Presentation is loading. Please wait.

Presentation is loading. Please wait.

Securing Email Using PGP and Digital Certificates Putting together cipher, digital signature, and MD5 one-way hashing.

Published byAlexander Simmons Modified over 9 years ago

Similar presentations

Presentation on theme: "Securing Email Using PGP and Digital Certificates Putting together cipher, digital signature, and MD5 one-way hashing."— Presentation transcript:

1 Securing Email Using PGP and Digital Certificates Putting together cipher, digital signature, and MD5 one-way hashing

2 Outline n How email works? n Signing email n Securing contents n PGP -- Pretty Good Privacy and PEM -- Privacy Enhanced Mail n Public Key Certificates

3 How does email work? n Suppose that Alice in Australia wants to send a message to Bob in USA via email çAlice starts an email program on her computer, and types in Bob’s email address çAlice composes (writes) the message çAlice hits a special key to tell the computer that the message is ready to go!

4 How does email work ? (2) çAlice’s email system adds a header to the message (including destination, return address, time stamp etc), and sends it to the nearest email gateway (a computer) çThe message is relayed from computer to computer before finally reaching Bob’s computer

5 A sample message to: bob@xyz.com.us from: alice@abc.com.au subject: hello date: Mon, 26 Aug 2001 13:23:47 Hi Bob, I am coming down to states in January. Alice

6 header + message header message

7 Possible attacks n spoofing ça third party may impersonate Alice and send a fake/modified message to Bob n Eavesdropping ça party sitting between Alice and Bob may peep communications between them n Replay ça party sitting between Alice and Bob may re-send to Bob an old message from Alice

8 Preventing spoofing & replay n Use çRSA digital signature çMD5 one-way hash algorithm

9 What Alice has to do? n prepares a pair of public and secret keys çpublic key:(e a, n a ) çsecret key: d a n registers her public key in a publicly available site and circulates it among friends (and also attaches it to the end of all her email messages). n composes a message.

10 What Alice’s computer has to do? n attaches to the message a header (to:, from:, date: subject:, etc) n uses MD5 to hash the pair (message, header) into a 128-bit value n uses Alice’s secret key d a to sign (decrypt) the 128-bit value n sends to the email gateway a triplet ç(header, message, signature)

11 header, message, signature signature Alice’s RSA secret key k a 1-way hashing by MD5 t k a mod n a 128 bits signature header message header message t

12 What Bob’s computer has to do? n finds out Alice’s public key (e a, n a ) n verifies (header, message, signature) n if OK, accepts that it is a message from Alice n Otherwise, informs Bob that it is NOT a genuine message from Alice

13 Check n how does the previous scheme prevent spoofing and replaying ? n does Bob have to have his public and secret keys ? why ?

14 Preventing peeping n the basic idea to encrypt each message by the use of hybrid RSA and IDEA çIDEA is a private key cipher lkey: 128 bits, plain/ciphertext: 64 bits n an extra requirement: çBob should lpublish his public key (e b, n b ) lkeeps his secret key d b in a safe place

15 Alice’s computer n As before, uses Alice’s secret key d a to sign a message and gets a triplet (header, message, signature) n picks a random 128-bit IDEA key k n encrypts (message, signature) using IDEA under the key k n finds out Bob’s public key (e b, n b ) n encrypts k using (e b, n b )

16 Message format E IDEA k e b mod n b IDEA key k IDEA key k signature message signature Bob’s RSA public key (e b, n b ) header message header

17 Message sent by Alice n Alice’s computer sends to Bob’s computer four (4) parts çheader, un-encrypted çmessage, encrypted using IDEA under k çsignature, encrypted using IDEA under k çIDEA key k, encrypted using Bob’s RSA public key (e b, n b )

18 header + message to: bob@xyz.com.us from: alice@uvw.com.au subject: hello date: Mon, 26 Feb 1996 13:23:47 Hi Bob, Meet in January at home ? Alice

19 header + message + signature to: bob@xyz.com.us from: alice@uvw.com.au subject: hello date: Mon, 26 Feb 1996 13:23:47 -----BEGIN PGP SIGNED MESSAGE----- Hi Bob, Meet in January at home ? Alice -----BEGIN PGP SIGNATURE----- Version: 2.6.3i Charset: noconv iQBVAwUBMT5dAjFqX5nL8leRAQGKoAH+LKirz3rVncjQ7xYZ+q/noL9MJGVmeuDz F0FjDtE2NgZoLQh7H6tlK3HzvMLCMK1a53xbMfPEBdYq/hvF7B3/xQ== =FuR2 -----END PGP SIGNATURE-----

