Presentation is loading. Please wait.

Presentation is loading. Please wait.

CS470, A.SelcukE-mail Security1 CS 470 Introduction to Applied Cryptography Instructor: Ali Aydin Selcuk.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "CS470, A.SelcukE-mail Security1 CS 470 Introduction to Applied Cryptography Instructor: Ali Aydin Selcuk."— Presentation transcript:

1 CS470, A.SelcukE-mail Security1 CS 470 Introduction to Applied Cryptography Instructor: Ali Aydin Selcuk

2 CS470, A.SelcukE-mail Security2 Security Services for E-mail privacy authentication integrity non-repudiation anonymity proof of submission proof of delivery message flow confidentiality, etc.

3 CS470, A.SelcukE-mail Security3 Key Management A per-message symmetric key is used for message encryption, which is conveyed in the mail, encrypted under a long-term key (typically a public key) Long-term keys can be established, –offline –online, with help from a trusted third party –online, through a webpage (for public keys)

4 CS470, A.SelcukE-mail Security4 Multiple Recipients Message key will be encrypted under each recipients long term key in the message header. –Bob’s ID, K Bob {S} –Carol’s ID, K Carol {S} –Ted’s ID, K Ted {S} –S{m} E.g.: To: Bob, Carol, Ted From: Alice Key-info: Bob-4276724736874376 Key-info: Carol-78657438676783457 Key-info: Ted-12873486743009 Msg-info: UHGuiy77t65fhj87oi.....

5 CS470, A.SelcukE-mail Security5 Text Format Issues Mail gateways/forwarders may modify the format of the message (wrapping long lines, end-of-line character, high order bits, etc.), causing the integrity check to fail Encode messages in a format supported by all mailers. 6-bit representation, no long lines, etc. (similar to uuencode)

6 CS470, A.SelcukE-mail Security6 Text Format Issues (cont’d) Problem: Non-supportive clients should be able to read authenticated (but not encrypted) messages, which they no longer can. Two options: –MAC without encoding (subject to corruption by mail routers) –Encode & MAC/encrypt (may not be readable at the other end)

7 CS470, A.SelcukE-mail Security7 Providing Different Services confidentiality: by encryption auth./integrity: by signature or MAC non-repudiation: by signature some eccentric services, –anonymity –message flow confidentiality –non-repudiation with secret keys can be provided by TTP support.

8 CS470, A.SelcukE-mail Security8 PEM & S/MIME Privacy Enhanced Mail (PEM) –Developed by IETF, to add encryption, source authentication & integrity protection to e-mail –Allows both public & secret long-term keys Message key is always symmetric –Specifies a detailed certification hierarchy Secure/MIME (S/MIME) –PEM never took off; CA hierarchy difficult to realize –S/MIME: PEM design incorporated into MIME

9 CS470, A.SelcukE-mail Security9 PEM Key Exchange & Encryption “Interchange keys”: Users’ long-term PEM keys –public (a detailed PKI is defined) –secret (pre-shared symmetric keys) Encryption –A symmetric per-message key is sent encrypted under the interchange key. –The message is encrypted under the per-message key (typically with DES in CBC mode) Authentication –Message is authenticated by a “MIC” (Q: Any authentication for the per-message key?)

10 CS470, A.SelcukE-mail Security10 PEM Certificate Hierarchy The root CA: “Internet Policy Registration Authority” (IPRA) “Policy Certification Authorities”: Second-level, CA- certifying CAs, each with a different policy: –High Assurance (HA): super-secure implemented on secure platforms regulates that the child CAs (also HACAs) enforce the same rules –Discretionary Assurance (DA): secure requires that the child CAs own their names –No Assurance (NA): no constraints can be used to certify Internet personas (pseudonyms) Lower-level CAs, certifying individuals or other CAs

11 CS470, A.SelcukE-mail Security11 S/MIME vs. PEM Incorporated into MIME; no other encoding Any sequence of sign & encrypt is supported (each as a recursive MIME encapsulation) Has more options than PEM ASN.1 header encoding No prescribed certification hierarchy Has a good prospect of deployment for commercial & organizational usage

12 CS470, A.SelcukE-mail Security12 Pretty Good Privacy (PGP) Popular mail & file encryption tool Developed by Phil Zimmermann, 1991 Based on RSA, IDEA, MD5 (later DSS, ElGamal (DH), 3DES, SHA1) Many different versions have emerged (from PGP, from GNU (GPG), from IETF (Open PGP))

13 CS470, A.SelcukE-mail Security13 PGP Operation All long-term user keys are public Signature: Message & timestamp are hashed (MD5 or SHA1) and signed (RSA or DSS) Compression (ZIP) Encryption: –Message is encrypted with a per-message symmetric key (typically with IDEA in CFB mode) –which is encrypted with the recipient’s public key (RSA or DH (ElGamal)) Radix-64 (6-bit) encoding

14 CS470, A.SelcukE-mail Security14 Trust Model & Key Management Any user can certify any other (anarchy model) Each user decides whom to trust and how much “Key Ring”: Data structure to store public keys held by a user, with their levels of trust Public keys can be obtained, –offline (in person, over the phone, etc.) –through personal webpages –through a trusted friend (“web of trust”) –through a trusted CA

15 CS470, A.SelcukE-mail Security15 DKIM – Domain Keys Identified Mail An effort to stop spam with forged domain addresses (e.g. phishing attacks). Standardized by RFC 4871; supported by Yahoo, Gmail, FastMail etc. Each domain has an email signature key. Public keys will be retrieved over DNS. If signature verification fails, mail will be dropped.

