Presentation is loading. Please wait.

Presentation is loading. Please wait.

Email Security.  email is one of the most widely used and regarded network services  currently message contents are not secure may be inspected either.

Published byAshlyn Lindsey Modified over 8 years ago

Similar presentations

Presentation on theme: "Email Security.  email is one of the most widely used and regarded network services  currently message contents are not secure may be inspected either."— Presentation transcript:

1 Email Security

2  email is one of the most widely used and regarded network services  currently message contents are not secure may be inspected either in transit or can be disclosed on destination system

3 Email Security Enhancements Confidentiality protection from disclosure Authentication of sender of message Message integrity protection from modification Non-repudiation of origin protection from denial by sender

4 Pretty Good Privacy (PGP)  widely used de facto secure email  developed by Phil Zimmermann  selected best available crypto algs to use  integrated into a single program  on Unix, PC, Macintosh and other systems  originally free, now also have commercial versions available

5 The actual operation of PGP consists of five services: ◦ Authentication ◦ Confidentiality ◦ Compression ◦ E-mail compatibility ◦ Segmentation

6

7 Authentication The steps for authentication are as follows ◦ The sender creates a message ◦ SHA-1 is used to generate 160-bit hash code ◦ Hash code is encrypted with RSA using senders private key ◦ Receiver uses RSA to decrypt the hash code ◦ Receiver generates a new hash code and compares with the decrypted one

8 Confidentiality The steps to obtain confidentiality are as follows ◦ The sender generates a message and a random 128-bit number called the session key ◦ The message is encrypted with CAST-128 ◦ The session key is encrypted with recipients’ public key using RSA ◦ The recipient uses RSA with its private key to decrypt the session key ◦ The session key decrypts the message

9 Confidentiality and Authentication To have both confidentiality and authentication ◦ The sender first signs the message using it’s own private key ◦ Then encrypts the message with the session key ◦ Then encrypts the session key with the recipient’s private key

10 Compression PGP compresses files using a ZIP algorithm ◦ The signature is generated before compression  To store the uncompressed message with the signature  Would interfere with compression because of multiple compression algorithms exist. ◦ Message encryption is after compression  To strengthen cryptographic security, as it reduces redundancy

11 Compatibility E-mail sends only ASCII characters ◦ Because of this PGP converts message to ASCII  Converts three octets into four ASCII characters  Expands message by 33%  After compression, there is a net reduction by a third

12 Segmentation and Reassembly Some mail providers impose a maximum length of 50,000 octets ◦ PGP will automatically subdivide any message too large into small enough segments to send via e-mail  This is done after all other processing

13 Cryptographic Keys PGP uses four types of keys ◦ Session keys ◦ Public keys ◦ Private Keys ◦ Passphrase keys

14 Cryptographic Keys Three requirements for the keys ◦ Needs a mean of generating unpredictable session keys ◦ Would like a way to allow each user to have multiple public/private key pairs ◦ Maintain a file of the public/private key pairs

15 Session Key Generation Random 128-bit numbers are generated using CAST-128 Input to the number generator takes in is a 128-bit key and two 64-bit blocks of plaintext.

16 Key identifiers With multiple private/public key pairs, there needs to be a way for the receiver to know which to use ◦ How this is done is through the combination of a 64 bit key ID, which is unique to a user ID.  With this key ID, the receiver can retrieve the correct public key of the sender to decrypt the message.  A list of these key ID’s are placed in what is called a key ring.

17 PGP Message Generation

18 The sending PGP entity performs the following steps: ◦ Signs the message:  PGP gets sender’s private key from key ring using its user id as an index.  PGP prompts user for passphrase to decrypt private key.  PGP constructs the signature component of the message. ◦ Encrypts the message:  PGP generates a session key and encrypts the message.  PGP retrieves the receiver public key from the key ring using its user id as an index.  PGP constructs session component of message

19 PGP Message Reception

20 The receiving PGP entity performs the following steps: ◦ Decrypting the message:  PGP get private key from private-key ring using Key ID field in session key component of message as an index.  PGP prompts user for passphrase to decrypt private key.  PGP recovers the session key and decrypts the message. ◦ Authenticating the message:  PGP retrieves the sender’s public key from the public-key ring using the Key ID field in the signature key component as index.  PGP recovers the transmitted message digest.  PGP computes the message for the received message and compares it to the transmitted version for authentication.

