Presentation is loading. Please wait.

Presentation is loading. Please wait.

Electronic Mail Security Prepared by Dr. Lamiaa Elshenawy

Published byJayson Bridges Modified over 8 years ago

Similar presentations

Presentation on theme: "Electronic Mail Security Prepared by Dr. Lamiaa Elshenawy"— Presentation transcript:

1 Electronic Mail Security Prepared by Dr. Lamiaa Elshenawy
Computer Security Lecture 9 Ch.18 Electronic Mail Security Prepared by Dr. Lamiaa Elshenawy

2 Outline Pretty Good Privacy S/MIME RFCs S/MIME Functions Notation
Operational Description Cryptographic Keys S/MIME RFCs S/MIME Functions

3 Electronic Mail Security Pretty Good Privacy
Pretty Good Privacy (PGP): data encryption/decryption computer program privacy& authentication data communication PGP signing, encrypting/decrypting texts, s, files increase the security of communications Created by Phil Zimmermann provides Used in Used for Used for

4 Why Pretty Good Privacy?
Available free worldwide (Windows, UNIX, Macintosh) Based on algorithms considered extremely secure RSA, DSS, and Diffie-Hellman for public-key encryption CAST-128, IDEA, and 3DES for symmetric encryption SHA-1 for hash coding Wide range of applicability (encrypting files and messages to individuals who wish to communicate securely) Not developed by, nor controlled by, any governmental or standards organization PGP on an Internet standards track (RFC 3156; MIME Security)

5 How PGP encryption works

6 Pretty Good Privacy Summary of PGP Services
Radix-64 is a group of binary- to- text encoding schemes that represent binary data in an ASCII code

7 Pretty Good Privacy Notation
Description Ks session key used in symmetric encryption scheme PRa private key of user A, used in public-key encryption scheme PUa public key of user A, used in public-key encryption scheme EP public-key encryption DP public-key decryption EC symmetric encryption DC symmetric decryption H hash function Z Z-1 compression using ZIP algorithm decompression R64 conversion to radix 64 ASCII format ││ concatenation

8 PGP Cryptographic Functions

9 Pretty Good Privacy Operational Description
The sender creates a message SHA-1 is used to generate a 160-bit hash code of the message The hash code is encrypted with RSA using the sender’s private key, and the result is prepended to the message The receiver uses RSA with the sender’s public key to decrypt and recover the hash code The receiver generates a new hash code for the message and compares it with the decrypted hash code. If the two match, the message is accepted as authentic a: Digital signature service provided by PGP (Authentication)

10 Pretty Good Privacy Operational Description
The sender generates a message and a random 128-bit number to be used as a session key for this message only The message is encrypted using CAST-128 (or IDEA or 3DES) with the session key The session key is encrypted with RSA using the recipient’s public key and is prepended to the message The receiver uses RSA with its private key to decrypt and recover the session key The session key is used to decrypt the message b: Confidentiality service provided by PGP

11 Pretty Good Privacy Operational Description
The sender creates a message The hash code is generated using SHA-1( 160-bit) for the message. The sender signs the message with its own private key, then encrypts the message with a session key The session key is encrypted with the recipient’s public key The receiver uses RSA with the sender’s public key to decrypt and recover the hash code. The receiver generates a new hash code for the message and compares it with the decrypted hash code. If the two match, the message is accepted as authentic. c: Authentication & Confidentiality service provided by PGP

12 Pretty Good Privacy Compression
PGP compresses the message save space both for transmission and file storage PGP compresses the message after signature but before encryption store uncompressed message together with the signature future verification to to for

13 Pretty Good Privacy PGP Functions
Hashing (SHA-1) Authentication Symmetric-Key cryptography (CAST-128, IDEA, and 3DES) Confidentiality Public- key cryptography (RSA, DSS, and Diffie-Hellman ) Digital Signature Data compression/ Data decompression

14 Transmission and Reception of PGP Messages

15 Transmission and Reception of PGP Messages
On transmission Signature (If required) is generated using a hash code of uncompressed plaintext Plaintext (plus signature if present) is compressed The block (If confidentiality required), is encrypted and prepended with the public-key encrypted symmetric encryption key The block is converted to radix-64 format On reception The incoming block is converted back from radix-64 format to binary If the message is encrypted, the recipient recovers the session key and decrypts the message The resulting block is then decompressed If the message is signed, the recipient recovers the transmitted hash code and compares it to its own calculation of the hash code

16 Electronic Mail Security S/MIME
S/MIME version of the MIME protocol supports encryption of messages (RSA technology) S/MIME is a standard used to include content of various types in a single message S/MIME IETF standards (RFC 2821 and RFC 2822) S/MIME RSA Data Security Inc. follow Developed by S/MIME: Secure/Multipurpose Internet Mail Extensions IETF: Internet Engineering Task Force RFC: Request for Comments