20 header + encrypted (message + signature) to: bob@xyz.com.us from: alice@uvw.com.au subject: hello date: Mon, 26 Feb 1996 13:23:47 -----BEGIN PGP MESSAGE----- Version: 2.6.3i hEwDe3NF6ydtp0kBAf9pUR0Yf71cGBSEIYYviDZwWSEQdZdeP8ulMZofaChxQnEE T+1Z7m1GzT/qwfrW7edYEHb1U/Jk5PuGyO56JlYipgAAAJ1H4ubdEeEAcIafD+IO hFvHt7qiIq+OIzR3NDxlXtxp5IIBKjQqXLJduuFkTUlq0G3v1QTaR/K7IcEMGBEH ZVxye3qsRvDN7TGgl+PIxNS7gC6rgqZpJ5M0dXdAsG1L+3GO8FFYvPPfUOjmstTn +O5BXMYPbYkPE2fBTZ/COGxRIe09bULPwW6hnnr6It5GFB0Id/XZVcznzAql0tjO =6pZH -----END PGP MESSAGE-----

21 Bob’s computer n When receiving the parts from Alice, Bob’s computer çuses Bob’s secret key d b to decrypt the 4th part and extract IDEA key k çuses k and IDEA to decrypt the 2nd & 3rd parts çuses Alice’s public key (e a, n a ) to check Alice’s signature on the 1st & 2nd parts çif OK, accepts it as a genuine message from Alice

22 Check by yourself n explain how çspoofing çeavesdropping çreplay are prevented n why the 1st part (the header) is NOT encrypted ?

23 Signature-and-encryption or encryption-and-signature n 2 alternative approaches to achieving authenticity and confidentiality çSignature-and-encryption Signing the message first, followed by “sealing” the message-signature pair çEncryption-and-signature “scrambling” the message first, following by signing the ciphertext

24 Signature-and-encryption or encryption-and-signature (2) message signature message Signature-and-encryptionencryption-and-signature

25 Bob’s signature A potential spoofing attack against encryption-then-signature Bob’s signature Happy birthday ! Bill’s signature Happy birthday ! BobBill Cathy Thank you Bill !

26 The importance of order n Use “signature followed by encryption” in your applications !

27 Reminder: Marvin’s “Public Key Faking” Attack n Instead of just eavesdropping, Marvin can try a more active attack! n Outline of the New Attack: çMarvin generates an RSA key pair lPublic key = Kpub_* = (N_*, e_*) lSecret key = Ksec_* = d_* çMarvin sends the following email to Alice, pretending to be Bob: lHi Alice, ¥Please use my new public key from now on to encrypt messages to me. My new public key is Kpub_*. ¥Yours sincerely, Bob. çMarvin decrypts any messages Alice sends to Bob (encrypted with Kpub_*), using Ksec_*.

28 Preventing Marvin’s Attack (1) n Marvin’s Attack illustrates that: çIn the context of Public Key Encryption, Alice must make sure she is not using a “fake public key” produced by Marvin (like Kpub_*) to encrypt messages to Bob çIn the context of Digital Signatures, Alice must make sure she is not using a “fake public key” produced by Marvin to verify digital signatures on documents claimed to be produced by Bob.

29 Preventing Marvin’s Attack (2) n When Alice obtains Bob’s public key from some source, she is really receiving a document C containing a statement of the form “Bob’s public key is X”. n To prevent Marvin’s attack, Alice wants to check the integrity of the document C before she believes the statement it contains. n This is commonly done using a “Public Key Certification” system in conjunction with a digital signature scheme - This system is described in the following slides.

30 Public Key Certification System (1) n A Public Key Certification System requires the establishment of (at least one) Trusted Certification Authority (CA). n The CA is an organization known to all users and trusted by the users to: çIssue Certificates by following properly the procedure described in following slide çGuard its secret digital signature key SK_CA very well! n All users obtain the CA’s public digital signature key PK_CA directly from the CA.

31 Issuing Digital Certificates (1) n The CA issues Digital Certificates to users as follows: çA user Bob generates a key pair (Kpub, Ksec). çBob goes (ideally physically) to the CA, gives his public key Kpub, and declares “I’m Bob Smith, and Kpub is my public key!” çThe CA asks Bob to present strong proof of identity (eg Passport, driver’s licence), to ensure that CA is really talking to Bob Smith (and not Marvin, for example). çIf CA is convinced it is really talking to Bob Smith, the CA produces a digital certificate for Bob (see next slide for detailed content).

32 Issuing Digital Certificates (2) n The Digital Certificate C_Bob given to Bob by CA consists of essentially FIVE parts: çPart A. Bob’s unique identification information (eg Full name, address, etc) çPart B. Bob’s public key, Kpub çPart C. A unique certificate serial no. çPart D. Issue time, Expiry time, and any other conditions of use. çPart E. The CA’s digital signature on the document consisting of Parts (A,B,C,D). n So C_Bob = (A,B,C,D,E).

33 Using Digital Certificates (1) n Bob distributes his digital certificate C_Bob. n Note that: çThe certificate C_Bob is NOT secret çBob CANNOT use the certificate C_Bob by itself as a proof of identity (since anyone can get a copy of it). n When Alice needs Bob’s public key (eg to encrypt a message to Bob, or to verify Bob’s signature on a document) she obtains Bob’s digital certificate C_Bob (eg from Bob’s web server).

