The document discusses using PGP (Pretty Good Privacy) for securing email. It covers the history and versions of PGP, how PGP provides security through confidentiality, authentication, and key management. It also discusses challenges with identity verification using the Web of Trust model and how PGP supports encrypting messages to multiple recipients. Finally, it outlines some open-source PGP clients that can be used with email programs like Thunderbird, Firefox, and Gmail.
2. Using PGP for securing the e-mail 2
Topics
Introduction: History, Versions.
PGP: Description, Confidentiality, Authentication , Confidentiality and Authentication,
Key management, Keys exchange.
Web Of Trust: Identity problem, Definition, Idea, Disadvantages and attacks, How use
PGP without WoT.
Multiple recipients: Hybrid encryption, Two recipients, Mailing list.
Open-source clients
10/06/2017
3. Using PGP for securing the e-mail 3
Introduction: History of PGP
“Pretty Good Privacy” first version by Phil
Zimmermann in 1991.
Based on a symmetric-key algorithm and released as
a freeware software. For that, Zimmermann target of
a three-year criminal investigation.
Despite several problems, PGP became the most
widely used email encryption software in the world.
Zimmermann founded PGP Inc in 1996 from which
follows a new version of the software called PGP 3.
In 1997 company acquired by Network Associates
Inc (NAI).
In 2002, NAI discontinued development and sales of
PGP, and sold the rights to a new company, PGP
Corporation.
In 2010 Symantec Corp. acquired PGP.
10/06/2017
4. Using PGP for securing the e-mail 4
Introduction: Versions
PGP is a proprietary encryption solution, and the rights to its software are owned by
Symantec.
OpenPGP is the IETF-approved standard that describes encryption technologies.
GnuPG is a solution that follows the OpenPGP standards to provide an interface for
end users to easily encrypt their files.
10/06/2017
5. Using PGP for securing the e-mail 5
PGP: Security features
Confidentiality: to make message
contents private
Authentication: to determine
whether a message is sent by the
person or entity claimed to be the
sender
Message integrity: to keep a
message unchanged in the sense
that a user can verify if it has been
tampered during transmission.
10/06/2017
Non-repudiation: to prevent a person from denying that he is the sender of the
message.
6. Using PGP for securing the e-mail 6
PGP: Confidentiality
Combination of symmetric and asymmetric cryptography.
The symmetric one uses a 128 bit random session key to encrypt/decrypt the message
The asymmetric one uses the public/private keys of the receiver to encrypt/decrypt the
session key mentioned before.
10/06/2017
7. Using PGP for securing the e-mail 7
PGP: Authentication
Classical scheme of digital signatures which consists of hashes and “inverse”
asymmetric cryptography: encryption process with the private key of the sender and
decryption with public key of the sender.
Not to provide confidentiality but sent together the plaintext to guarantee
authentication, data integrity and non-repudiation.
10/06/2017
8. Using PGP for securing the e-mail 8
PGP: Confidentiality and Authentication
Sender side: authentication then confidentiality.
Receiver side: confidentiality then authentication.
Note: also the signature encrypted, compression after signing.
10/06/2017
9. Using PGP for securing the e-mail 9
PGP: Key management
A keypair (pair of public and private keys) is needed to perform the operations seen before.
User can have some different keypairs, we need a way to identify which of these is used.
For confidentiality we specify which public key of the recipient is used to encrypt the session key.
For authentication we need to specify which personal private key is used to produce the signature.
Key ID = least significant 64 bits of the key.
Public keyring contains the public keys (of other users) known to the user.
Private keyring contains personal keypairs indexed by Key ID and encrypted with a passphrase
10/06/2017
Key Exchange:
key parties: event at which
people present their public keys
to others in person
keyservers: special Internet
servers designed specifically for
handling and sharing PGP keys
email: it is possible to attach a
public key directly on an email.
10. Using PGP for securing the e-mail 10
WoT: Definition
PGP security features are strictly related to the concept of identity: How do you tie a
real world identity to the keypair?
Web of Trust: responsibility for identity verification to users.
As time goes on, you will accumulate keys from other people that you may want to
designate as trusted introducers. Everyone else will each choose their own trusted
introducers. And everyone will gradually accumulate and distribute with their key a
collection of certifying signatures from other people, with the expectation that anyone
receiving it will trust at least one or two of the signatures. This will cause the
emergence of a decentralized fault-tolerant web of confidence for all public keys.
The operation to the base of the web of trust is the signature of the key.
Signing someone else’s key means saying publicly that we have identified this person
and we are satisfied that his identity matches the identity provided with his public key.
10/06/2017
11. Using PGP for securing the e-mail 11
WoT: Idea
Hal is signed by Alice and Bob whom are both partially trusted
therefore Hal is valid.
