Presentation is loading. Please wait.

Presentation is loading. Please wait.

Pretty Good Privacy by Philip Zimmerman presented by: Chris Ward.

Published byArline Logan Modified over 8 years ago

Similar presentations

Presentation on theme: "Pretty Good Privacy by Philip Zimmerman presented by: Chris Ward."— Presentation transcript:

1 Pretty Good Privacy by Philip Zimmerman presented by: Chris Ward

2 What is PGP? a non-proprietary protocol for the secure exchange of information between individuals a non-proprietary protocol for the secure exchange of information between individuals a free, open-source program implementing this protocol a free, open-source program implementing this protocol

3 Why do you need PGP? privacy: for protecting personal information privacy: for protecting personal information secrecy: for hiding illegal, unethical, or immoral activity secrecy: for hiding illegal, unethical, or immoral activity you don’t need it: you have nothing to protect or hide you don’t need it: you have nothing to protect or hide

4 Why should you know about PGP? It uses tools that are essential to all forms of secure communication. It uses tools that are essential to all forms of secure communication. public-key cryptography public-key cryptography private-key cryptography private-key cryptography message digests message digests digital signatures digital signatures

5 Why should you know about PGP? It uses tools to provide all aspects of secure communication. It uses tools to provide all aspects of secure communication. privacy (private-key cryptography) privacy (private-key cryptography) integrity (message digests) integrity (message digests) authentication (digital signature) authentication (digital signature) non-repudiation (digital signature + message digest) non-repudiation (digital signature + message digest)

6 In this presentation I will… introduce the tools used by PGP introduce the tools used by PGP describe how each tool can be used to provide some aspect(s) of secure communication describe how each tool can be used to provide some aspect(s) of secure communication show how PGP combines all of these tools to facilitate the secure exchange of information between individuals show how PGP combines all of these tools to facilitate the secure exchange of information between individuals

7 Tool # 1: Private-Key Cryptography two parties share a single secret key two parties share a single secret key an encryption scheme encrypts/decrypts information according to the value of the key an encryption scheme encrypts/decrypts information according to the value of the key good encryption algorithm: most efficient attack is not significantly better than brute force (guessing each possible key) good encryption algorithm: most efficient attack is not significantly better than brute force (guessing each possible key) Examples: DES, Triple DES, AES Examples: DES, Triple DES, AES

8 Privacy with Private-Key Cryptography Alice and Bob share a secret key K s Alice and Bob share a secret key K s Alice composes a message m in plaintext Alice composes a message m in plaintext She encrypts it with the secret key: K s {m} She encrypts it with the secret key: K s {m} She sends K s {m} to Bob She sends K s {m} to Bob How did Alice and Bob agree on K s ? How did Alice and Bob agree on K s ?

9 Tool # 2: Public-Key Cryptography Each party maintains a key pair (K public, K private ). Each party maintains a key pair (K public, K private ). If a message is encrypted with K public, it can only be decrypted with K private. If a message is encrypted with K public, it can only be decrypted with K private. If a message is encrypted with K private, it can only be decrypted with K public. If a message is encrypted with K private, it can only be decrypted with K public. good encryption algorithm: private key cannot be feasibly computed from its corresponding public key. good encryption algorithm: private key cannot be feasibly computed from its corresponding public key. Examples: RSA, ElGamal Examples: RSA, ElGamal

10 Convenient Key Agreement with Public-Key Cryptography provides one answer to “How did Alice and Bob agree on K s ?” provides one answer to “How did Alice and Bob agree on K s ?” Alice generates a random key and encrypts it using Bob’s public key: K BOB-PUBLIC {K s } Alice generates a random key and encrypts it using Bob’s public key: K BOB-PUBLIC {K s } Only Bob has K BOB-PRIVATE, so only Bob can decrypt the secret key. Only Bob has K BOB-PRIVATE, so only Bob can decrypt the secret key. Alice and Bob no share a secret. Or do they? Alice and Bob no share a secret. Or do they? “How does Bob know that the message really came from Alice?.” “How does Bob know that the message really came from Alice?.”

