1 CNLab/University of Ulsan Chapter 16 Electronic Mail Security  PGP (Pretty Good Privacy)  S/MIME.

Slides:



Advertisements
Similar presentations
Security 1. is one of the most widely used and regarded network services currently message contents are not secure may be inspected either.
Advertisements

Lecture 5: security: PGP Anish Arora CSE 5473 Introduction to Network Security.
Lecture 5: security: PGP Anish Arora CIS694K Introduction to Network Security.
Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.
Chapter 5 Electronic mail security. Outline Pretty good privacy S/MIME Recommended web sites.
1 Pertemuan 12 Security Matakuliah: H0242 / Keamanan Jaringan Tahun: 2006 Versi: 1.
NS-H / Security. NS-H / Security is one of the most widely used and regarded network services currently message.
Electronic mail security
Electronic mail security -- Pretty Good Privacy.
Lecture 12 Security. Summary  PEM  secure  PGP  S/MIME.
Henric Johnson1 Electronic mail security Henric Johnson Blekinge Institute of Technology, Sweden
Cryptography and Network Security Chapter 15 Fourth Edition by William Stallings Lecture slides by Lawrie Brown.
Electronic Mail Security. Authentication and confidentiality problems Two systems: - PGP (Pretty Good Privacy) - S/MIME (Science Multipurpose Internet.
Lecture 9: Security via PGP CS 436/636/736 Spring 2012 Nitesh Saxena.
Electronic Mail Security
Secure r How do you do it? m Need to worry about sniffing, modifying, end- user masquerading, replaying. m If sender and receiver have shared secret.
1 Chapter 5 Electronic mail security. 2 Outline Pretty good privacy S/MIME Recommended web sites.
Cryptography and Network Security Chapter 18
16.1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 16 Security at the Application Layer: PGP and.
Chap 81 Electronic mail security. Chap 82 Outline Pretty good privacy S/MIME Recommended web sites.
Electronic mail security. Outline Pretty good privacy S/MIME.
Security.  is one of the most widely used and regarded network services  currently message contents are not secure may be inspected either.
Network Security Essentials Chapter 7 Fourth Edition by William Stallings (Based on Lecture slides by Lawrie Brown)
Chapter 6 Electronic Mail Security MSc. NGUYEN CAO DAT Dr. TRAN VAN HOAI 1.
1 Electronic mail security Ola Flygt Växjö University, Sweden
Electronic mail security
Cryptography and Network Security (CS435) Part Twelve (Electronic Mail Security)
Chapter 15: Electronic Mail Security
1 Electronic Mail Security Outline Pretty good privacy S/MIME Based on slides by Dr. Lawrie Brown of the Australian Defence Force Academy, University College,
1 Chapter 5 Electronic mail security. 2 Outline Pretty good privacy S/MIME Recommended web sites.
Pretty Good Privacy (PGP) Security for Electronic .
CSCE 815 Network Security Lecture 11 Security PGP February 25, 2003.
SECURITY – Chapter 15 SECURITY – Chapter 15 ….for authentication and confidentiality PGP 1.Uses best algorithms as building blocks 2.General.
NETWORK SECURITY.
Security PGP IT352 | Network Security |Najwa AlGhamdi 1.
X.509 Topics PGP S/MIME Kerberos. Directory Authentication Framework X.509 is part of the ISO X.500 directory standard. used by S/MIME, SSL, IPSec, and.
Security Using PGP - Prajakta Bahekar. Importance of Security is one of the most widely used network service on Computer Currently .
ECE-8813 / CS Prof. John A. Copeland fax Office:
PGP & IP Security  Pretty Good Privacy – PGP Pretty Good Privacy  IP Security. IP Security.
Electronic mail security PGP & S/MIME
1 Electronic Mail Security Behzad Akbari Fall 2009 In the Name of the Most High.
Electronic Mail Security Prepared by Dr. Lamiaa Elshenawy
Security  is one of the most widely used and regarded network services  currently message contents are not secure may be inspected either.
Security SMIME IT352 | Network Security |Najwa AlGhamdi 1.
By Marwan Al-Namari & Hafezah Ben Othman Author: William Stallings College of Computer Science at Al-Qunfudah Umm Al-Qura University, KSA, Makkah 1.
2013Prof. Reuven Aviv, Mail Security1 Pretty Good Privacy (PGP) Prof. Reuven Aviv Dept. of Computer Science Tel Hai Academic College.
Prof. Wenguo Wang Network Information Security Prof. Wenguo Wang Tel College of Computer Science QUFU NORMAL UNIVERSITY.
Lecture 8 (Chapter 18) Electronic Mail Security Prepared by Dr. Lamiaa M. Elshenawy 1.
第五章 电子邮件安全. Security is one of the most widely used and regarded network services currently message contents are not secure –may be inspected.
Electronic mail security. Outline Pretty good privacy S/MIME.
Security Depart. of Computer Science and Engineering 刘胜利 ( Liu Shengli) Tel:
Electronic mail security
K. U. Khimani Asst. Prof. IT Dept. VVP Engineering College
Security is one of the most widely used and regarded network services
Security Pretty Good Privacy (PGP)
Selected Research Topics Electronic Mail Security
Electronic Mail Security
MAIL AND SECURITY PERTEMUAN 13
Security at the Application Layer: PGP and S/MIME
ELECTRONIC MAIL SECURITY
ELECTRONIC MAIL SECURITY
Electronic mail security
Secure How do you do it? Need to worry about sniffing, modifying, end-user masquerading, replaying. If sender and receiver have shared secret keys,
Electronic Mail Security
Cryptography and Network Security
….for authentication and confidentiality PGP
Presentation transcript:

