed.

Tony BrettOUCS Course Code ZAB 9 February 2004 Resources

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.