Secure e-mail Damascus University Faculty of Information Technology Networks specialization Secure e-mail.

Slides:



Advertisements
Similar presentations
Public Key Infrastructure and Applications
Advertisements

Authentication Applications. will consider authentication functions will consider authentication functions developed to support application-level authentication.
Cryptography Chapter 7 Part 4 Pages 833 to 874. PKI Public Key Infrastructure Framework for Public Key Cryptography and for Secret key exchange.
PGP Overview 2004/11/30 Information-Center meeting peterkim.
Authentication Cristian Solano. Cryptography is the science of using mathematics to encrypt and decrypt data. Public Key Cryptography –Problems with key.
Lecture 5: security: PGP Anish Arora CSE 5473 Introduction to Network Security.
Lecture 5: security: PGP Anish Arora CIS694K Introduction to Network Security.
6/3/2015topic1 Web Security Qiang Yang Simon Fraser University Thanks: Francis Lau (HKU)
1 Pertemuan 12 Security Matakuliah: H0242 / Keamanan Jaringan Tahun: 2006 Versi: 1.
Cryptography Basic (cont)
Secure communications Week 10 – Lecture 2. To summarise yesterday Security is a system issue Technology and security specialists are part of the system.
CSCI 530L Public Key Infrastructure. Who are we talking to? Problem: We receive an . How do we know who it’s from? address Can be spoofed.
Electronic mail security -- Pretty Good Privacy.
Cryptography and Network Security Chapter 15 Fourth Edition by William Stallings Lecture slides by Lawrie Brown.
Overview of Digital Signatures Introduction To Networks and Communications (CS 555) Presented by Bharath Kongara.
Digital Signature Xiaoyan Guo/ Xiaohang Luo/
» Explain the way that electronic mail ( ) works » Configure an client » Identify message components » Create and send messages.
Lecture 9: Security via PGP CS 436/636/736 Spring 2012 Nitesh Saxena.
1 Cryptography Cryptography is a collection of mathematical techniques to ensure confidentiality of information Cryptography is a collection of mathematical.
Networks and Security. Types of Attacks/Security Issues  Malware  Viruses  Worms  Trojan Horse  Rootkit  Phishing  Spyware  Denial of Service.
Secure r How do you do it? m Need to worry about sniffing, modifying, end- user masquerading, replaying. m If sender and receiver have shared secret.
Wireless and Security CSCI 5857: Encoding and Encryption.
Masud Hasan Secue VS Hushmail Project 2.
Authentication Question: how does a receiver know that remote communicating entity is who it is claimed to be?
Network Security – Part 2 (Continued) Lecture Notes for May 8, 2006 V.T. Raja, Ph.D., Oregon State University.
_______________________________________________________________________________________________________________ E-Commerce: Fundamentals and Applications1.
Electronic mail security. Outline Pretty good privacy S/MIME.
Security.  is one of the most widely used and regarded network services  currently message contents are not secure may be inspected either.
Securing Electronic Transactions University of Palestine Eng. Wisam Zaqoot April 2010 ITSS 4201 Internet Insurance and Information Hiding.
Cryptography  Why Cryptography  Symmetric Encryption  Key exchange  Public-Key Cryptography  Key exchange  Certification.
Cryptography Encryption/Decryption Franci Tajnik CISA Franci Tajnik.
Chapter 6 Electronic Mail Security MSc. NGUYEN CAO DAT Dr. TRAN VAN HOAI 1.
Digital Envelopes, Secure Socket Layer and Digital Certificates By: Anthony and James.
