Presentation is loading. Please wait.

Presentation is loading. Please wait.

Pretty Good Privacy (PGP) Security for Electronic Email.

Published byStephany Bradford Modified over 8 years ago

Similar presentations

Presentation on theme: "Pretty Good Privacy (PGP) Security for Electronic Email."— Presentation transcript:

1 Pretty Good Privacy (PGP) Security for Electronic Email

2 Email Most popular network-based application Sending an email between two distant sites means that the email has to transit dozens of machines on the way Those machines may read and record the message Privacy is thus non-existent by default There are systems for secure e-mails –PGP (Pretty Good Privacy) -S/MIME Secure/Multipurpose Internet Mail Extension

3 PGP Developed by Phil Zimmerman in 1995. Documentation and source code is freely available. The package is independent of operating system and processor. PGP does not rely on the “establishment” and it’s popularity and use have grown extensively since 1995.

4 PGP Features It is based on the best available crypto algorithms –Considered very strong and secure Mainly used for email and file storage applications Independent of governmental organizations Messages are automatically compressed

5 PGP Components There are five important services in PGP –Authentication (Sign/Verify) –Confidentiality (Encryption/Decryption) –Compression –Email compatibility –Segmentation and Reassembly The last three are transparent to the user

6 PGP: Authentication steps Sender: 1.Creates a message 2.Hashes it to 160-bits using SHA1 3.Encrypts the hash code using her private key, forming a signature 4.Attaches the signature to message Receiver: 1.Decrypts attached signature using sender’s public key and recovers hash code 2.Re computes hash code using message and compares with the received hash code’ 3.If they match, accepts the message

7 M= original message H= hash function | | = concatenation (join) Z= compression Z -1 = decompression EP= public key encryption DP= public key decryption KR a = A’s private key KU a = A’s public key Stallings, Fig 5.1a Encryption on hash code to get signature Sig + M

8 PGP: Confidentiality Sender: 1. Generates message and a random number (session key) only for this message 2. Encrypts message with the session key using AES, 3DES, 3. Encrypts session key itself with recipient’s public key using RSA 4.Attaches it to message Receiver: 1.Recovers session key by decrypting using his private key 2.Decrypts message using the session key.

9 PGP Confidentiality 1.Alice wishes to send Bob a confidential message m. 2.Alice generates a random session key k for a symmetric cryptosystem. 4.Alice encrypts the message m with the session key k to get ciphertext c c=sk.encrypt k (m)

10 4. Alice encrypts k using Bob’s public key B e to get k’ = pk.encrypt Be (k) 5.Alice sends Bob the values (k’,c) 6.Bob receives the values (k’,c) and decrypts k’ using his private key B d to obtain k k=pk.decrypt Bd (k’)

11 7.Bob uses the session key k to decrypt the ciphertext c and recover the message m m=sk.decrypt k (c) Public and symmetric key cryptosystems are combined in this way to provide security for key exchange and then efficiency for encryption. The session key k is used only to encrypt message m and is not stored for any length of time.

12 EC= symmetric encryption DC= symmetric decryption K s = session key EP= Public key encryption Stallings, 5.1b

13 Confidentiality pitfall Note that confidentiality service provides no assurance to the receiver as to the identity of sender (i.e. no authentication) Only provides confidentiality for sender that only the recipient can read the message (and no one else)

14 Combining authentication and confidentiality in PGP Authentication and confidentiality can be combined –A message can be both signed and encrypted That is called authenticated confidentiality Encryption/Decryption process is “nested” within the process shown for authentication alone See next slide

15

16 Format of a classic PGP message Key part contains the key and a key identifier Signature part contains a header, followed by a timestamp, the ID of the sender’s public key that should be used for decrypting the signature hash, some type information to identify the algorithms used (for more flexibility), and the encrypted hash Message part contains a header, the default name of the file if the receiver is saving it on the disk, a message creation timestamp, and the message

17 PGP Compression Compression is done after signing the hash –Why? –Saves having to compress document every time you wish to verify its signature It is also done before encryption –Why? –To speed up the process (less data to encrypt) –Also improves security Compressed messages are more difficult to cryptanalyze as they have less redundancy

18

19 PGP Email compatibility PGP is designed to be compatible with all email systems Makes no assumptions regarding ability to handle attachments etc. –Handles both the simplest system and the most complex system –Output of encryption and compression functions is divided into 6-bit blocks Each block is mapped onto an ASCII Character This is called RADIX-64 encoding Has the side-effect of increasing the size of the data by about 33%

20 PGP E-Mail Compatibility Many electronic mail systems can only transmit blocks of ASCII text. This can cause a problem when sending encrypted data since ciphertext blocks might not correspond to ASCII characters which can be transmitted. PGP overcomes this problem by using radix-64 conversion.