34 Using Digital Certificates (2) n From Part B of the certificate C_Bob, Alice extracts Bob’s public key PK_Bob. n But before using PK_Bob, Alice verifies that the certificate C_Bob is a valid certificate for Bob - This means that Alice verifies that: ç1. C_Bob contains (in part E) a valid signature by CA on the rest of the certificate (parts A,B,C,D). ç2. Part A of C_Bob contains Bob’s correct (unique) identification details (name, address,…). ç3. All the conditions stated in part D of the certificate C_Bob are valid (eg certificate has not expired yet). n Alice rejects C_Bob if it fails the test above!

Download ppt "Securing Email Using PGP and Digital Certificates Putting together cipher, digital signature, and MD5 one-way hashing."

Similar presentations

1 Key Exchange Solutions Diffie-Hellman Protocol Needham Schroeder Protocol X.509 Certification.

1 Key Exchange Solutions Diffie-Hellman Protocol Needham Schroeder Protocol X.509 Certification.
Hash Functions A hash function takes data of arbitrary size and returns a value in a fixed range. If you compute the hash of the same data at different.

Hash Functions A hash function takes data of arbitrary size and returns a value in a fixed range. If you compute the hash of the same data at different.
Key Management. Shared Key Exchange Problem How do Alice and Bob exchange a shared secret? Offline – Doesnt scale Using public key cryptography (possible)

Key Management. Shared Key Exchange Problem How do Alice and Bob exchange a shared secret? Offline – Doesnt scale Using public key cryptography (possible)
Public Key Infrastructure A Quick Look Inside PKI Technology Investigation Center 3/27/2002.

Public Key Infrastructure A Quick Look Inside PKI Technology Investigation Center 3/27/2002.
Last Class: The Problem BobAlice Eve Private Message Eavesdropping.

Last Class: The Problem BobAlice Eve Private Message Eavesdropping.
Spring 2000CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.

Spring 2000CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
Internet and Intranet Protocols and Applications Lecture 9a: Secure Sockets Layer (SSL) March, 2004 Arthur Goldberg Computer Science Department New York.

Internet and Intranet Protocols and Applications Lecture 9a: Secure Sockets Layer (SSL) March, 2004 Arthur Goldberg Computer Science Department New York.
Public Key Management and X.509 Certificates

Public Key Management and X.509 Certificates
1 Digital Signatures & Authentication Protocols. 2 Digital Signatures have looked at message authentication –but does not address issues of lack of trust.

1 Digital Signatures & Authentication Protocols. 2 Digital Signatures have looked at message authentication –but does not address issues of lack of trust.
Authentication Cristian Solano. Cryptography is the science of using mathematics to encrypt and decrypt data. Public Key Cryptography –Problems with key.

Authentication Cristian Solano. Cryptography is the science of using mathematics to encrypt and decrypt data. Public Key Cryptography –Problems with key.
Mar 12, 2002Mårten Trolin1 This lecture Diffie-Hellman key agreement Authentication Certificates Certificate Authorities SSL/TLS.

Mar 12, 2002Mårten Trolin1 This lecture Diffie-Hellman key agreement Authentication Certificates Certificate Authorities SSL/TLS.
1 Key Establishment Symmetric key problem: How do two entities establish shared secret key in the first place? Solutions: Deffie-Hellman trusted key distribution.

1 Key Establishment Symmetric key problem: How do two entities establish shared secret key in the first place? Solutions: Deffie-Hellman trusted key distribution.
Mar 4, 2003Mårten Trolin1 This lecture Diffie-Hellman key agreement Authentication Certificates Certificate Authorities.

Mar 4, 2003Mårten Trolin1 This lecture Diffie-Hellman key agreement Authentication Certificates Certificate Authorities.
8-1 What is network security? Confidentiality: only sender, intended receiver should “understand” message contents m sender encrypts message m receiver.

8-1 What is network security? Confidentiality: only sender, intended receiver should “understand” message contents m sender encrypts message m receiver.
Symmetric Key Distribution Protocol with Hybrid Crypto Systems Tony Nguyen.

Symmetric Key Distribution Protocol with Hybrid Crypto Systems Tony Nguyen.
Cryptographic Technologies

Cryptographic Technologies
Encryption An Overview. Fundamental problems Internet traffic goes through many networks and routers Many of those networks are broadcast media Sniffing.

Encryption An Overview. Fundamental problems Internet traffic goes through many networks and routers Many of those networks are broadcast media Sniffing.
Presented by Xiaoping Yu Cryptography and PKI Cosc 513 Operating System Presentation Presented to Dr. Mort Anvari.

Presented by Xiaoping Yu Cryptography and PKI Cosc 513 Operating System Presentation Presented to Dr. Mort Anvari.
1 Key Establishment Symmetric key problem: How do two entities establish shared secret key over network? Solution: trusted key distribution center (KDC)

1 Key Establishment Symmetric key problem: How do two entities establish shared secret key over network? Solution: trusted key distribution center (KDC)
Introduction to Public Key Infrastructure (PKI) Office of Information Security The University of Texas at Brownsville & Texas Southmost College.

Introduction to Public Key Infrastructure (PKI) Office of Information Security The University of Texas at Brownsville & Texas Southmost College.

Similar presentations

Ads by Google