16 CS470, A.SelcukE-mail Security16 DKIM Once deployed, it will significantly limit phishing attacks with forged domain addresses. Deployment is increasing rapidly. Example: Gmail’s collaboration with PayPal & eBay

Download ppt "CS470, A.SelcukE-mail Security1 CS 470 Introduction to Applied Cryptography Instructor: Ali Aydin Selcuk."

Similar presentations

Chapter 14 – Authentication Applications

Chapter 14 – Authentication Applications
Authentication Applications. will consider authentication functions will consider authentication functions developed to support application-level authentication.

Authentication Applications. will consider authentication functions will consider authentication functions developed to support application-level authentication.
Spring 2012: CS419 Computer Security Vinod Ganapathy SSL, etc.

Spring 2012: CS419 Computer Security Vinod Ganapathy SSL, etc.
Email Security 1. email is one of the most widely used and regarded network services currently message contents are not secure may be inspected either.

Security 1. is one of the most widely used and regarded network services currently message contents are not secure may be inspected either.
Cryptography Chapter 7 Part 4 Pages 833 to 874. PKI Public Key Infrastructure Framework for Public Key Cryptography and for Secret key exchange.

Cryptography Chapter 7 Part 4 Pages 833 to 874. PKI Public Key Infrastructure Framework for Public Key Cryptography and for Secret key exchange.
1 Pertemuan 12 Authentication, Encryption, Digital Payments, and Digital Money Matakuliah: M0284/Teknologi & Infrastruktur E-Business Tahun: 2005 Versi:

1 Pertemuan 12 Authentication, Encryption, Digital Payments, and Digital Money Matakuliah: M0284/Teknologi & Infrastruktur E-Business Tahun: 2005 Versi:
PGP Overview 2004/11/30 Information-Center meeting peterkim.

PGP Overview 2004/11/30 Information-Center meeting peterkim.
Lecture 5: Email security: PGP Anish Arora CSE 5473 Introduction to Network Security.

Lecture 5: security: PGP Anish Arora CSE 5473 Introduction to Network Security.
Lecture 5: Email security: PGP Anish Arora CIS694K Introduction to Network Security.

Lecture 5: security: PGP Anish Arora CIS694K Introduction to Network Security.
Introduction to Cryptography

Introduction to Cryptography
Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.

Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.
1 Pertemuan 12 E-mail Security Matakuliah: H0242 / Keamanan Jaringan Tahun: 2006 Versi: 1.

1 Pertemuan 12 Security Matakuliah: H0242 / Keamanan Jaringan Tahun: 2006 Versi: 1.
NS-H0503-02/11041 E-mail Security. NS-H0503-02/11042 Email Security email is one of the most widely used and regarded network services currently message.

NS-H / Security. NS-H / Security is one of the most widely used and regarded network services currently message.
Electronic mail security

Electronic mail security
CS470, A.SelcukPKI1 Public Key Infrastructures CS 470 Introduction to Applied Cryptography Instructor: Ali Aydin Selcuk.

CS470, A.SelcukPKI1 Public Key Infrastructures CS 470 Introduction to Applied Cryptography Instructor: Ali Aydin Selcuk.
Key Distribution CS 470 Introduction to Applied Cryptography

Key Distribution CS 470 Introduction to Applied Cryptography
Cryptography and Network Security Chapter 15 Fourth Edition by William Stallings Lecture slides by Lawrie Brown.

Cryptography and Network Security Chapter 15 Fourth Edition by William Stallings Lecture slides by Lawrie Brown.
Email Security Jonathan Calazan December 12, 2005.

Security Jonathan Calazan December 12, 2005.
Lecture 9: Email Security via PGP CS 436/636/736 Spring 2012 Nitesh Saxena.

Lecture 9: Security via PGP CS 436/636/736 Spring 2012 Nitesh Saxena.
SMUCSE 5349/49 Email Security. SMUCSE 5349/7349 Threats Threats to the security of e-mail itself –Loss of confidentiality E-mails are sent in clear over.

SMUCSE 5349/49 Security. SMUCSE 5349/7349 Threats Threats to the security of itself –Loss of confidentiality s are sent in clear over.

Similar presentations

Ads by Google