Presentation is loading. Please wait.

Presentation is loading. Please wait.

Secure e-mail How do you do it? Need to worry about sniffing, modifying, end-user masquerading, replaying. If sender and receiver have shared secret keys,

Published byAsbjørg Hansen Modified over 5 years ago

Similar presentations

Presentation on theme: "Secure e-mail How do you do it? Need to worry about sniffing, modifying, end-user masquerading, replaying. If sender and receiver have shared secret keys,"— Presentation transcript:

1 Secure e-mail How do you do it?
Need to worry about sniffing, modifying, end-user masquerading, replaying. If sender and receiver have shared secret keys, then straightforward. Can use public-key cryptography to distribute keys. But users do not want to hassle with certificate authority.

2 Secure e-mail: PGP PGP = Pretty Good Privacy
It is availiable free on a variety of platforms. inventor, Phil Zimmerman, was target of 3-year federal investigation. Based on well known algorithms. Not developed or controlled by government or standards organizations

3 Sender Authentication and Message Integrity
Alice wants to provide sender authentication message integrity. H( ) . KA( ) - + H(m ) KA(H(m)) m KA Internet compare Alice digitally signs message. sends both message (in the clear) and digital signature.

4 PGP Hash: Public key cryptography:
SHA-1 160 bits Public key cryptography: RSA Question: Why digital signatures for authentication? Why not a MAC? Could use public-key crypto to get a shared key. But if there are 100 recipients? Need to distribute 100 MAC keys.

5 . Confidentiality - Alice:
Alice wants to send confidential , m, to Bob. KS( ) . KB( ) + - KS(m ) KB(KS ) m KS KB Internet Alice: generates random symmetric key, KS. encrypts message with KS (for efficiency) also encrypts KS with Bob’s public key. sends both KS(m) and KB(KS) to Bob.

6 . Confidentiality - Bob:
Alice wants to send confidential , m, to Bob. KS( ) . KB( ) + - KS(m ) KB(KS ) m KS KB Internet Bob: uses private key to obtain KS uses KS to decrypt KS(m)

7 Confidentiality: PGP Session key: 128 bits Symmetric encryption:
CAST-128 or IDEA or 3DES Public key encryption RSA

8 Secure e-mail: Confidentiality and Authentication
Alice wants to provide secrecy, sender authentication, message integrity. KA - H( ) . KA( ) . - KA(H(m)) - m KS KS( ) . + + m Internet KB( ) . + KS KB(KS ) + KB + Alice uses three keys: her private key, Bob’s public key, newly created symmetric key

9 PGP key rings Each node has two key rings:
Public/private key pairs owned by that node Public key of other users For the keys of other users, for each key track: user id: address, name, address, etc. public key timestamp: date when key was generated key ID key legitimacy signatures

10 Format of PGP Message Users may have multiple key pairs
Key ID’s: last 64 bits of public key Message component Signature component Timestamp Key ID of Mess digest: Leading two octets in clear, to verify correct key is being used Session key component key ID of KB Session key: KS KA + KA(H(m)) - +

11 PGP Trust No certificate authority
How does Alice obtain Bob’s public key? Alice physically gets key from Bob Or from phone conversation Or gets Bob’s key from Claire, who Alice may or may not trust For a key in your key ring: Can you trust that key really belongs to the person defined by the user-id? Can you trust that user-id to vouch for other keys? For each key on ring: Key legitimacy field indicates how much you trust this key to be valid for the associated user. Determined by PGP algorithm Signatures for key. Each signature signed with private key of some user Also, key ring includes trust values for owners of keys in key ring Determined by you.