1 CNLab/University of Ulsan Chapter 16 Electronic Mail Security  PGP (Pretty Good Privacy)  S/MIME

2 CNLab/University of Ulsan Pretty Good Privacy (PGP)  Made by Phil Zimmermann;  Available free  Provides a confidentiality and authentication service for  Standardized in RFC 3156

3 CNLab/University of Ulsan Pretty Good Privacy (PGP) PGP services  Digital signature: DSS/SHA or RSA/SHA  Message encryption: cast-128, IDEA, or 3-DES  One-time session key for each message  Session key distribution: Diffie-Helmann or RSA  Message compression with ZIP  compatible: radix-64 binary-to-ASCii conversion  Segmentation: to accommodate max message size limitations

4 CNLab/University of Ulsan PGP Cryptographic Functions  Authentication only EP: public-key Enc. EC: secret-key Enc. H: hashing Z: compression

5 CNLab/University of Ulsan PGP Cryptographic Functions  Confidentiality only EP: public-key Enc. EC: secret-key Enc. H: hashing Z: compression E KUb [K s ]

6 CNLab/University of Ulsan PGP Cryptographic Functions  Confidentiality and authentication EP: public-key Enc. EC: secret-key Enc. H: hashing Z: compression

7 CNLab/University of Ulsan PGP Cryptographic Keys  One-time session key  A random session key is generated by sender for each message  Public and private keys  PGP allows users to have multiple public/private key pairs.  Session key is encrypted using one of the recipient’s public keys.  Sender sends the keyID (the least significant 64 bits of the key) of the public key used for the encryption.  Passphrase-based encryption of private key  Users store their own private key in encrypted form.  Password used to encrypt the owner’s private key.

