1 / 10

Electronic Mail Security

Electronic Mail Security. Authentication and confidentiality problems Two systems: - PGP (Pretty Good Privacy) - S/MIME (Science Multipurpose Internet Mail Extension). System utilization S/MIME Industrial Standard for business utilization PGB personal electronic mail.

kylia
Télécharger la présentation

Electronic Mail Security

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Electronic Mail Security

  2. Authentication and confidentiality problems • Two systems: - PGP (Pretty Good Privacy) - S/MIME (Science Multipurpose Internet Mail Extension). • System utilization S/MIME Industrial Standard for business utilization PGB personal electronic mail

  3. Philip R. Zimmermann created the first version of PGP encryption in 1991.(freeware) • Shortly after its release, PGP encryption found its way outside the United States and in February 1993 Zimmermann became the formal target of a criminal investigation by the US Government for “munition export without a license". • Cryptosystems using keys larger than 40 bits were then considered munitions within the definition of the US export without a license; PGP has never used keys smaller than 128 bits so it qualified at that time. Penalties for violation, if found guilty, were substantial. After several years, the investigation of Zimmermann was closed without filing criminal charges against him or anyone else. • After the Federal criminal investigation ended in 1996, Zimmermann and his team started a company to produce new versions of PGP encryption.

  4. Caratteristiche di sicurezza • Confidenzialità • Autenticazione di chi spedisce • Integrità del messaggio • Autenticazione del ricevente

  5. PGP is based on: • RSA, DSS, and Diffie- Helman algorithms for public key encryption and CAST-128, IDEA e TDEA algorithms for symmetric key encryption. • SHA-1 for hash functions. • PGP services: • - Authentication • - Confidentiality • - Compression • - E-mail compatibility • - Segmentation

  6. Authentication (digital signature) • The sender creates a message • SHA-1 is used to generate a 160 bit hash code of the message • The hash code is encrypted with RSA using the sender’s private key and the result is prepended to the message. • The receiver uses RSA with the sender’s public key, to decrypt and recover the hash code. • The receiver generates a new hash code for the message and compares it with the decrypted hash code. If the two match, the message is accepted as authentic

  7. Confidentiality The sendergenerates a message and a random 128-bit numbertobeusedas a session key forthismessageonly. (onetime key) 2. The messageisencrypted, using a symmetricalgorithm (CAST-128 or IDEA or 3DES) with the session key 3. The session key isencryptedwith RSA, using the recipient’s public key, and isprependedto the message 4. The receiveruses RSA withits private key todecrypt and recover the session key 5. The session key isusedtodecrypt the message.

  8. Authentication and Confidentiality • The sender • Signs the message with its private key • Encrypts the message with the session key • Encrypts the session key with the public key of the receiver

  9. Public key certification The mechanism is different from that of Certification Authority. The PGP public keys may be distributed through a public keys server.When a user submits a public key to one of these servers, the server sends a copy of the key to all the other servers and provides the key to anyone requires the key. A different and very common method of distributing its public key consists in to insert them in the personal web page.

  10. Compression • A message may be compressed, for storage or transmission using ZIP • Email compatibility • An encrypted message may be converted to an ASCII string using radix-e conversion • Segmentation • To accomodate maximum message size limitations, PGP performs segmentation and reassembly

More Related