pretty good privacy<br />securing e-mail communication<br />5.5.2010<br />
THE PROBLEM<br />e-mail „security“<br />5.5.2010<br />Pretty good privacy<br />2<br />
SMTP protocol<br />5.5.2010<br />3<br />S: 220 smtp.example.com ESMTP Postfix <br />C: HELO relay.example.org<br />S: 250 ...
SMTP protocol<br />4<br />PLAIN TEXT<br />everyone on the way can read it<br />Pretty good privacy<br />5.5.2010<br />
SMTP protocol<br />Pretty good privacy<br />5<br />NO AUTHENTICATION<br />everyone can pose as everyone<br />5.5.2010<br />
SMTP protocol<br />Pretty good privacy<br />6<br />SIZE LIMIT<br />e-mails are limited in size<br />5.5.2010<br />
THE SOLUTION<br />PGP - open solution to our problems<br />5.5.2010<br />Pretty good privacy<br />7<br />
PGP features<br />Authentication<br />Confidentiality<br />Compression<br />Segmentation<br />8<br />5.5.2010<br />Pretty ...
Predicates<br />Asymetric encryption<br />Digest algorithm<br />9<br />Private/public key pair<br />Private key is secret ...
Authentication<br />10<br />confirming the sender‘s identity<br />MATCH?<br />SHA-1digest<br />SHA-1digest<br />Sender‘s p...
Encryption<br />11<br />confirming the sender‘s identitymaking sure noone else can read the message<br />IDEAencryption<br...
Decryption<br />12<br />confirming the sender‘s identitymaking sure noone else can read the message<br />IDEAdecryption<br...
Decryption<br />13<br />saving bandwidthincreasing cryptoanalysis resistance<br />Sender<br />Recipient<br />5.5.2010<br /...
Compatibility & segmentation<br />14<br />traveling across platformsavoiding maximum size limit<br />Compatibility<br />+3...
THE CONCLUSION<br />Jernej Virag<br />15<br />5.5.2010<br />Pretty good privacy<br />
Upcoming SlideShare
Loading in …5
×

Pretty good privacy

8,109 views

Published on

Description of basic workings of PGP

Published in: Technology
0 Comments
1 Like
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total views
8,109
On SlideShare
0
From Embeds
0
Number of Embeds
39
Actions
Shares
0
Downloads
288
Comments
0
Likes
1
Embeds 0
No embeds

No notes for slide

Pretty good privacy

  1. 1. pretty good privacy<br />securing e-mail communication<br />5.5.2010<br />
  2. 2. THE PROBLEM<br />e-mail „security“<br />5.5.2010<br />Pretty good privacy<br />2<br />
  3. 3. SMTP protocol<br />5.5.2010<br />3<br />S: 220 smtp.example.com ESMTP Postfix <br />C: HELO relay.example.org<br />S: 250 Hello relay.example.org, I am glad to meet you <br />C: MAIL FROM:<bob@example.org><br />S: 250 Ok <br />C: RCPT TO:<alice@example.com><br />S: 250 Ok <br />C: RCPT TO:<theboss@example.com> <br />S: 250 Ok <br />C: DATA <br />S: 354 End data with <CR><LF>.<CR><LF> <br />C: Hello Alice. <br />C: Your friend, Bob<br />C: . <br />S: 250 Ok: queued as 12345 <br />C: QUIT <br />S: 221 Bye<br />Pretty good privacy<br />
  4. 4. SMTP protocol<br />4<br />PLAIN TEXT<br />everyone on the way can read it<br />Pretty good privacy<br />5.5.2010<br />
  5. 5. SMTP protocol<br />Pretty good privacy<br />5<br />NO AUTHENTICATION<br />everyone can pose as everyone<br />5.5.2010<br />
  6. 6. SMTP protocol<br />Pretty good privacy<br />6<br />SIZE LIMIT<br />e-mails are limited in size<br />5.5.2010<br />
  7. 7. THE SOLUTION<br />PGP - open solution to our problems<br />5.5.2010<br />Pretty good privacy<br />7<br />
  8. 8. PGP features<br />Authentication<br />Confidentiality<br />Compression<br />Segmentation<br />8<br />5.5.2010<br />Pretty good privacy<br />
  9. 9. Predicates<br />Asymetric encryption<br />Digest algorithm<br />9<br />Private/public key pair<br />Private key is secret and uncompromised<br />Private key encrypted data can only be decrypted by corresponding public key<br />Reverse holds true as well<br />Same input always generates same output<br />Small change of input causes huge change on output<br />Chance of collision has to be minimal<br />5.5.2010<br />Pretty good privacy<br />
  10. 10. Authentication<br />10<br />confirming the sender‘s identity<br />MATCH?<br />SHA-1digest<br />SHA-1digest<br />Sender‘s public key<br />RSAencryption<br />RSAdecryption<br />Sender‘s private key<br />5.5.2010<br />Pretty good privacy<br />
  11. 11. Encryption<br />11<br />confirming the sender‘s identitymaking sure noone else can read the message<br />IDEAencryption<br />Session key<br />IDEAencryption<br />Recipient‘s public<br />key<br />5.5.2010<br />Pretty good privacy<br />
  12. 12. Decryption<br />12<br />confirming the sender‘s identitymaking sure noone else can read the message<br />IDEAdecryption<br />IDEAdecryption<br />Session key<br />Recipient‘s private<br />key<br />5.5.2010<br />Pretty good privacy<br />
  13. 13. Decryption<br />13<br />saving bandwidthincreasing cryptoanalysis resistance<br />Sender<br />Recipient<br />5.5.2010<br />Pretty good privacy<br />
  14. 14. Compatibility & segmentation<br />14<br />traveling across platformsavoiding maximum size limit<br />Compatibility<br />+33% size<br />radix-64<br />binary data<br />Segmentation<br />automatic segmentation and reassembly of long messages<br />5.5.2010<br />Pretty good privacy<br />
  15. 15. THE CONCLUSION<br />Jernej Virag<br />15<br />5.5.2010<br />Pretty good privacy<br />

×