1 Securing Data and Communication. 2 Module - Securing Data and Communication ♦ Overview Data and communication over public networks like Internet can.
Cryptography and Network Security (CS435) Part Twelve (Electronic Mail Security)
Chapter 15: Electronic Mail Security
Middleware for Secure Environments Presented by Kemal Altıntaş Hümeyra Topcu-Altıntaş Osman Şen.
CSCE 815 Network Security Lecture 11 Security PGP February 25, 2003.
Security PGP IT352 | Network Security |Najwa AlGhamdi 1.
CS 4244: Internet Programming Security 1.0. Introduction Client identification and cookies Basic Authentication Digest Authentication Secure HTTP.
X.509 Topics PGP S/MIME Kerberos. Directory Authentication Framework X.509 is part of the ISO X.500 directory standard. used by S/MIME, SSL, IPSec, and.
CSCE 201 Security Fall CSCE Farkas2 Electronic Mail Most heavily used network-based application – Over 210 billion per day Used across.
Security Using PGP - Prajakta Bahekar. Importance of Security is one of the most widely used network service on Computer Currently .
PGP & IP Security  Pretty Good Privacy – PGP Pretty Good Privacy  IP Security. IP Security.
1 Thuy, Le Huu | Pentalog VN Web Services Security.
INFORMATION SECURITY MANAGEMENT P ROTECTION M ECHANISMS - C RYPTOGRAPHY.
© Copyright 2009 SSLPost 01. © Copyright 2009 SSLPost 02 a recipient is sent an encrypted that contains data specific to that recipient the data.
Computer Science Lecture 23, page 1 CS677: Distributed OS Security: Focus of Control Three approaches for protection against security threats a)Protection.
Electronic Mail Security Prepared by Dr. Lamiaa Elshenawy
Security  is one of the most widely used and regarded network services  currently message contents are not secure may be inspected either.
INFORMATION SECURITY MANAGEMENT P ROTECTION M ECHANISMS - C RYPTOGRAPHY.
By Marwan Al-Namari & Hafezah Ben Othman Author: William Stallings College of Computer Science at Al-Qunfudah Umm Al-Qura University, KSA, Makkah 1.
Security By Meenal Mandalia. What is ? stands for Electronic Mail. much the same as a letter, only that it is exchanged in a different.
Chapter 7 : Web Security Lecture #1-Week 12 Dr.Khalid Dr. Mohannad Information Security CIT 460 Information Security Dr.Khalid Dr. Mohannad 1.
Secure Instant Messenger in Android Name: Shamik Roy Chowdhury.
IP Security (IPSec) Matt Hermanson. What is IPSec? It is an extension to the Internet Protocol (IP) suite that creates an encrypted and secure conversation.
Prof. Wenguo Wang Network Information Security Prof. Wenguo Wang Tel College of Computer Science QUFU NORMAL UNIVERSITY.
CRYPTOGRAPHY Cryptography is art or science of transforming intelligible message to unintelligible and again transforming that message back to the original.
Network Security Chapter 8 roadmap 8.1 What is network security? 8.2 Principles of cryptography (confidentiality) 8.3 Message integrity 8.4 End-point authentication.
Lecture 8 (Chapter 18) Electronic Mail Security Prepared by Dr. Lamiaa M. Elshenawy 1.
第五章 电子邮件安全. Security is one of the most widely used and regarded network services currently message contents are not secure –may be inspected.
Key management issues in PGP
Internet Business Associate v2.0
Security is one of the most widely used and regarded network services
Secure Sockets Layer (SSL)
S/MIME T ANANDHAN.
Security at the Application Layer: PGP and S/MIME
Security in Network Communications
Presentation transcript:

