Presentation is loading. Please wait.

Presentation is loading. Please wait.

CSE565: Computer Security Lectures 19, 20 Electronic Mail Security

Published byIris Hunt Modified over 6 years ago

Similar presentations

Presentation on theme: "CSE565: Computer Security Lectures 19, 20 Electronic Mail Security"— Presentation transcript:

1 CSE565: Computer Security Lectures 19, 20 Electronic Mail Security
Shambhu Upadhyaya Computer Science & Eng. University at Buffalo Buffalo, New York 14260 10/31/17 UB Fall 2017

2 Acknowledgments Material for some slides is drawn from Lawrie Brown’s slides 10/31/17 UB Fall 2017

3 Outline Pretty Good Privacy (Oct. 31, 2017) Operational descriptions
Cryptographic keys and Key rings S/MIME (Nov. 02, 2017) S/MIME functionality S/MIME messages S/MIME certificate processing Other Secure Tools (briefly) 10/31/17 UB Fall 2017

4 Security is one of the most widely used and regarded network services Currently message contents are not secure may be inspected either in transit or by suitably privileged users on destination system Current services are roughly like "postcards". Anyone who wants could pick it up and have a look as its in transit or sitting in the recipients mailbox. 10/31/17 UB Fall 2017

5 Email Security Enhancements
Confidentiality protection from disclosure Authentication of sender of message Message integrity protection from modification Non-repudiation of origin protection from denial by sender What we want is something more akin to standard mail (contents protected inside an envelope) if not registered mail (have confidence about the sender of the mail and its contents). 10/31/17 UB Fall 2017

6 Authentication Who is the sender? Phisher 3. Digital Signatures
Phisher 3. Digital Signatures DNS Records 2. Domain Keys, SPF, CSV, SenderID PGP, GPG, Identity based encryption SMTP Server Bob Phisher 1. Secure SMTP The first snapshot shows the effect of not having authentication. It is possible for phishers to send messages pretending to be Bob to Alice. Hence creating ‘’Who is the sender conundrum.” Second snapshot synopsis Authentication can be enforced through third-party add-ons or modifying SMTP protocol. 3 scenarios are illustrated: 1) Secure SMTP validates senders before they send messages. 2) Based on the headers and senders domain, SPF, CSV, DomainKeys can be used to verify senders identity. Once receiver receives an from sender, the receiver looks at the DNS record to see if the mail originated from domain and host authorized to send . 3) Lastly, a sender can digitally sign a message so that the recipient can receive it. Secure SMTP uses transport layer security - SSL CSV – certified server validation Spf – sender policy framework Bob Alice 10/31/17 UB Fall 2017 6

7 Integrity (Secrecy) Is message changed in transit? Phisher
PKI Encryption The first snapshot shows the effect of not having integrity. It is possible for phishers to modify messages sent from Bob to Alice. Second snapshot synopsis Using PKI schemes it is possible to enforce message integrity Bob Alice 10/31/17 UB Fall 2017 7

8 Can e-mail be linked to Bob so that he cannot refute?
Non-Repudiation Can be linked to Bob so that he cannot refute? Digital Signatures/ PKI The first snapshot shows the effect of not having non-repudiation. Bob can successfully deny that he did not send the message at all to Alice. Disowning message successfully means lack of accountability. Second snapshot synopsis Using digital signatures/PKI schemes it is also possible to enforce non-repudiation Bob Alice 10/31/17 UB Fall 2017 8

9 Pretty Good Privacy (PGP)
Widely used de facto secure Developed by Phil Zimmermann Selected best available crypto algs to use Integrated into a single program Available on Unix, PC, Macintosh and Amiga systems Originally free, now have commercial versions available also 10/31/17 UB Fall 2017

10 PGP Operation – Authentication
Sender creates a message SHA-1 used to generate 160-bit hash code of message Hash code is encrypted with RSA using the sender's private key, and result is attached to message Receiver uses RSA or DSS with sender's public key to decrypt and recover hash code Receiver generates new hash code for message and compares with decrypted hash code, if match, message is accepted as authentic 10/31/17 UB Fall 2017

