Presentation is loading. Please wait.

Presentation is loading. Please wait.

Secure e-mail Damascus University Faculty of Information Technology Networks specialization Secure e-mail.

Similar presentations


Presentation on theme: "Secure e-mail Damascus University Faculty of Information Technology Networks specialization Secure e-mail."— Presentation transcript:

1 Secure e-mail Damascus University Faculty of Information Technology Networks specialization Secure e-mail

2 presentation scheme What is our project? Project goals Encryption Algorithms and Digital Signature Existed similar products Server and Client Functions Security implementation Developing horizons Conclusion

3 what is our project? Secure e-mailSecuree-mail Encrypted exchange of messages between communication sides using mixture of symmetric and asymmetric encryption LAN email with many services

4 Project goals Security goals Communication goals Information security Data integrity Server and Client authentication Identity spoofing Non repudiation Building an application to perform: Exchanging messages and attached files

5 Developing Model client side evaluation design risk analysis planning calling the clientanalysis Implementation

6 Encryption Algorithms Hi Mahmoud *&^1 )-h@’ Hi Mahmoud ManarMahmoud Same Key Symmetric

7 Encryption Algorithms Hi Mahmoud *&^1 )-h@’ Hi Mahmoud ManarMahmoud Asymmetric Mahmoud’s Public Key Mahmoud’s Private Key

8 Hash Function X Using of Hash Function Encryption Algorithms Message digest

9 Encryption Algorithms Message digest + sender private key digital signature Goals of digital signature: Data integrity Authentication Identity spoofing Non repudiation

10 Encryption Algorithms Hash MM ’M ’’H ‘HH ‘’M ’MM ’’HM ’ Client Private Key Session Key Server Public Key Server Private Key Client Public Key H ‘’H = ? If true True message ClientServer M ’’H ‘

11 existed similar products PEM: Privacy Enhanced Mail, 1987 Attempted to add security to SMTP Attempted o build a CA hierarchy along X500 lines Solved the data formatting problem with base 64 encoding It has failed because: Message format was ugly The required X500 support infrastructure PGP: Pretty Good Privacy, 1991 MD4 + RSA signatures & key s exchange.. IDEA for encryption Ports for UNIX, VMS, … Compression speedup encryption & signing, reduce msg Requires no support infrastructure

12 Data Base Server’s User # E-mail address * Password * firstName * lastName * question * answer Keys # E-mail address * privateExp * privateMod * publicExp * publicMod Messages # id * To * fromUser * dataSend О subject О Body О State О Cc О Important О Attachment О is Encrypted attachment # Id * File name

13 Client’s Data Base Mymessage # Id * To * fromUser * subject ס dataSend ס Body ס State ס Cc ס Bcc ס Deleted ס important ס Attachment attachment # Id * File name addressBook # e-mail address ס f_name ס l_name ס tel_nb ס mobile_nb ס address Client keys # E-mail address * privateExp * privateMod * publicExp * publicMod

14 Server and Client Functions Server’s Daemon: Works all the time Receives requests Forewords it to threads Thread: Receives request from server Call suitable procedure according to request parameters What procedures we have: log in new account register receiving message from client and forwarding it to its destination sending directed messages to client services as: changing password, remembering password generating private and public keys

15 Server and Client Functions Client’s Client available services: log in new account register sending message to server with/without attachment import client messages from server services as: changing password, remembering password sending more than one message in the same time (Outbox) sending: replay, replay all, forward address book

16 Security Implementation Client Server

17 Security Implementation ClientServer new account X Y Server Private Key K’ Server Public Key K’’ If (K = = K’’) client and server have same key new account:

18 Security Implementation If (K = = K’’) client and server have same key e-mail address passwordfirst namelast namequestionanswer Secret Key (K) encrypted Client

19 Server encrypted Secret Key (K) e-mail address password first name last name question answer Security Implementation

20 ClientServer If existed e-mail address existed else New account added ! h Client private + public key

21 Security Implementation log in: If (K = = K’’) client and server have same key e-mail address password Session Key encrypted Client Client Private Key Server Public Key encrypted Digital Signature Encryption & Digital Signature

22 Security Implementation ClientServer log in: log in encrypted Digital Signature

23 encrypted Digital Signature server Security Implementation Client Public Key Server Private Key encrypted Secret Key e-mail address password Decryption & Verification

24 Security Implementation ClientServer If (existed e-mail address & matched password) Existed& matched else Invalid username or password ! h

25 Security Implementation Sending message with attachment : msg body attachment *&^1 )-h@ DS To: Cc: Bcc: Server Public Key Encryption & Digital Signature Client

26 *&^1 )-h@ DS attachment To: Cc: Bcc: *  ^1 ’  ’h’ *&^1 )-h@’ ’  ’h’ *&^1 To public key Cc public key Bcc public key(s) To: Cc: Encryption Security Implementation Server Private Key server

27 Security Implementation If right destination put msg in destination inbox else error msg in source inbox

28 Applying Range & Developing Horizons Applying Range: In all LANs Developing Horizons: Using this System to send/receive messages across Internet

29 Conclusion لخصت مجموعة الأخبار alt.security في قائمة الأسئلة الأكثر طرحاً FAQ ، عموميةَ مشكلة الأمن في الأنظمة بالإجابة على السؤال المشهور : س : ما الذي يجعل النظام غير آمن؟ ج : " إن أكثر ما يجعل نظاماً غير آمنٍ هو تشغيله ! ، حيث يكون النظام آمناً بشكل حقيقيّ إذا كان : مطفأ، مفصولاً عن كل شيء، مقفلاً عليه في حافظة من التيتانيوم، مدفوناً في مستودع تحت الأرض، ومحاطاً بغاز سام للأعصاب وبمجموعة من الحراس المدججين ذوي الرواتب العالية، وحتى مع كل هذا فأنا لا أراهن بحياتي عليه !” * [CONA-99] * يجيب على قائمة الأسئلة هذه Alec Muffett (Alec.Muffett@uk.sun.com) ، وذلك بمساعدة العديد من الآخرين.

30 Developed by: Manar Wassouf Somar Saeda Mahmoud Mahfoud Supervised by: Dr. Moutasem Shafa Amri Eng. Muhammad Juneidi Special thanks to : Administration and learning Group in Faculty of Information Technology. Thanks everybody for listening Developing Team Secure e-mail All rights reserved for developing team SMM © 2003-2004


Download ppt "Secure e-mail Damascus University Faculty of Information Technology Networks specialization Secure e-mail."

Similar presentations


Ads by Google