11 Authentication and Integrity with Public-Key Cryptography Before, Alice sent K BOB-PUBLIC {K s } Before, Alice sent K BOB-PUBLIC {K s } She could send K BOB-PUBLIC {K s, K ALICE-PRIVATE {K s }} She could send K BOB-PUBLIC {K s, K ALICE-PRIVATE {K s }} As before, only Bob can decrypt the information As before, only Bob can decrypt the information Now, Bob can use K ALICE-PUBLIC to decrypt K ALICE-PRIVATE {K s } Now, Bob can use K ALICE-PUBLIC to decrypt K ALICE-PRIVATE {K s } If the result is K s then Bob knows that the key was sent by Alice and that the key has not been altered in transmission. If the result is K s then Bob knows that the key was sent by Alice and that the key has not been altered in transmission. This is just an example to illustrate a digital signature. This is just an example to illustrate a digital signature. “Is there a more efficient way to prove message integrity than by copying the whole thing?” “Is there a more efficient way to prove message integrity than by copying the whole thing?”

12 Tool # 3: Message Digests For a message m, apply a hash function H which yields a fixed-length message digest H(m) (also called a “digital fingerprint”). For a message m, apply a hash function H which yields a fixed-length message digest H(m) (also called a “digital fingerprint”). good hash function: easy to compute and infeasible to compute m given H(m) good hash function: easy to compute and infeasible to compute m given H(m) Examples: SHA-1, MD5 Examples: SHA-1, MD5

13 Tool # 4: Digital Signature (using message digest) Alice composes a message m to Bob. Alice composes a message m to Bob. She computes H(m) and encrypts it with her private key. She computes H(m) and encrypts it with her private key. She sends (m, K ALICE-PRIVATE {H(m)}) to Bob. She sends (m, K ALICE-PRIVATE {H(m)}) to Bob. Bob, or anyone, computes H(m), and compares it to the result of decrypting K ALICE-PRIVATE {H(m)} with Alice’s public key. Bob, or anyone, computes H(m), and compares it to the result of decrypting K ALICE-PRIVATE {H(m)} with Alice’s public key. If they are the same, authentication and integrity have been proven. If they are the same, authentication and integrity have been proven.

14 Sending secure information with PGP Alice: composes message m for Bob Alice: composes message m for Bob generates a random session key K s generates a random session key K s encrypts m: K s {m} ( = AES ENCRYPT (K s, m)) encrypts m: K s {m} ( = AES ENCRYPT (K s, m)) encrypts K s with Bob’s public key: K BOB-PUBLIC {K s } encrypts K s with Bob’s public key: K BOB-PUBLIC {K s } computes the message digest H(m) computes the message digest H(m) encrypts H(m) with her private key: K ALICE-PRIVATE {H(m)} encrypts H(m) with her private key: K ALICE-PRIVATE {H(m)} sends this: (K s {m}, K BOB-PUBLIC {K s }, K ALICE-PRIVATE {H(m)}) sends this: (K s {m}, K BOB-PUBLIC {K s }, K ALICE-PRIVATE {H(m)})

15 Receiving Secure Information with PGP Bob receives this: (K s {m}, K BOB-PUBLIC {K s }, K ALICE-PRIVATE {H(m)}) Bob receives this: (K s {m}, K BOB-PUBLIC {K s }, K ALICE-PRIVATE {H(m)}) decrypts K BOB-PUBLIC {K s } using his private key, yielding K s decrypts K BOB-PUBLIC {K s } using his private key, yielding K s decrypts K s {m} using K s, yielding m decrypts K s {m} using K s, yielding m computes H(m)’ using message digest algorithm H computes H(m)’ using message digest algorithm H decrypts K ALICE-PRIVATE {H(m)} using K ALICE-PUBLIC yielding H(m) decrypts K ALICE-PRIVATE {H(m)} using K ALICE-PUBLIC yielding H(m) compares H(m)’ to H(m) compares H(m)’ to H(m)

16 Summary PGP combines the use of several tools PGP combines the use of several tools public-key cryptography, private-key cryptography, public-key cryptography, private-key cryptography, message digests to provide all of the elements necessary for secure communication to provide all of the elements necessary for secure communication privacy, integrity, authentication, non-repudiation privacy, integrity, authentication, non-repudiation

17 Other Stuff Can you trust that the public key you are using really belongs to the intended recipient? Can you trust that the public key you are using really belongs to the intended recipient? Fake public keys Fake public keys Authentication by trusted third party Authentication by trusted third party

Download ppt "Pretty Good Privacy by Philip Zimmerman presented by: Chris Ward."

Similar presentations

Internet and Intranet Protocols and Applications Lecture 9a: Secure Sockets Layer (SSL) March, 2004 Arthur Goldberg Computer Science Department New York.

