Presentation is loading. Please wait.

Presentation is loading. Please wait.

PGP Stephen Smith – December 11, 2013. Outline - Pretty Good Privacy  History  How It Works  How To Use It  Questions  I Get Taken Away In Handcuffs.

Published byNicholas Douglas Modified over 8 years ago

Similar presentations

Presentation on theme: "PGP Stephen Smith – December 11, 2013. Outline - Pretty Good Privacy  History  How It Works  How To Use It  Questions  I Get Taken Away In Handcuffs."— Presentation transcript:

1 PGP Stephen Smith – December 11, 2013

2 Outline - Pretty Good Privacy  History  How It Works  How To Use It  Questions  I Get Taken Away In Handcuffs

3 History of PGP

4 Separated At Birth?

5 History of PGP  Uploaded to Peacenet  Message board for activists  Encryption viewed as “munitions”  NSA banned >40-bit ciphers from export  Zimmerman charged as arms dealer  Charges dropped after several years

6 History of PGP  How they got around it  Sold books containing entire source code  Cut binding off, scan with OCR, presto!  Export of books protected under 1 st Amendment  Crypto now free speech too  Bernstein v. United States  Junger v. Daley

7 History of PGP  PGP Corporation founded in 2001  Sold to Symantec in 2010  Open source version also available GnuPG (GNU Privacy Guard)

8 How Does It Work?

9 Step One: Text Compression  Smaller size  Faster transmission  Improved resistance to frequency analysis  Incomplete message = harder to break

10 Step Two: Encryption  Session key is randomly generated  “Random” = very strict meaning in cryptography  Session key used to encrypt message  Cipher used = AES

11 AES  Advanced Encryption Standard  Rijndael Joan Daemen and Vincent Rijmen  Block cipher  As opposed to stream cipher  Chunks data up, shuffles it in predictable fashion  …predictable to anyone with the key, that is

12 AES  Attacked via side channels  Weaknesses in implementation, not math  Math-only attacks getting progressively better

13 Step 3: Authentication  Session key encrypted with sender’s public key  Cipher used = RSA

14 RSA  Ron Rivest, Adi Shamir, Leonard Adleman  Developed 3 years earlier at GCHQ  British NSA  Not declassified until 1997  Explaining it would be a bit mathy for ten minutes  It’s not THAT hard, just a little complex  Involves prime numbers and modular arithmetic You already know one, you’ll know the other in a minute

15 RSA  Attacked by prime factoring  Getting better every year  Shor’s algorithm + quantum computer  Next step = Elliptic Curve Cryptography (ECC)  ECDSA = Elliptic Curve Digital Signature Algorithm  Ars Technica posted a good summary last week

16 Step 4: Hash Production  Message in, hashtext out  Hashtext encrypted with sender’s private key Ensures message can’t be modified and rehashed  Cipher used = SHA

17 SHA  Secure Hashing Algorithm (SHA-3)  Keccak Guido Bertoni, Joan Daemen, Michaël Peeters, and Gilles Van Assche  Hash function  Modular arithmetic  One-way function

18 SHA  Attacked by collisions  Predictable output  Identical output for different input The birthday paradox

19 Step 4.5: Why Three Ciphers?  Message encrypted with AES session key  AES is way faster than RSA  Session key encrypted with RSA public key  RSA has public/private keypairs  Message hashed with SHA  SHA ensures consistent output  Coordinating all this is why PGP is awesome.

20 Step 5: Message Sent & Received  Both aspects of secure email are now present  Encryption  Authentication  Message is sent, entire process is reversed  Session key decrypted by receiver’s private key  Message decrypted with session key  Original hash decrypted with sender’s public key  Received message hashed and compared  Text decompressed

21 Summary  Message is encrypted and signed  Message is transmitted  Message is checked for integrity and decrypted

22 How To Use It  Outlook  PGP For Outlook  Thunderbird  Enigmail  Gmail, Hotmail, etc.  Say hi to the NSA for me!

23 Questions?

24 Sources Cited Singh, S. (2000). The code book: The science of secrecy from ancient egypt to quantum cryptography. New York City: Anchor. Ferguson, N., Schneier, B., & Tadayoshi, K (2010). Cryptography engineering: Design principles and practical applications. New York City: Wiley. PGP International. (1999). How pgp works. Retrieved from http://www.pgpi.org/doc/pgpintro/

Download ppt "PGP Stephen Smith – December 11, 2013. Outline - Pretty Good Privacy  History  How It Works  How To Use It  Questions  I Get Taken Away In Handcuffs."