Gil is signed by Alice and by another unknown signer. The latter is
considered neither partially trusted therefore Gil has a score less
than two then it is not valid.
Phil is signed by Ken and Jon but it is valid only because Jon is
fully trusted.
10/06/2017
nodes = keys in a
keyring
arrows = certification
signature
grey node = valid key
white node= not valid
key
single circle = partially
trusted introducer
double circle = fully
trusted introducer
question marks = keys
which don’t belong to
the keyring
A —> B = A has signed
or certified B’s key
12. Using PGP for securing the e-mail 12
WoT: Disadvantages and attacks
Loss of keys: who lost private key can no longer decrypt messages sent to them by
using the corresponding public key. Solution: expiry dates or designated revokers.
Possible slow start: it may take a long time before reaching an adequate level of trust
or sometimes can be difficult to readily find someone to sign a new certificate.
Solution: key signing parties.
Small world phenomenon: all complex networks present in nature are such that two
nodes can be linked by a path consisting of a relatively small number of links. This is
not enough because in order to state that a key is valid is also necessary that each
person of that chain is honest and competent about signing keys.
Attack a keyserver: Denial-Of-Service, compromised by an attacker that could change
some public key to perform a MITM or could insert on the server a lot of keys similar
to a target key in order to make difficult the search of it.
Data mining: same risks we have whenever we release personal information on
internet. Emails good for spammers. By analyzing available data an attacker could
identify groups of users who share goals or interests.
10/06/2017
13. Using PGP for securing the e-mail 13
Multiple recipients: Hybrid encryption
PGP uses the hybrid encryption seen before instead of encrypt the message directly
with the public key of the recipient.
RSA encryption and decryption are fast, but not very fast.
RSA enlarges your data.
RSA encrypts only messages with a limited size.
Hybrid encryption allows for efficient multi recipient data.
10/06/2017
14. Using PGP for securing the e-mail 14
Multiple recipients: Two recipients
PGP will perform the same steps described in the previous section but this time the
output is composed by:
Encrypted signature and message.
Session key encrypted with Alice’s public key.
Session key encrypted with Bob’s public key.
Header containing the key IDs and user IDs of Alice and Bob.
Alice and Bob are the two recipients.
Message is also encrypted with sender’s public key.
All recipients receive the same header.
Reduced output’s size.
10/06/2017
15. Using PGP for securing the e-mail 15
WoT: Mailing lists
Problem: PGP does not provide a direct management of mailing lists.
Objective: encrypt messages’ content in such a way that all mailing lists members can:
read it, post without loosing confidentiality, prove their membership to mailing list and
their personal identity to other members.
Assumptions: every user knows other members’ public key and all of them are part of a
Google group.
Idea: create and use a common keypair.
Implementation:
Configure Google groups to send messages to all members when there is a new post.
Choose a group leader who creates a new keypair and then sends it to all group’s
member by using PGP.
Each member encrypts their posts with group’s public key, signs them with his
private key, and decrypts them locally with group’s private key.
Advantages: limited complexity, new users have full access, stronger signatures.
Disadvantages: group’s leader needed, exiting users can continue decrypting messages.
10/06/2017
16. Using PGP for securing the e-mail 16
Open-source clients
10/06/2017
Mozilla Thunderbird + GnuPG + Enigmail
Open-source client for Windows, Mac OS, Linux
Mozilla Thunderbird is a free, open source,
cross-platform email, news, RSS, and chat client
developed by the Mozilla Foundation.
Enigmail is an extension for Thunderbird and
other Mozilla-based mail clients. It allows you to
encrypt and digitally sign emails using the
OpenPGP standard.
GnuPG is a complete and free implementation of
the OpenPGP standard. It allows to encrypt and
sign your data and communication, features a
versatile key management system as well as access
modules for all kinds of public key directories.
17. Using PGP for securing the e-mail 17
Open-source clients
10/06/2017
Firefox + Gmail + Mailvelope
Web mail browser based for Windows, Mac OS,
Linux
Mozilla Firefox is a free and open-source web
browser developed by the Mozilla Foundation.
Gmail is a free, advertising-supported email
service developed by Google..
Mailvelope is a free software for end-to-end
encryption of email traffic inside of a web
browser that integrates itself into existing
webmail applications. It can be used to encrypt
and sign electronic messages, including
attached files, without the use of a separate,
native email client using the OpenPGP
standard.
18. Using PGP for securing the e-mail 18
Open-source clients
10/06/2017
OpenKeychain + Gmail
Android
OpenKeychain helps you to
communicate more privately and
securely. It uses encryption to ensure
that your messages can be read only by
the people you send them to, others can
send you messages that only you can
read, and these messages can be
digitally signed so the people getting
them are sure who sent them.
OpenKeychain is based on the well
established OpenPGP standard making
encryption compatible across your
devices and systems.