11 PGP Operation – Confidentiality
Sender generates message and random 128-bit number to be used as session key for this message only Message is encrypted, using CAST-128 / IDEA/3DES with session key Session key is encrypted using RSA with recipient's public key, then attached to message Receiver uses RSA with its private key to decrypt and recover session key Session key is used to decrypt message 10/31/17 UB Fall 2017

12 Confidentiality & Authentication
Uses both services on same message create signature & attach to message encrypt both message & signature attach RSA encrypted session key 10/31/17 UB Fall 2017

13 PGP Operation – Compression
By default PGP compresses message after signing but before encrypting so can store uncompressed message & signature for later verification & because compression is non deterministic Uses ZIP compression algorithm 10/31/17 UB Fall 2017

14 PGP Operation – Email Compatibility
PGP will have data in binary form due to message encryption, etc. However was designed only for text Hence PGP must encode raw binary data into printable ASCII characters Uses radix-64 algorithm maps 3 bytes to 4 printable chars also appends a CRC PGP also segments messages if too big 10/31/17 UB Fall 2017

15 PGP Operation – Summary
Stallings Fig 18.2. 10/31/17 UB Fall 2017

16 PGP Session Keys Need a session key for each message
of varying sizes: 56-bit DES, 128-bit CAST or IDEA, 168-bit Triple-DES Generated using ANSI X12.17 mode Uses random inputs taken from previous uses and from keystroke timing of user 10/31/17 UB Fall 2017

17 PGP Public & Private Keys
Since many public/private keys may be in use, need to identify which is actually used to encrypt session key in a message could send full public-key with every message but this is inefficient Rather use a key identifier based on key is least significant 64-bits of the key will very likely be unique Also use key ID in signatures 10/31/17 UB Fall 2017

18 PGP Key Rings Each PGP user has a pair of key rings:
public-key ring contains all the public-keys of other PGP users known to this user, indexed by key ID private-key ring contains the public/private key pair(s) for this user, indexed by key ID & encrypted keys from a hashed passphrase 10/31/17 UB Fall 2017

19 PGP Key Management Rather than relying on certificate authorities
In PGP every user is own CA can sign keys for users they know directly Forms a “web of trust” trust keys have signed can trust keys others have signed if have a chain of signatures to them Key ring includes trust indicators Users can also revoke their keys 10/31/17 UB Fall 2017

20 S/MIME Secure/ Multipurpose Internet Mail Extensions
Security enhancement to MIME original Internet RFC822 was text only MIME provided support for varying content types and multi-part messages with encoding of binary data to textual form S/MIME added security enhancements Have S/MIME support in various modern mail agents: MS Outlook, Netscape, etc. Gmail, Firefox, etc. also provide support for S/MIME 10/31/17 UB Fall 2017

21 S/MIME Functions Enveloped data encrypted content and associated keys
Signed data encoded (message + signed digest) Clear-signed data cleartext message + encoded signed digest Signed & enveloped data nesting of signed & encrypted entities 10/31/17 UB Fall 2017

22 S/MIME Cryptographic Algorithms
Hash functions: SHA-1 & MD5 Digital signatures: DSS & RSA Session key encryption: ElGamal & RSA Message encryption: Triple-DES, AES, RC2/40 and others Have a procedure to decide which algorithms to use 10/31/17 UB Fall 2017

23 S/MIME Certificate Processing
S/MIME uses X.509 v3 certificates Managed using a hybrid of a strict X.509 CA hierarchy & PGP’s web of trust Each client has a list of trusted CA’s certs And own public/private key pairs & certs Certificates must be signed by trusted CA’s 10/31/17 UB Fall 2017