Internet and Intranet Protocols and Applications Lecture 9a: Secure Sockets Layer (SSL) March, 2004 Arthur Goldberg Computer Science Department New York.
CS 6262 Spring 02 - Lecture #7 (Tuesday, 1/29/2002) Introduction to Cryptography.

CS 6262 Spring 02 - Lecture #7 (Tuesday, 1/29/2002) Introduction to Cryptography.
Digital Signatures and Hash Functions. Digital Signatures.

Digital Signatures and Hash Functions. Digital Signatures.
PGP Overview 2004/11/30 Information-Center meeting peterkim.

PGP Overview 2004/11/30 Information-Center meeting peterkim.
 Public key (asymmetric) cryptography o Modular exponentiation for encryption/decryption  Efficient algorithms for this o Attacker needs to factor large.

 Public key (asymmetric) cryptography o Modular exponentiation for encryption/decryption  Efficient algorithms for this o Attacker needs to factor large.
TCP/IP Protocol Suite 1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 29 Cryptography and Network.

TCP/IP Protocol Suite 1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 29 Cryptography and Network.
Public-key Cryptography Montclair State University CMPT 109 J.W. Benham Spring, 1998.

Public-key Cryptography Montclair State University CMPT 109 J.W. Benham Spring, 1998.
20-751 ECOMMERCE TECHNOLOGY SUMMER 2002 COPYRIGHT © 2002 MICHAEL I. SHAMOS Cryptographic Security.

ECOMMERCE TECHNOLOGY SUMMER 2002 COPYRIGHT © 2002 MICHAEL I. SHAMOS Cryptographic Security.
Secure communications Week 10 – Lecture 2. To summarise yesterday Security is a system issue Technology and security specialists are part of the system.

Secure communications Week 10 – Lecture 2. To summarise yesterday Security is a system issue Technology and security specialists are part of the system.
20-751 ECOMMERCE TECHNOLOGY FALL 2003 COPYRIGHT © 2003 MICHAEL I. SHAMOS Cryptography.

ECOMMERCE TECHNOLOGY FALL 2003 COPYRIGHT © 2003 MICHAEL I. SHAMOS Cryptography.
Symmetric Key Distribution Protocol with Hybrid Crypto Systems Tony Nguyen.

Symmetric Key Distribution Protocol with Hybrid Crypto Systems Tony Nguyen.
Cryptographic Technologies

Cryptographic Technologies
Secure Hashing and DSS Sultan Almuhammadi ICS 454 Principles of Cryptography.

Secure Hashing and DSS Sultan Almuhammadi ICS 454 Principles of Cryptography.
Cryptography (continued). Enabling Alice and Bob to Communicate Securely m m m Alice Eve Bob m.

Cryptography (continued). Enabling Alice and Bob to Communicate Securely m m m Alice Eve Bob m.
Introduction to Public Key Infrastructure (PKI) Office of Information Security The University of Texas at Brownsville & Texas Southmost College.

Introduction to Public Key Infrastructure (PKI) Office of Information Security The University of Texas at Brownsville & Texas Southmost College.
Network Security – Part 2 V.T. Raja, Ph.D., Oregon State University.

Network Security – Part 2 V.T. Raja, Ph.D., Oregon State University.
Public Key Cryptography RSA Diffie Hellman Key Management Based on slides by Dr. Lawrie Brown of the Australian Defence Force Academy, University College,

Public Key Cryptography RSA Diffie Hellman Key Management Based on slides by Dr. Lawrie Brown of the Australian Defence Force Academy, University College,
Information Security. Information Security Requirements Confidentiality: Protection from disclosure to unauthorised persons Access control: Unauthorised.

Information Security. Information Security Requirements Confidentiality: Protection from disclosure to unauthorised persons Access control: Unauthorised.
Network Security. Contents Security Requirements and Attacks Confidentiality with Conventional Encryption Message Authentication and Hash Functions Public-Key.

Network Security. Contents Security Requirements and Attacks Confidentiality with Conventional Encryption Message Authentication and Hash Functions Public-Key.
Computer Science CSC 774Dr. Peng Ning1 CSC 774 Advanced Network Security Topic 2. Review of Cryptographic Techniques.

Computer Science CSC 774Dr. Peng Ning1 CSC 774 Advanced Network Security Topic 2. Review of Cryptographic Techniques.

Similar presentations

Ads by Google