17 Electronic Mail Security S/MIME
MIME SMTP format of mail messages multiple content, both textual and non-textual (images, audio, or text in different character sets) extends include SMTP : Simple Mail Transfer Protocol

18 What is the format of an e-mail message?
Internet messages follow the format standards that are defined in RFC 2821/RFC 2822 A message is made up of header fields and a body A message can be sent without a body (body is optional), but not without a header

19 Example message

20 S/MIME functions Enveloped data
Generate a session key for a symmetric encryption algorithm (RC2/40 or triple DES) Encrypt the session key with the recipient’s public key (RSA) Prepare a block known as Recipient Info contains an identifier of the recipient’s public-key certificate an identifier of the algorithm used to encrypt the session key Encrypt the message content with the session key

21 S/MIME functions Signed data
Select a message digest algorithm (SHA or MD5). Compute the message digest (hash function) of the content to be signed. Encrypt the message digest with the signer’s private key. Prepare a block known as SignerInfo contains Signer’s public key certificate an identifier of the message digest algorithm an identifier of the algorithm used to encrypt the message digest, and the encrypted message digest

22 S/MIME functions Clear-signed data
Digital signature of the content is formed Digital signature is encoded using base64 Recipients without S/MIME capability can view the message content and cannot verify the signature

23 S/MIME functions Signed and enveloped data
Encrypted data may be signed Signed data or clear-signed data may be encrypted

24 Cryptographic Algorithms used in S/MIME

25 Thank you for your attention

Download ppt "Electronic Mail Security Prepared by Dr. Lamiaa Elshenawy"

Similar presentations

Cryptography and Network Security Sixth Edition by William Stallings.

Cryptography and Network Security Sixth Edition by William Stallings.
Email Security 1. email is one of the most widely used and regarded network services currently message contents are not secure may be inspected either.

Security 1. is one of the most widely used and regarded network services currently message contents are not secure may be inspected either.
Lecture 5: Email security: PGP Anish Arora CSE 5473 Introduction to Network Security.

Lecture 5: security: PGP Anish Arora CSE 5473 Introduction to Network Security.
Lecture 5: Email security: PGP Anish Arora CIS694K Introduction to Network Security.

Lecture 5: security: PGP Anish Arora CIS694K Introduction to Network Security.
Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.

Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.
Data & Network Security

Data & Network Security
Chapter 5 Electronic mail security. Outline Pretty good privacy S/MIME Recommended web sites.

Chapter 5 Electronic mail security. Outline Pretty good privacy S/MIME Recommended web sites.
1 Pertemuan 12 E-mail Security Matakuliah: H0242 / Keamanan Jaringan Tahun: 2006 Versi: 1.

1 Pertemuan 12 Security Matakuliah: H0242 / Keamanan Jaringan Tahun: 2006 Versi: 1.
NS-H0503-02/11041 E-mail Security. NS-H0503-02/11042 Email Security email is one of the most widely used and regarded network services currently message.

NS-H / Security. NS-H / Security is one of the most widely used and regarded network services currently message.
Electronic mail security

Electronic mail security
Electronic mail security -- Pretty Good Privacy.

Electronic mail security -- Pretty Good Privacy.
Henric Johnson1 Electronic mail security Henric Johnson Blekinge Institute of Technology, Sweden

Henric Johnson1 Electronic mail security Henric Johnson Blekinge Institute of Technology, Sweden
Cryptography and Network Security Chapter 15 Fourth Edition by William Stallings Lecture slides by Lawrie Brown.

Cryptography and Network Security Chapter 15 Fourth Edition by William Stallings Lecture slides by Lawrie Brown.
Electronic Mail Security. Authentication and confidentiality problems Two systems: - PGP (Pretty Good Privacy) - S/MIME (Science Multipurpose Internet.

Electronic Mail Security. Authentication and confidentiality problems Two systems: - PGP (Pretty Good Privacy) - S/MIME (Science Multipurpose Internet.
Lecture 9: Email Security via PGP CS 436/636/736 Spring 2012 Nitesh Saxena.

Lecture 9: Security via PGP CS 436/636/736 Spring 2012 Nitesh Saxena.
Electronic Mail Security

Electronic Mail Security
1 Chapter 5 Electronic mail security. 2 Outline Pretty good privacy S/MIME Recommended web sites.

1 Chapter 5 Electronic mail security. 2 Outline Pretty good privacy S/MIME Recommended web sites.
16.1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 16 Security at the Application Layer: PGP and.

16.1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 16 Security at the Application Layer: PGP and.
Chap 81 Electronic mail security. Chap 82 Outline Pretty good privacy S/MIME Recommended web sites.

Chap 81 Electronic mail security. Chap 82 Outline Pretty good privacy S/MIME Recommended web sites.
Electronic mail security. Outline Pretty good privacy S/MIME.

Electronic mail security. Outline Pretty good privacy S/MIME.

Similar presentations

Ads by Google