Download ppt "Email Security.  email is one of the most widely used and regarded network services  currently message contents are not secure may be inspected either."

Similar presentations

Cryptography and Network Security Chapter 18

Cryptography and Network Security Chapter 18
Email Security 1. email is one of the most widely used and regarded network services currently message contents are not secure may be inspected either.

Security 1. is one of the most widely used and regarded network services currently message contents are not secure may be inspected either.
Pretty Good Privacy Dan Fleck CS 469: Security Engineering These slides are modified with permission from Bill Young (Univ of Texas) Coming up: Pretty.

Pretty Good Privacy Dan Fleck CS 469: Security Engineering These slides are modified with permission from Bill Young (Univ of Texas) Coming up: Pretty.
Lecture 5: Email security: PGP Anish Arora CSE 5473 Introduction to Network Security.

Lecture 5: security: PGP Anish Arora CSE 5473 Introduction to Network Security.
Lecture 5: Email security: PGP Anish Arora CIS694K Introduction to Network Security.

Lecture 5: security: PGP Anish Arora CIS694K Introduction to Network Security.
Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.

Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.
Chapter 5 Electronic mail security. Outline Pretty good privacy S/MIME Recommended web sites.

Chapter 5 Electronic mail security. Outline Pretty good privacy S/MIME Recommended web sites.
1 Pertemuan 12 E-mail Security Matakuliah: H0242 / Keamanan Jaringan Tahun: 2006 Versi: 1.

1 Pertemuan 12 Security Matakuliah: H0242 / Keamanan Jaringan Tahun: 2006 Versi: 1.
NS-H0503-02/11041 E-mail Security. NS-H0503-02/11042 Email Security email is one of the most widely used and regarded network services currently message.

NS-H / Security. NS-H / Security is one of the most widely used and regarded network services currently message.
Electronic mail security

Electronic mail security
Electronic mail security -- Pretty Good Privacy.

Electronic mail security -- Pretty Good Privacy.
Cryptography and Network Security Chapter 15 Fourth Edition by William Stallings Lecture slides by Lawrie Brown.

Cryptography and Network Security Chapter 15 Fourth Edition by William Stallings Lecture slides by Lawrie Brown.
Electronic Mail Security. Authentication and confidentiality problems Two systems: - PGP (Pretty Good Privacy) - S/MIME (Science Multipurpose Internet.

Electronic Mail Security. Authentication and confidentiality problems Two systems: - PGP (Pretty Good Privacy) - S/MIME (Science Multipurpose Internet.
Lecture 9: Email Security via PGP CS 436/636/736 Spring 2012 Nitesh Saxena.

Lecture 9: Security via PGP CS 436/636/736 Spring 2012 Nitesh Saxena.
SMUCSE 5349/49 Email Security. SMUCSE 5349/7349 Threats Threats to the security of e-mail itself –Loss of confidentiality E-mails are sent in clear over.

SMUCSE 5349/49 Security. SMUCSE 5349/7349 Threats Threats to the security of itself –Loss of confidentiality s are sent in clear over.
Electronic Mail Security

Electronic Mail Security
Secure e-mail r How do you do it? m Need to worry about sniffing, modifying, end- user masquerading, replaying. m If sender and receiver have shared secret.

Secure r How do you do it? m Need to worry about sniffing, modifying, end- user masquerading, replaying. m If sender and receiver have shared secret.
Cryptography and Network Security Chapter 18

Cryptography and Network Security Chapter 18
Chap 81 Electronic mail security. Chap 82 Outline Pretty good privacy S/MIME Recommended web sites.

Chap 81 Electronic mail security. Chap 82 Outline Pretty good privacy S/MIME Recommended web sites.
Electronic mail security. Outline Pretty good privacy S/MIME.

Electronic mail security. Outline Pretty good privacy S/MIME.

Similar presentations

Ads by Google