21 Radix-64 conversion 1.The binary input is split into blocks of 24 bits 2.Each 24 is then split into four sets each of 6-bits. 3.Each 6-bit set will then have a value between 0 and 2 6 -1 (=63). 4.This value is encoded into a printable character.

22 RADIX-64 encoding

23 An example Radix-64' is a method of converting binary files into text format. First, it breaks the bit stream of the binary file into bit groups of six. Next, it looks at each group of six as an individual character. It then converts each group of six bits into a text character. For example, `010111' would correspond to a decimal 23 which becomes (by Radix-64 definition) an upper case `X'. Other bit groups would be converted by this chart as well. Once we have converted all six bit characters into a text format, it is ready for transmission via conventional text modes

24 PGP Segmentation/Reassembly Email protocols have a maximum allowed size for messages –Like 100 KB –PGP divides messages that are too large into smaller ones –Divide and conquer Reassembly at the receiving end is required before verifying signature or decryption

Download ppt "Pretty Good Privacy (PGP) Security for Electronic Email."

Similar presentations

1 Pretty Good Privacy (PGP) Security for Electronic Email.

1 Pretty Good Privacy (PGP) Security for Electronic .
Email Security 1. email is one of the most widely used and regarded network services currently message contents are not secure may be inspected either.

Security 1. is one of the most widely used and regarded network services currently message contents are not secure may be inspected either.
Lecture 5: Email security: PGP Anish Arora CSE 5473 Introduction to Network Security.

Lecture 5: security: PGP Anish Arora CSE 5473 Introduction to Network Security.
Lecture 5: Email security: PGP Anish Arora CIS694K Introduction to Network Security.

Lecture 5: security: PGP Anish Arora CIS694K Introduction to Network Security.
Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.

Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.
Chapter 5 Electronic mail security. Outline Pretty good privacy S/MIME Recommended web sites.

Chapter 5 Electronic mail security. Outline Pretty good privacy S/MIME Recommended web sites.
1 Pertemuan 12 E-mail Security Matakuliah: H0242 / Keamanan Jaringan Tahun: 2006 Versi: 1.

1 Pertemuan 12 Security Matakuliah: H0242 / Keamanan Jaringan Tahun: 2006 Versi: 1.
Cryptographic Technologies

Cryptographic Technologies
NS-H0503-02/11041 E-mail Security. NS-H0503-02/11042 Email Security email is one of the most widely used and regarded network services currently message.

NS-H / Security. NS-H / Security is one of the most widely used and regarded network services currently message.
Electronic mail security

Electronic mail security
Electronic mail security -- Pretty Good Privacy.

Electronic mail security -- Pretty Good Privacy.
Henric Johnson1 Electronic mail security Henric Johnson Blekinge Institute of Technology, Sweden

Henric Johnson1 Electronic mail security Henric Johnson Blekinge Institute of Technology, Sweden
Cryptography and Network Security Chapter 15 Fourth Edition by William Stallings Lecture slides by Lawrie Brown.

Cryptography and Network Security Chapter 15 Fourth Edition by William Stallings Lecture slides by Lawrie Brown.
Electronic Mail Security. Authentication and confidentiality problems Two systems: - PGP (Pretty Good Privacy) - S/MIME (Science Multipurpose Internet.

Electronic Mail Security. Authentication and confidentiality problems Two systems: - PGP (Pretty Good Privacy) - S/MIME (Science Multipurpose Internet.
Encryption Methods By: Michael A. Scott 20140508.

Encryption Methods By: Michael A. Scott
Lecture 9: Email Security via PGP CS 436/636/736 Spring 2012 Nitesh Saxena.

Lecture 9: Security via PGP CS 436/636/736 Spring 2012 Nitesh Saxena.
1 Fluency with Information Technology Lawrence Snyder Chapter 17 Privacy & Digital Security Encryption.

1 Fluency with Information Technology Lawrence Snyder Chapter 17 Privacy & Digital Security Encryption.
Electronic Mail Security

Electronic Mail Security
Secure e-mail r How do you do it? m Need to worry about sniffing, modifying, end- user masquerading, replaying. m If sender and receiver have shared secret.

Secure r How do you do it? m Need to worry about sniffing, modifying, end- user masquerading, replaying. m If sender and receiver have shared secret.
16.1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 16 Security at the Application Layer: PGP and.

16.1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 16 Security at the Application Layer: PGP and.

Similar presentations

Ads by Google