Secure Damascus University Faculty of Information Technology Networks specialization Secure

presentation scheme What is our project? Project goals Encryption Algorithms and Digital Signature Existed similar products Server and Client Functions Security implementation Developing horizons Conclusion

what is our project? Secure Secure Encrypted exchange of messages between communication sides using mixture of symmetric and asymmetric encryption LAN with many services

Project goals Security goals Communication goals Information security Data integrity Server and Client authentication Identity spoofing Non repudiation Building an application to perform: Exchanging messages and attached files

Developing Model client side evaluation design risk analysis planning calling the clientanalysis Implementation

Encryption Algorithms Hi Mahmoud *&^1 Hi Mahmoud ManarMahmoud Same Key Symmetric

Encryption Algorithms Hi Mahmoud *&^1 Hi Mahmoud ManarMahmoud Asymmetric Mahmoud’s Public Key Mahmoud’s Private Key

Hash Function X Using of Hash Function Encryption Algorithms Message digest

Encryption Algorithms Message digest + sender private key digital signature Goals of digital signature: Data integrity Authentication Identity spoofing Non repudiation

Encryption Algorithms Hash MM ’M ’’H ‘HH ‘’M ’MM ’’HM ’ Client Private Key Session Key Server Public Key Server Private Key Client Public Key H ‘’H = ? If true True message ClientServer M ’’H ‘

existed similar products PEM: Privacy Enhanced Mail, 1987 Attempted to add security to SMTP Attempted o build a CA hierarchy along X500 lines Solved the data formatting problem with base 64 encoding It has failed because: Message format was ugly The required X500 support infrastructure PGP: Pretty Good Privacy, 1991 MD4 + RSA signatures & key s exchange.. IDEA for encryption Ports for UNIX, VMS, … Compression speedup encryption & signing, reduce msg Requires no support infrastructure

Data Base Server’s User # address * Password * firstName * lastName * question * answer Keys # address * privateExp * privateMod * publicExp * publicMod Messages # id * To * fromUser * dataSend О subject О Body О State О Cc О Important О Attachment О is Encrypted attachment # Id * File name

Client’s Data Base Mymessage # Id * To * fromUser * subject ס dataSend ס Body ס State ס Cc ס Bcc ס Deleted ס important ס Attachment attachment # Id * File name addressBook # address ס f_name ס l_name ס tel_nb ס mobile_nb ס address Client keys # address * privateExp * privateMod * publicExp * publicMod

Server and Client Functions Server’s Daemon: Works all the time Receives requests Forewords it to threads Thread: Receives request from server Call suitable procedure according to request parameters What procedures we have: log in new account register receiving message from client and forwarding it to its destination sending directed messages to client services as: changing password, remembering password generating private and public keys

Server and Client Functions Client’s Client available services: log in new account register sending message to server with/without attachment import client messages from server services as: changing password, remembering password sending more than one message in the same time (Outbox) sending: replay, replay all, forward address book

Security Implementation Client Server

Security Implementation ClientServer new account X Y Server Private Key K’ Server Public Key K’’ If (K = = K’’) client and server have same key new account:

Security Implementation If (K = = K’’) client and server have same key address passwordfirst namelast namequestionanswer Secret Key (K) encrypted Client

Server encrypted Secret Key (K) address password first name last name question answer Security Implementation

ClientServer If existed address existed else New account added ! h Client private + public key

Security Implementation log in: If (K = = K’’) client and server have same key address password Session Key encrypted Client Client Private Key Server Public Key encrypted Digital Signature Encryption & Digital Signature

Security Implementation ClientServer log in: log in encrypted Digital Signature

encrypted Digital Signature server Security Implementation Client Public Key Server Private Key encrypted Secret Key address password Decryption & Verification

Security Implementation ClientServer If (existed address & matched password) Existed& matched else Invalid username or password ! h

Security Implementation Sending message with attachment : msg body attachment *&^1 DS To: Cc: Bcc: Server Public Key Encryption & Digital Signature Client

*&^1 DS attachment To: Cc: Bcc: *  ^1 ’  ’h’ *&^1 ’  ’h’ *&^1 To public key Cc public key Bcc public key(s) To: Cc: Encryption Security Implementation Server Private Key server

Security Implementation If right destination put msg in destination inbox else error msg in source inbox

Applying Range & Developing Horizons Applying Range: In all LANs Developing Horizons: Using this System to send/receive messages across Internet

Conclusion لخصت مجموعة الأخبار alt.security في قائمة الأسئلة الأكثر طرحاً FAQ ، عموميةَ مشكلة الأمن في الأنظمة بالإجابة على السؤال المشهور : س : ما الذي يجعل النظام غير آمن؟ ج : " إن أكثر ما يجعل نظاماً غير آمنٍ هو تشغيله ! ، حيث يكون النظام آمناً بشكل حقيقيّ إذا كان : مطفأ، مفصولاً عن كل شيء، مقفلاً عليه في حافظة من التيتانيوم، مدفوناً في مستودع تحت الأرض، ومحاطاً بغاز سام للأعصاب وبمجموعة من الحراس المدججين ذوي الرواتب العالية، وحتى مع كل هذا فأنا لا أراهن بحياتي عليه !” * [CONA-99] * يجيب على قائمة الأسئلة هذه Alec Muffett ، وذلك بمساعدة العديد من الآخرين.

Developed by: Manar Wassouf Somar Saeda Mahmoud Mahfoud Supervised by: Dr. Moutasem Shafa Amri Eng. Muhammad Juneidi Special thanks to : Administration and learning Group in Faculty of Information Technology. Thanks everybody for listening Developing Team Secure All rights reserved for developing team SMM ©