Download presentation
Presentation is loading. Please wait.
Published byLinda Wilcox Modified over 9 years ago
1
Secure e-mail Damascus University Faculty of Information Technology Networks specialization Secure e-mail
2
presentation scheme What is our project? Project goals Encryption Algorithms and Digital Signature Existed similar products Server and Client Functions Security implementation Developing horizons Conclusion
3
what is our project? Secure e-mailSecuree-mail Encrypted exchange of messages between communication sides using mixture of symmetric and asymmetric encryption LAN email with many services
4
Project goals Security goals Communication goals Information security Data integrity Server and Client authentication Identity spoofing Non repudiation Building an application to perform: Exchanging messages and attached files
5
Developing Model client side evaluation design risk analysis planning calling the clientanalysis Implementation
6
Encryption Algorithms Hi Mahmoud *&^1 )-h@’ Hi Mahmoud ManarMahmoud Same Key Symmetric
7
Encryption Algorithms Hi Mahmoud *&^1 )-h@’ Hi Mahmoud ManarMahmoud Asymmetric Mahmoud’s Public Key Mahmoud’s Private Key
8
Hash Function X Using of Hash Function Encryption Algorithms Message digest
9
Encryption Algorithms Message digest + sender private key digital signature Goals of digital signature: Data integrity Authentication Identity spoofing Non repudiation
10
Encryption Algorithms Hash MM ’M ’’H ‘HH ‘’M ’MM ’’HM ’ Client Private Key Session Key Server Public Key Server Private Key Client Public Key H ‘’H = ? If true True message ClientServer M ’’H ‘
11
existed similar products PEM: Privacy Enhanced Mail, 1987 Attempted to add security to SMTP Attempted o build a CA hierarchy along X500 lines Solved the data formatting problem with base 64 encoding It has failed because: Message format was ugly The required X500 support infrastructure PGP: Pretty Good Privacy, 1991 MD4 + RSA signatures & key s exchange.. IDEA for encryption Ports for UNIX, VMS, … Compression speedup encryption & signing, reduce msg Requires no support infrastructure
12
Data Base Server’s User # E-mail address * Password * firstName * lastName * question * answer Keys # E-mail address * privateExp * privateMod * publicExp * publicMod Messages # id * To * fromUser * dataSend О subject О Body О State О Cc О Important О Attachment О is Encrypted attachment # Id * File name
13
Client’s Data Base Mymessage # Id * To * fromUser * subject ס dataSend ס Body ס State ס Cc ס Bcc ס Deleted ס important ס Attachment attachment # Id * File name addressBook # e-mail address ס f_name ס l_name ס tel_nb ס mobile_nb ס address Client keys # E-mail address * privateExp * privateMod * publicExp * publicMod
14
Server and Client Functions Server’s Daemon: Works all the time Receives requests Forewords it to threads Thread: Receives request from server Call suitable procedure according to request parameters What procedures we have: log in new account register receiving message from client and forwarding it to its destination sending directed messages to client services as: changing password, remembering password generating private and public keys
15
Server and Client Functions Client’s Client available services: log in new account register sending message to server with/without attachment import client messages from server services as: changing password, remembering password sending more than one message in the same time (Outbox) sending: replay, replay all, forward address book
16
Security Implementation Client Server
17
Security Implementation ClientServer new account X Y Server Private Key K’ Server Public Key K’’ If (K = = K’’) client and server have same key new account:
18
Security Implementation If (K = = K’’) client and server have same key e-mail address passwordfirst namelast namequestionanswer Secret Key (K) encrypted Client
19
Server encrypted Secret Key (K) e-mail address password first name last name question answer Security Implementation
20
ClientServer If existed e-mail address existed else New account added ! h Client private + public key
21
Security Implementation log in: If (K = = K’’) client and server have same key e-mail address password Session Key encrypted Client Client Private Key Server Public Key encrypted Digital Signature Encryption & Digital Signature
22
Security Implementation ClientServer log in: log in encrypted Digital Signature
23
encrypted Digital Signature server Security Implementation Client Public Key Server Private Key encrypted Secret Key e-mail address password Decryption & Verification
24
Security Implementation ClientServer If (existed e-mail address & matched password) Existed& matched else Invalid username or password ! h
25
Security Implementation Sending message with attachment : msg body attachment *&^1 )-h@ DS To: Cc: Bcc: Server Public Key Encryption & Digital Signature Client
26
*&^1 )-h@ DS attachment To: Cc: Bcc: * ^1 ’ ’h’ *&^1 )-h@’ ’ ’h’ *&^1 To public key Cc public key Bcc public key(s) To: Cc: Encryption Security Implementation Server Private Key server
27
Security Implementation If right destination put msg in destination inbox else error msg in source inbox
28
Applying Range & Developing Horizons Applying Range: In all LANs Developing Horizons: Using this System to send/receive messages across Internet
29
Conclusion لخصت مجموعة الأخبار alt.security في قائمة الأسئلة الأكثر طرحاً FAQ ، عموميةَ مشكلة الأمن في الأنظمة بالإجابة على السؤال المشهور : س : ما الذي يجعل النظام غير آمن؟ ج : " إن أكثر ما يجعل نظاماً غير آمنٍ هو تشغيله ! ، حيث يكون النظام آمناً بشكل حقيقيّ إذا كان : مطفأ، مفصولاً عن كل شيء، مقفلاً عليه في حافظة من التيتانيوم، مدفوناً في مستودع تحت الأرض، ومحاطاً بغاز سام للأعصاب وبمجموعة من الحراس المدججين ذوي الرواتب العالية، وحتى مع كل هذا فأنا لا أراهن بحياتي عليه !” * [CONA-99] * يجيب على قائمة الأسئلة هذه Alec Muffett (Alec.Muffett@uk.sun.com) ، وذلك بمساعدة العديد من الآخرين.
30
Developed by: Manar Wassouf Somar Saeda Mahmoud Mahfoud Supervised by: Dr. Moutasem Shafa Amri Eng. Muhammad Juneidi Special thanks to : Administration and learning Group in Faculty of Information Technology. Thanks everybody for listening Developing Team Secure e-mail All rights reserved for developing team SMM © 2003-2004
Similar presentations
© 2024 SlidePlayer.com. Inc.
All rights reserved.