Similar presentations

Chapter 3 Public Key Cryptography and Message authentication.

Chapter 3 Public Key Cryptography and Message authentication.
First Edition by William Stallings and Lawrie Brown Lecture slides by Lawrie Brown and edited by Archana Chidanandan Cryptographic Tools.

First Edition by William Stallings and Lawrie Brown Lecture slides by Lawrie Brown and edited by Archana Chidanandan Cryptographic Tools.
Review For Exam 3 (April 15, 2010) © Abdou Illia – Spring 2010.

Review For Exam 3 (April 15, 2010) © Abdou Illia – Spring 2010.
CC3.12 Erdal KOSE Privacy & Digital Security Encryption.

CC3.12 Erdal KOSE Privacy & Digital Security Encryption.
Cryptography Basic (cont)

Cryptography Basic (cont)
Chapter 5 Cryptography Protecting principals communication in systems.

Chapter 5 Cryptography Protecting principals communication in systems.
BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.

BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.
Kemal AkkayaWireless & Network Security 1 Department of Computer Science Southern Illinois University Carbondale CS 591 – Wireless & Network Security Lecture.

Kemal AkkayaWireless & Network Security 1 Department of Computer Science Southern Illinois University Carbondale CS 591 – Wireless & Network Security Lecture.
Henric Johnson1 Chapter3 Public-Key Cryptography and Message Authentication Henric Johnson Blekinge Institute of Technology, Sweden

Henric Johnson1 Chapter3 Public-Key Cryptography and Message Authentication Henric Johnson Blekinge Institute of Technology, Sweden
Secure Hashing and DSS Sultan Almuhammadi ICS 454 Principles of Cryptography.

Secure Hashing and DSS Sultan Almuhammadi ICS 454 Principles of Cryptography.
Cryptography (continued). Enabling Alice and Bob to Communicate Securely m m m Alice Eve Bob m.

Cryptography (continued). Enabling Alice and Bob to Communicate Securely m m m Alice Eve Bob m.
Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.

Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
Cryptography April 20, 2010 MIS 4600 – MBA 5880 - © Abdou Illia.

Cryptography April 20, 2010 MIS 4600 – MBA © Abdou Illia.
Chapter 3 Encryption Algorithms & Systems (Part C)

Chapter 3 Encryption Algorithms & Systems (Part C)
Electronic mail security -- Pretty Good Privacy.

Electronic mail security -- Pretty Good Privacy.
Fall 2010/Lecture 311 CS 426 (Fall 2010) Public Key Encryption and Digital Signatures.

Fall 2010/Lecture 311 CS 426 (Fall 2010) Public Key Encryption and Digital Signatures.
CS526Topic 5: Hash Functions and Message Authentication 1 Computer Security CS 526 Topic 5 Cryptography: Cryptographic Hash Functions And Message Authentication.

CS526Topic 5: Hash Functions and Message Authentication 1 Computer Security CS 526 Topic 5 Cryptography: Cryptographic Hash Functions And Message Authentication.
Cryptography1 CPSC 3730 Cryptography Chapter 11, 12 Message Authentication and Hash Functions.

Cryptography1 CPSC 3730 Cryptography Chapter 11, 12 Message Authentication and Hash Functions.
Lecture 4 Cryptographic Tools (cont) modified from slides of Lawrie Brown.

Lecture 4 Cryptographic Tools (cont) modified from slides of Lawrie Brown.
Encryption Methods By: Michael A. Scott 20140508.

Encryption Methods By: Michael A. Scott

Similar presentations

Ads by Google