24 Certificate Authorities
have several well-known CA’s Verisign one of most widely used Verisign issues several types of Digital IDs with increasing levels of checks & hence trust Class Identity Checks Usage 1 name/ check web browsing/ 2+ enroll/addr check , subscriptions, s/w validate 3+ ID documents e-banking/service access VeriSign, GTE, Nortel, U.S. Postal Service, etc. Class 1 and class 2 requests are processed online and takes only a few seconds. Class 3 may take days. In person interaction. 10/31/17 UB Fall 2017

25 Other Secure Email Tools
S/MIME V3 Triple wrapped message Sender Policy Framework (SPF) Creates a specific DNS SPF record Mail exchangers use this to verify sender’s identity Certified Sender Validation Tool (CSV) Domain Key Identified Mail (DKIM) Uses PKI Providers include Yahoo, Gmail, FastMail Tripple wrapping means sign-encrypt-sign or encrypt-sign-encrypt Fastmail is a service from Australia 10/31/17 UB Fall 2017

26 Summary Have considered: secure PGP S/MIME 10/31/17 UB Fall 2017

Download ppt "CSE565: Computer Security Lectures 19, 20 Electronic Mail Security"

Similar presentations

Cryptography and Network Security Chapter 18

Cryptography and Network Security Chapter 18
Spring 2012: CS419 Computer Security Vinod Ganapathy SSL, etc.

Spring 2012: CS419 Computer Security Vinod Ganapathy SSL, etc.
Email Security 1. email is one of the most widely used and regarded network services currently message contents are not secure may be inspected either.

Security 1. is one of the most widely used and regarded network services currently message contents are not secure may be inspected either.
Lecture 5: Email security: PGP Anish Arora CSE 5473 Introduction to Network Security.

Lecture 5: security: PGP Anish Arora CSE 5473 Introduction to Network Security.
Lecture 5: Email security: PGP Anish Arora CIS694K Introduction to Network Security.

Lecture 5: security: PGP Anish Arora CIS694K Introduction to Network Security.
Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.

Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.
Data & Network Security

Data & Network Security
Chapter 5 Electronic mail security. Outline Pretty good privacy S/MIME Recommended web sites.

Chapter 5 Electronic mail security. Outline Pretty good privacy S/MIME Recommended web sites.
1 Pertemuan 12 E-mail Security Matakuliah: H0242 / Keamanan Jaringan Tahun: 2006 Versi: 1.

1 Pertemuan 12 Security Matakuliah: H0242 / Keamanan Jaringan Tahun: 2006 Versi: 1.
NS-H0503-02/11041 E-mail Security. NS-H0503-02/11042 Email Security email is one of the most widely used and regarded network services currently message.

NS-H / Security. NS-H / Security is one of the most widely used and regarded network services currently message.
Electronic mail security

Electronic mail security
Cryptography and Network Security Chapter 15 Fourth Edition by William Stallings Lecture slides by Lawrie Brown.

Cryptography and Network Security Chapter 15 Fourth Edition by William Stallings Lecture slides by Lawrie Brown.
Lecture 9: Email Security via PGP CS 436/636/736 Spring 2012 Nitesh Saxena.

Lecture 9: Security via PGP CS 436/636/736 Spring 2012 Nitesh Saxena.
Electronic Mail Security

Electronic Mail Security
Cryptography and Network Security Chapter 18

Cryptography and Network Security Chapter 18
Chap 81 Electronic mail security. Chap 82 Outline Pretty good privacy S/MIME Recommended web sites.

Chap 81 Electronic mail security. Chap 82 Outline Pretty good privacy S/MIME Recommended web sites.
Electronic mail security. Outline Pretty good privacy S/MIME.

Electronic mail security. Outline Pretty good privacy S/MIME.
Email Security.  email is one of the most widely used and regarded network services  currently message contents are not secure may be inspected either.

Security.  is one of the most widely used and regarded network services  currently message contents are not secure may be inspected either.
Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.

Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.
Network Security Essentials Chapter 7 Fourth Edition by William Stallings (Based on Lecture slides by Lawrie Brown)

Network Security Essentials Chapter 7 Fourth Edition by William Stallings (Based on Lecture slides by Lawrie Brown)

Similar presentations

Ads by Google