Electronic Mail Security. Authentication and confidentiality problems Two systems: - PGP (Pretty Good Privacy) - S/MIME (Science Multipurpose Internet.

Slides:



Advertisements
Similar presentations
1 Pretty Good Privacy (PGP) Security for Electronic .
Advertisements

Security 1. is one of the most widely used and regarded network services currently message contents are not secure may be inspected either.
PGP Overview 2004/11/30 Information-Center meeting peterkim.
Lecture 5: security: PGP Anish Arora CSE 5473 Introduction to Network Security.
Lecture 5: security: PGP Anish Arora CIS694K Introduction to Network Security.
Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.
Chapter 5 Electronic mail security. Outline Pretty good privacy S/MIME Recommended web sites.
1 Pertemuan 12 Security Matakuliah: H0242 / Keamanan Jaringan Tahun: 2006 Versi: 1.
Prepared by:Hussain Awad Supervised by: Dr. Lo’ai Tawalbeh
NS-H / Security. NS-H / Security is one of the most widely used and regarded network services currently message.
Electronic mail security
Electronic mail security -- Pretty Good Privacy.
Henric Johnson1 Electronic mail security Henric Johnson Blekinge Institute of Technology, Sweden
Cryptography and Network Security Chapter 15 Fourth Edition by William Stallings Lecture slides by Lawrie Brown.
Lecture 9: Security via PGP CS 436/636/736 Spring 2012 Nitesh Saxena.
Electronic Mail Security
Secure r How do you do it? m Need to worry about sniffing, modifying, end- user masquerading, replaying. m If sender and receiver have shared secret.
PGP Encryption Justin Shelby. Encryption Methods  There are two basic key types for cryptography Symmetric Asymmetric.
16.1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 16 Security at the Application Layer: PGP and.
1 TCP/IP Applications. 2 NNTP: Network News Transport Protocol NNTP is a TCP/IP protocol based upon text strings sent bidirectionally over 7 bit ASCII.
Electronic mail security. Outline Pretty good privacy S/MIME.
Security.  is one of the most widely used and regarded network services  currently message contents are not secure may be inspected either.
Chapter 6 Electronic Mail Security MSc. NGUYEN CAO DAT Dr. TRAN VAN HOAI 1.
1 Firewalls. 2 What is a firewall? Device that provides secure connectivity between networks (internal/external; varying levels of trust) Used to implement.
1 Electronic mail security Ola Flygt Växjö University, Sweden
Cryptography and Network Security (CS435) Part Twelve (Electronic Mail Security)
Chapter 15: Electronic Mail Security
1 Electronic Mail Security Outline Pretty good privacy S/MIME Based on slides by Dr. Lawrie Brown of the Australian Defence Force Academy, University College,
1 Chapter 5 Electronic mail security. 2 Outline Pretty good privacy S/MIME Recommended web sites.
Pretty Good Privacy (PGP) Security for Electronic .
CSCE 815 Network Security Lecture 11 Security PGP February 25, 2003.
SECURITY – Chapter 15 SECURITY – Chapter 15 ….for authentication and confidentiality PGP 1.Uses best algorithms as building blocks 2.General.
NETWORK SECURITY.
Security PGP IT352 | Network Security |Najwa AlGhamdi 1.
X.509 Topics PGP S/MIME Kerberos. Directory Authentication Framework X.509 is part of the ISO X.500 directory standard. used by S/MIME, SSL, IPSec, and.
CSCE 201 Security Fall CSCE Farkas2 Electronic Mail Most heavily used network-based application – Over 210 billion per day Used across.
Security Using PGP - Prajakta Bahekar. Importance of Security is one of the most widely used network service on Computer Currently .
Encryption Basics Module 7 Section 2. History of Encryption Secret - NSA National Security Agency –has powerful computers - break codes –monitors all.
PGP & IP Security  Pretty Good Privacy – PGP Pretty Good Privacy  IP Security. IP Security.
1 Electronic Mail Security Behzad Akbari Fall 2009 In the Name of the Most High.
Electronic Mail Security Prepared by Dr. Lamiaa Elshenawy
7.6 Secure Network Security / G.Steffen1. In This Section Threats to Protection List Overview of Encrypted Processing Example.
Security  is one of the most widely used and regarded network services  currently message contents are not secure may be inspected either.
By Marwan Al-Namari & Hafezah Ben Othman Author: William Stallings College of Computer Science at Al-Qunfudah Umm Al-Qura University, KSA, Makkah 1.
Security By Meenal Mandalia. What is ? stands for Electronic Mail. much the same as a letter, only that it is exchanged in a different.
Secure Instant Messenger in Android Name: Shamik Roy Chowdhury.
2013Prof. Reuven Aviv, Mail Security1 Pretty Good Privacy (PGP) Prof. Reuven Aviv Dept. of Computer Science Tel Hai Academic College.
Prof. Wenguo Wang Network Information Security Prof. Wenguo Wang Tel College of Computer Science QUFU NORMAL UNIVERSITY.
1 CNLab/University of Ulsan Chapter 16 Electronic Mail Security  PGP (Pretty Good Privacy)  S/MIME.
Lecture 8 (Chapter 18) Electronic Mail Security Prepared by Dr. Lamiaa M. Elshenawy 1.
第五章 电子邮件安全. Security is one of the most widely used and regarded network services currently message contents are not secure –may be inspected.
Electronic mail security. Outline Pretty good privacy S/MIME.
Security Depart. of Computer Science and Engineering 刘胜利 ( Liu Shengli) Tel:
Electronic mail security
K. U. Khimani Asst. Prof. IT Dept. VVP Engineering College
Security is one of the most widely used and regarded network services
Security Pretty Good Privacy (PGP)
Selected Research Topics Electronic Mail Security
Electronic Mail Security
MAIL AND SECURITY PERTEMUAN 13
Security at the Application Layer: PGP and S/MIME
ELECTRONIC MAIL SECURITY
ELECTRONIC MAIL SECURITY
Electronic Mail Security
Secure How do you do it? Need to worry about sniffing, modifying, end-user masquerading, replaying. If sender and receiver have shared secret keys,
Electronic Mail Security
Cryptography and Network Security
….for authentication and confidentiality PGP
Presentation transcript:

Electronic Mail Security

Authentication and confidentiality problems Two systems: - PGP (Pretty Good Privacy) - S/MIME (Science Multipurpose Internet Mail Extension). System utilization S/MIME Industrial Standard for business utilization PGB personal electronic mail

Philip R. Zimmermann created the first version of PGP encryption in 1991.(freeware) Shortly after its release, PGP encryption found its way outside the United States and in February 1993 Zimmermann became the formal target of a criminal investigation by the US Government for “munition export without a license". Cryptosystems using keys larger than 40 bits were then considered munitions within the definition of the US export without a license; PGP has never used keys smaller than 128 bits so it qualified at that time. Penalties for violation, if found guilty, were substantial. After several years, the investigation of Zimmermann was closed without filing criminal charges against him or anyone else. After the Federal criminal investigation ended in 1996, Zimmermann and his team started a company to produce new versions of PGP encryption.

Caratteristiche di sicurezza Confidenzialità Autenticazione di chi spedisce Integrità del messaggio Autenticazione del ricevente

PGP is based on: RSA, DSS, and Diffie- Helman algorithms for public key encryption and CAST-128, IDEA e TDEA algorithms for symmetric key encryption. SHA-1 for hash functions. PGP services: - Authentication - Confidentiality - Compression - compatibility - Segmentation

Authentication (digital signature) 1.The sender creates a message 2.SHA-1 is used to generate a 160 bit hash code of the message 3.The hash code is encrypted with RSA using the sender’s private key and the result is prepended to the message. 4.The receiver uses RSA with the sender’s public key, to decrypt and recover the hash code. 5.The receiver generates a new hash code for the message and compares it with the decrypted hash code. If the two match, the message is accepted as authentic

Confidentiality 1.The sender generates a message and a random 128-bit number to be used as a session key for this message only. (one time key) 2. The message is encrypted, using a symmetric algorithm (CAST-128 or IDEA or 3DES) with the session key 3. The session key is encrypted with RSA, using the recipient’s public key, and is prepended to the message 4. The receiver uses RSA with its private key to decrypt and recover the session key 5. The session key is used to decrypt the message.

Authentication and Confidentiality The sender - Signs the message with its private key -Encrypts the message with the session key -Encrypts the session key with the public key of the receiver

Public key certification The mechanism is different from that of Certification Authority. The PGP public keys may be distributed through a public keys server.When a user submits a public key to one of these servers, the server sends a copy of the key to all the other servers and provides the key to anyone requires the key. A different and very common method of distributing its public key consists in to insert them in the personal web page.

Compression A message may be compressed, for storage or transmission using ZIP compatibility An encrypted message may be converted to an ASCII string using radix-e conversion Segmentation To accomodate maximum message size limitations, PGP performs segmentation and reassembly

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.