8 CNLab/University of Ulsan PGP Packet Format  A PGP message consists of  Message packet  Signature packet  Session key packet  Packet format Packet header Packet body Packet tag Packet length Packet tag: denotes the type of packet in the packet body

9 CNLab/University of Ulsan PGP Message Format  Message component  Data to be transmitted  Signature component  Timestamp: time at which the signature is made  Message digest: 160-bit SHA digest encrypted with sender’s private key  keyID of sender’s public key  Session key component  Session key  keyID of recipient’s public key used to encrypt session key

10 CNLab/University of Ulsan PGP Message Format

11 CNLab/University of Ulsan PGP Key Rings  Private-key ring  Stores the public/private key pairs owned by that node  Private keys are encrypted using a key based on the user’s passphrase (SHA hash code of the passphrase)

12 CNLab/University of Ulsan PGP Key Rings  Public-key ring  PGP allows multiple public/private key pairs foe each user  Stores other’s public keys known at this node  Public keys can be obtained in various ways

13 CNLab/University of Ulsan PGP Key Rings  Public-key ring  Owner trust: trust value for the key owner; assigned by the user when the user enters a new public key; unknown, untrusted, marginally trusted, completely trusted  Signatures: signatures attached to the key  Signature trusts: trust value for the owner of this signature attached to the key; “unknown” value is assigned if the owner is not known  Key legitimacy: the extent to which PGP will trust the key; derived from the values in the signature trusts fields; weighted sum of the trust values of the signatures

14 CNLab/University of Ulsan PGP Trust Model  User A may obtain B’s public key:  physically get the key from B.  obtain B’s key from a mutual trusted individual D.  obtain and verify B’s key by telephone.  obtain B’s key from a trusted certifying authority.

15 CNLab/University of Ulsan PGP Trust Model  When a new public key is inserted on public-key ring  assigns the trust value of the key’s owner given by the user  the trust value for each signature attached at the key is given to the OwnerTrust value for the owner of the signature; if the owner for the signature is not in the key ring, it is given to a unknown user value  Key legitimacy value is calculated based on the signature trust fields present in the entry

16 CNLab/University of Ulsan PGP Trust Model PGP trust model example (public-key ring)  The user signs keys whose owners are fully or partly trusted (except L).  One trusted signature or two partly trusted signatures are sufficient to certify a key, but the key’s owner may not be trusted.  Key revocation by issuing a key revocation certificate

17 CNLab/University of Ulsan S/MIME  Industrial standard for commercial and organizational use  RFC 822  Traditional format for transmitting text messages  Header + blankLine + Body

18 CNLab/University of Ulsan MIME  MIME (Multipurpose Internet Mail Extensions)  Extends RFC822 to resolve problems of traditional  New headers  MIME-Version:  Content-Type: type of content in the message body (text/plain, multipart/mixed, video/mpeg, …)  Content-Transfer-Encoding: type of transmission of the message body to be transmitted by the MTA  Content-ID: to overcome the mail size limitations  Content-Description:

19 CNLab/University of Ulsan MIME MIME content types  Type: major type  Text, multipart, message, image, video, audio, application  Subtype: minor type  Text: plain, enriched  Multipart: mixed, parallel, alternative, digest  Image: jpeg, gif,  Application: PostScript, Octet-stream, …

20 CNLab/University of Ulsan S/MIME Functionality  Enveloped data: encrypted data and encrypted encryption key  Signed data: content + digital signature; encoded using base64 encoding  Clear-signed data: content + digital signature; only digital signature is encoded using base64 encoding  Signed and enveloped data: content + digital signature; encrypted using a key

21 CNLab/University of Ulsan S/MIME Cryptographic Algorithms  Encryption: 3DES, 40bit RC2  Digital signature: DSS, 160bit SHA-1, 128bit MD5  Session key encryption: Diffie-Hellmann, RSA  Sending agent and receiving agent determines the encryption algorithm via negotiation.

22 CNLab/University of Ulsan S/MIME Public Key Management  S/MIME key management: a hybrid of X.509 and PGP key management model  Certificates are managed locally but the certificates are signed by certification authorities  S/MIME user agent  generate his own public/private pairs  register the public key and receive X.590 certificate for the key  store other’s certificates in a local storage and verify the incoming certificates

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.