12 Public key management: example
Suppose Alice inserts new public key in key ring. If Alice is owner, trust assigned to Alice is ultimate. Otherwise, Alice must assign trust value to owner of key: unknown untrusted marginally trusted completely trusted. New public key may come with signatures vouching for the key. For each signature, PGP searches ring to see if author of signature is in key ring. Key legitimacy = legit if one signature completely trusted. Otherwise, determined from formula based on trust of signatures: above threshold, key is considered legit

13 Example You first assign trust levels to users legit and trusted
2) PGP estimates which keys are legit legit and trusted legit, not trusted

14 Example You first assign trust levels to users legit and trusted
2) PGP estimates which keys are legit legit and trusted legit, not trusted

15 PGP summary PGP provides security at the application layer to a single application Provides: Authentication, integrity, confidentiality Public key verification Web of trust

Download ppt "Secure e-mail How do you do it? Need to worry about sniffing, modifying, end-user masquerading, replaying. If sender and receiver have shared secret keys,"

Similar presentations

Public Key Infrastructure and Applications

Public Key Infrastructure and Applications
Email Security 1. email is one of the most widely used and regarded network services currently message contents are not secure may be inspected either.

Security 1. is one of the most widely used and regarded network services currently message contents are not secure may be inspected either.
PGP Overview 2004/11/30 Information-Center meeting peterkim.

PGP Overview 2004/11/30 Information-Center meeting peterkim.
Lecture 5: Email security: PGP Anish Arora CIS694K Introduction to Network Security.

Lecture 5: security: PGP Anish Arora CIS694K Introduction to Network Security.
Chapter 5 Electronic mail security. Outline Pretty good privacy S/MIME Recommended web sites.

Chapter 5 Electronic mail security. Outline Pretty good privacy S/MIME Recommended web sites.
8-1 Internet security threats Mapping: m before attacking: gather information – find out what services are implemented on network  Use ping to determine.

8-1 Internet security threats Mapping: m before attacking: gather information – find out what services are implemented on network  Use ping to determine.
Electronic mail security -- Pretty Good Privacy.

Electronic mail security -- Pretty Good Privacy.
Cryptography and Network Security Chapter 15 Fourth Edition by William Stallings Lecture slides by Lawrie Brown.

Cryptography and Network Security Chapter 15 Fourth Edition by William Stallings Lecture slides by Lawrie Brown.
Electronic Mail Security. Authentication and confidentiality problems Two systems: - PGP (Pretty Good Privacy) - S/MIME (Science Multipurpose Internet.

Electronic Mail Security. Authentication and confidentiality problems Two systems: - PGP (Pretty Good Privacy) - S/MIME (Science Multipurpose Internet.
Lecture 9: Email Security via PGP CS 436/636/736 Spring 2012 Nitesh Saxena.

Lecture 9: Security via PGP CS 436/636/736 Spring 2012 Nitesh Saxena.
Pretty Good Privacy by Philip Zimmerman presented by: Chris Ward.

Pretty Good Privacy by Philip Zimmerman presented by: Chris Ward.
Electronic Mail Security

Electronic Mail Security
Secure e-mail r How do you do it? m Need to worry about sniffing, modifying, end- user masquerading, replaying. m If sender and receiver have shared secret.

Secure r How do you do it? m Need to worry about sniffing, modifying, end- user masquerading, replaying. m If sender and receiver have shared secret.
Email Security.  email is one of the most widely used and regarded network services  currently message contents are not secure may be inspected either.

Security.  is one of the most widely used and regarded network services  currently message contents are not secure may be inspected either.
Cryptography and Network Security (CS435) Part Twelve (Electronic Mail Security)

Cryptography and Network Security (CS435) Part Twelve (Electronic Mail Security)
Chapter 15: Electronic Mail Security

Chapter 15: Electronic Mail Security
1 Chapter 5 Electronic mail security. 2 Outline Pretty good privacy S/MIME Recommended web sites.

1 Chapter 5 Electronic mail security. 2 Outline Pretty good privacy S/MIME Recommended web sites.
Network Security7-1 CIS3360: Chapter 8: Cryptography Application of Public Cryptography Cliff Zou Spring 2012 TexPoint fonts used in EMF. Read the TexPoint.

Network Security7-1 CIS3360: Chapter 8: Cryptography Application of Public Cryptography Cliff Zou Spring 2012 TexPoint fonts used in EMF. Read the TexPoint.
NETWORK SECURITY.

NETWORK SECURITY.
Email Security PGP IT352 | Network Security |Najwa AlGhamdi 1.

Security PGP IT352 | Network Security |Najwa AlGhamdi 1.

Similar presentations

Ads by Google