Presentation is loading. Please wait.

Presentation is loading. Please wait.

Electronic mail security -- Pretty Good Privacy.

Published byCleopatra Wood Modified over 9 years ago

Similar presentations

Presentation on theme: "Electronic mail security -- Pretty Good Privacy."— Presentation transcript:

1 CS@UTC1 Electronic mail security -- Pretty Good Privacy

2 CS@UTC2 Pretty Good Privacy Philip R. Zimmerman is the creator of PGP. PGP provides a confidentiality and authentication service that can be used for electronic mail and file storage applications.

3 CS@UTC3 Why Is PGP Popular? It is availiable free on a variety of platforms. Based on well known algorithms. Wide range of applicability Not developed or controlled by governmental or standards organizations

4 CS@UTC4 Operational Description Consist of five services: –Authentication –Confidentiality –Compression –E-mail compatibility –Segmentation

5 CS@UTC5 PGP Operation – Authentication 1. Sender creates a message 2.SHA1 used to create 160-bit hash of message 3.Hash code is encrypted using the sender's private key, and resulting signature is attached to message 4.Receiver uses sender's public key to decrypt attached signature and recover hash code 5.Receiver generates hash code of message and compares with decrypted hash code. If match, message is accepted as authentic

6 CS@UTC6 PGP Operation – Authentication M= original message H= hash function | | = concatenation (join) Z= compression Z -1 = decompression EP= public key encryption DP= public key decryption KR a = A’s private key KU a = A’s public key

7 CS@UTC7 PGP Operation – Confidentiality 1.Sender generates message and random number to be used as session key for this message only 2.Message is encrypted, using AES, 3DES, IDEA or CAST-128, with session key 3.Session key is encrypted using RSA with recipient's public key, then attached to msg 4.Receiver uses RSA with its private key to decrypt and recover session key 5.Session key is used to decrypt message

8 CS@UTC8 EC= symmetric encryption DC= symmetric decryption K s = session key PGP Operation – Confidentiality (book, fig 5.1b)

9 CS@UTC9

10 10 PGP Operation – Compression PGP compresses the message: after signing the hash –to save having to compress document every time you wish to verify its signature before encryption –to speed up the process (less data to encrypt) –for greater security; compressed messages are more difficult to cryptanalyse as they have less redundancy)

11 CS@UTC11 E-mail Compatibility The scheme used is radix-64 conversion. The use of radix-64 expands the message by 33%.

12 CS@UTC12 PGP Operation – RADIX-64 encoding

13 CS@UTC13 PGP Operation – Segmentation/Reassembly Email protocols often restrict a message to a certain maximum size (e.g. 50KB) Thus PGP divides messages that are too large into smaller ones Reassembly at the other end is required before decryption or signature verification

14 CS@UTC14 Summary of PGP Services

15 CS@UTC15

16 CS@UTC16 Format of PGP Message

17 CS@UTC17

18 CS@UTC18

19 CS@UTC19

20 CS@UTC20 The Use of Trust Key legitimacy field Signature trust field Owner trust field

21 CS@UTC21

Download ppt "Electronic mail security -- Pretty Good Privacy."

Similar presentations

1 Pretty Good Privacy (PGP) Security for Electronic Email.

1 Pretty Good Privacy (PGP) Security for Electronic .
Pretty Good Privacy “ To PGP or not to PGP? “ Phil Zimmermann.

Pretty Good Privacy “ To PGP or not to PGP? “ Phil Zimmermann.
Email Security 1. email is one of the most widely used and regarded network services currently message contents are not secure may be inspected either.

Security 1. is one of the most widely used and regarded network services currently message contents are not secure may be inspected either.
Lecture 5: Email security: PGP Anish Arora CSE 5473 Introduction to Network Security.

Lecture 5: security: PGP Anish Arora CSE 5473 Introduction to Network Security.
Lecture 5: Email security: PGP Anish Arora CIS694K Introduction to Network Security.

Lecture 5: security: PGP Anish Arora CIS694K Introduction to Network Security.
Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.

Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.
Chapter 5 Electronic mail security. Outline Pretty good privacy S/MIME Recommended web sites.

Chapter 5 Electronic mail security. Outline Pretty good privacy S/MIME Recommended web sites.
1 Pertemuan 12 E-mail Security Matakuliah: H0242 / Keamanan Jaringan Tahun: 2006 Versi: 1.

1 Pertemuan 12 Security Matakuliah: H0242 / Keamanan Jaringan Tahun: 2006 Versi: 1.
NS-H0503-02/11041 E-mail Security. NS-H0503-02/11042 Email Security email is one of the most widely used and regarded network services currently message.

NS-H / Security. NS-H / Security is one of the most widely used and regarded network services currently message.
Electronic mail security

Electronic mail security
Dr Alejandra Flores-Mosri Security applications Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to:

Dr Alejandra Flores-Mosri Security applications Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to:
Henric Johnson1 Electronic mail security Henric Johnson Blekinge Institute of Technology, Sweden

Henric Johnson1 Electronic mail security Henric Johnson Blekinge Institute of Technology, Sweden
Cryptography and Network Security Chapter 15 Fourth Edition by William Stallings Lecture slides by Lawrie Brown.

Cryptography and Network Security Chapter 15 Fourth Edition by William Stallings Lecture slides by Lawrie Brown.
Electronic Mail Security. Authentication and confidentiality problems Two systems: - PGP (Pretty Good Privacy) - S/MIME (Science Multipurpose Internet.

Electronic Mail Security. Authentication and confidentiality problems Two systems: - PGP (Pretty Good Privacy) - S/MIME (Science Multipurpose Internet.
Lecture 9: Email Security via PGP CS 436/636/736 Spring 2012 Nitesh Saxena.

Lecture 9: Security via PGP CS 436/636/736 Spring 2012 Nitesh Saxena.
1 Cryptography Cryptography is a collection of mathematical techniques to ensure confidentiality of information Cryptography is a collection of mathematical.

1 Cryptography Cryptography is a collection of mathematical techniques to ensure confidentiality of information Cryptography is a collection of mathematical.
Electronic Mail Security

Electronic Mail Security
Secure e-mail r How do you do it? m Need to worry about sniffing, modifying, end- user masquerading, replaying. m If sender and receiver have shared secret.

Secure r How do you do it? m Need to worry about sniffing, modifying, end- user masquerading, replaying. m If sender and receiver have shared secret.
1 Chapter 5 Electronic mail security. 2 Outline Pretty good privacy S/MIME Recommended web sites.

1 Chapter 5 Electronic mail security. 2 Outline Pretty good privacy S/MIME Recommended web sites.
16.1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 16 Security at the Application Layer: PGP and.

16.1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 16 Security at the Application Layer: PGP and.

Similar presentations

Ads by Google