Electronic Mail Security Prepared by Dr. Lamiaa Elshenawy Computer Security Lecture 9 Ch.18 Electronic Mail Security Prepared by Dr. Lamiaa Elshenawy
Outline Pretty Good Privacy S/MIME RFCs S/MIME Functions Notation Operational Description Cryptographic Keys S/MIME RFCs S/MIME Functions
Electronic Mail Security Pretty Good Privacy Pretty Good Privacy (PGP): data encryption/decryption computer program privacy& authentication data communication PGP signing, encrypting/decrypting texts, e-mails, files increase the security of e-mail communications Created by Phil Zimmermann 1991 provides Used in Used for Used for
Why Pretty Good Privacy? Available free worldwide (Windows, UNIX, Macintosh) Based on algorithms considered extremely secure RSA, DSS, and Diffie-Hellman for public-key encryption CAST-128, IDEA, and 3DES for symmetric encryption SHA-1 for hash coding Wide range of applicability (encrypting files and messages to individuals who wish to communicate securely) Not developed by, nor controlled by, any governmental or standards organization PGP on an Internet standards track (RFC 3156; MIME Security)
How PGP encryption works
Pretty Good Privacy Summary of PGP Services Radix-64 is a group of binary- to- text encoding schemes that represent binary data in an ASCII code
Pretty Good Privacy Notation Description Ks session key used in symmetric encryption scheme PRa private key of user A, used in public-key encryption scheme PUa public key of user A, used in public-key encryption scheme EP public-key encryption DP public-key decryption EC symmetric encryption DC symmetric decryption H hash function Z Z-1 compression using ZIP algorithm decompression R64 conversion to radix 64 ASCII format ││ concatenation
PGP Cryptographic Functions
Pretty Good Privacy Operational Description The sender creates a message SHA-1 is used to generate a 160-bit hash code of the message The hash code is encrypted with RSA using the sender’s private key, and the result is prepended to the message The receiver uses RSA with the sender’s public key to decrypt and recover the hash code The receiver generates a new hash code for the message and compares it with the decrypted hash code. If the two match, the message is accepted as authentic a: Digital signature service provided by PGP (Authentication)
Pretty Good Privacy Operational Description The sender generates a message and a random 128-bit number to be used as a session key for this message only The message is encrypted using CAST-128 (or IDEA or 3DES) with the session key The session key is encrypted with RSA using the recipient’s public key and is prepended to the message The receiver uses RSA with its private key to decrypt and recover the session key The session key is used to decrypt the message b: Confidentiality service provided by PGP
Pretty Good Privacy Operational Description The sender creates a message The hash code is generated using SHA-1( 160-bit) for the message. The sender signs the message with its own private key, then encrypts the message with a session key The session key is encrypted with the recipient’s public key The receiver uses RSA with the sender’s public key to decrypt and recover the hash code. The receiver generates a new hash code for the message and compares it with the decrypted hash code. If the two match, the message is accepted as authentic. c: Authentication & Confidentiality service provided by PGP
Pretty Good Privacy Compression PGP compresses the message save space both for e-mail transmission and file storage PGP compresses the message after signature but before encryption store uncompressed message together with the signature future verification to to for
Pretty Good Privacy PGP Functions Hashing (SHA-1) Authentication Symmetric-Key cryptography (CAST-128, IDEA, and 3DES) Confidentiality Public- key cryptography (RSA, DSS, and Diffie-Hellman ) Digital Signature Data compression/ Data decompression
Transmission and Reception of PGP Messages
Transmission and Reception of PGP Messages On transmission Signature (If required) is generated using a hash code of uncompressed plaintext Plaintext (plus signature if present) is compressed The block (If confidentiality required), is encrypted and prepended with the public-key encrypted symmetric encryption key The block is converted to radix-64 format On reception The incoming block is converted back from radix-64 format to binary If the message is encrypted, the recipient recovers the session key and decrypts the message The resulting block is then decompressed If the message is signed, the recipient recovers the transmitted hash code and compares it to its own calculation of the hash code
Electronic Mail Security S/MIME S/MIME version of the MIME protocol supports encryption of messages (RSA technology) S/MIME is a standard used to include content of various types in a single message S/MIME IETF standards (RFC 2821 and RFC 2822) S/MIME RSA Data Security Inc. follow Developed by S/MIME: Secure/Multipurpose Internet Mail Extensions IETF: Internet Engineering Task Force RFC: Request for Comments
Electronic Mail Security S/MIME MIME SMTP format of mail messages multiple content, both textual and non-textual (images, audio, or text in different character sets) extends include SMTP : Simple Mail Transfer Protocol
What is the format of an e-mail message? Internet e-mail messages follow the format standards that are defined in RFC 2821/RFC 2822 A message is made up of header fields and a body A message can be sent without a body (body is optional), but not without a header
Example message
S/MIME functions Enveloped data Generate a session key for a symmetric encryption algorithm (RC2/40 or triple DES) Encrypt the session key with the recipient’s public key (RSA) Prepare a block known as Recipient Info contains an identifier of the recipient’s public-key certificate an identifier of the algorithm used to encrypt the session key Encrypt the message content with the session key
S/MIME functions Signed data Select a message digest algorithm (SHA or MD5). Compute the message digest (hash function) of the content to be signed. Encrypt the message digest with the signer’s private key. Prepare a block known as SignerInfo contains Signer’s public key certificate an identifier of the message digest algorithm an identifier of the algorithm used to encrypt the message digest, and the encrypted message digest
S/MIME functions Clear-signed data Digital signature of the content is formed Digital signature is encoded using base64 Recipients without S/MIME capability can view the message content and cannot verify the signature
S/MIME functions Signed and enveloped data Encrypted data may be signed Signed data or clear-signed data may be encrypted
Cryptographic Algorithms used in S/MIME
Thank you for your attention