SlideShare a Scribd company logo

OpenPGP Message Format

Stefan
Stefan

Presentation about the OpenPGP Message Format and it's implementation in Java. Hold in Juni 2014 at the Institute for Applied Information Processing and Communications.

1 of 29
Download to read offline
Java Privacy Guard An Implementation of the OpenPGP Message Format in Java Stefan More, Advisor: Dieter Bratko, Peter Lipp June 13, 2014
Overview 1. Problem Statement 2. openPGP 3. Java Privacy Guard 4. Summary & Outlook Stefan More, Bakk@IAIK 2 June 13, 2014
Problem Statement Message Confidentiality Message Integrity Sender Authentication Anonymity End to End Stefan More, Bakk@IAIK 4 June 13, 2014
openPGP Stefan More, Bakk@IAIK 5 June 13, 2014
PGP History Pretty Good Privacy 1991: PGP created by Phil Zimmermann most widely used email encryption software [6] 1998: PGP 5 standardized: openPGP (RFC 4880) 2010: PGP assets sold to Symantec for $ 300.000.000 (Enterprise Security) Stefan More, Bakk@IAIK 6 June 13, 2014
Standard: openPGP (RFC 4880 etc.) Implementations: PGP (Zimmermann, Symantec) GnuPG / GPG (GNU) APG (Android) End-to-End (Google Chrome) Bouncycastle (Java) Java Privacy Guard (IAIK-JCE) Stefan More, Bakk@IAIK 7 June 13, 2014
openPGP Combines Symmetric-Key Cryptography and Public-Key Cryptography + Hashing + Data Compression + Trust Model Stefan More, Bakk@IAIK 8 June 13, 2014
Revisiting Problem Statement Message Confidentiality: Encryption Message Integrity: Digital Signatures Sender Authentication: Web Of Trust Anonymity? Tor, I2P, . . . Stefan More, Bakk@IAIK 9 June 13, 2014
De-/Encryption Encrypt Data with Random Symmetric-Key, encrypt Symmetric-Key with Public-Key Multiple Receiver: Encrypt Data only once Symmetric Cipher: AES, IDEA, 3DES, CAST5, . . . Keysize 112 bits [7] Public-Key Cipher: RSA, ElGamal Keysize 2048 bits [7] Stefan More, Bakk@IAIK 10 June 13, 2014
Stefan More, Bakk@IAIK 11 June 13, 2014
Stefan More, Bakk@IAIK 11 June 13, 2014
Stefan More, Bakk@IAIK 11 June 13, 2014
Stefan More, Bakk@IAIK 11 June 13, 2014
Digital Signatures Hash Message Body Sign Hash with Private Key Sign Other Keys (! Trust Model) Hash Algorithms: SHA-2, SHA-1, RIPE-MD/160, MD5 Signature Algorithms: RSA, DSA Stefan More, Bakk@IAIK 12 June 13, 2014
Web Of Trust Decentralized Trust Model (Can be centralized) No Certificate Authority Transitive Trust Pathfinder: pgp.cs.uu.nl/doc/faq.html Key-Set Analysis: pgp.cs.uu.nl/plot Stefan More, Bakk@IAIK 13 June 13, 2014
Java Privacy Guard openPGP in Java using IAIK-JCE Stefan More, Bakk@IAIK 14 June 13, 2014
Java Privacy Guard Full Implementation of RFC 4880 (not yet) Compatibility to other PGP Implementations Simple API Extended API Key Management Crypto provided by JCA (default: IAIK-JCE) Stefan More, Bakk@IAIK 15 June 13, 2014
openPGP Structure Packets: Internal Structure Contain actual Data (+ Metadata) Transferable: Consists Packets Message, Keys, Signature, Keyring, . . . Stefan More, Bakk@IAIK 16 June 13, 2014
----- BEGIN PGP MESSAGE ----- Comment : GPGTools - http :// gpgtools .org hQIOA5v3tWTQmvtJEAf / QPf5FuQMZpG + cKylmm819K2eoIv75nxTSk25tLwVkGMi IR0xOVCkTV + PNgi7aSbhNxBZ6dMJougl1cGx / XtKZ3bQ2gli5h + pxzGnRhTBzu2n BWh361unf42D9cIWV3ME + f18rZynp4EdBDk6NENdPiaV0odMdlxoDbPmrrdEzM5F ozjm6c9RJD7gDQ4KVfy13eiSX + MSgsbdMeDk0EgqwzczHl /5 ATWFMh3x + uDZ0mop 6 NXlX3rvzFoA9NkiDR0CDcYuTXspfDt6JJyDYRlgm4KEaBbP + Eh6rZK4vBIq / Bkj KK9ZwKZOtkljtMvGYWV9AD2CStOrP5lT7wFM / IAEAwf / RvAq6ixUhqjGExrcxc68 6 NB1Ka1zp4FfMYH9I3IKKQTjIVbgCqINil4hvaqUBdF7YXc / gS0skWKztqUqEKky BIW8pmKw0 + AIHuHQUtebSnd / y3LmQhlMj / WjnTEK2DeirU5e05YzKnSdZMRBDAEg GMFSs9gNgYBvrh1LQhXCdwwga05s5sOFPk4lRMAjm1eKjny74OpBv0Ze4UKWeG /4 DLhPAa5n0GZWVZ81UK5xeQEuWoH2BTtbUJ32yxFDrCFUNqRBJh67AiXQeT3gzkp7 cmjxdvSZLQd94mOChWvPAqxgG4w0SPSeJVaiDDVj0P24Lt + yHBSMOaxi3k7vWJwW moUCDAO1gB / YJnRgOQEP / iIX3 / GYPJvegETBEV8z8ug36TLlqx6VDK2B6wp7C9BB E0FfIKa6vVDmUt7FOtzHIfcu1by9U0NAt4IzIs8gO9P ++ vI72qwyjJmapkdJ6TOk w8pJn8sweV / rNT5NoYjhG10ErxtzhspQCykt8d3hx4mCoBxDYtJl6fDLceji / YJV 2 tI0 /0 I8wiKsl / EkO817 / BgjnLKQvVctqiHBlo5o4YxyxWycXVVdkctAtH4NWO0H dmr76stfCFPQTo24Fjd /1 fi8rIcHVJIv + yuEd1ZkBw / BibaCkBCseNXJUVsedEAC 0 rGcCCT56gQuGrzlmRbptvzgr2WQ + qYZJwmomZqeF4xP81A9rbWaDINr5 / slkRIZ ie9HV +6 krAaDJ9iEAJcK0yorkznFszW6 + uynljZ + sWn72Ff / UBVSktYF + J8zDISI e/6 NpeEvgL5EByrY / LEXeCzPjok3JCt7wZhqjdcrDJLveYfw2StGunxhfl33wRqx kBG0G49ba + v3fyOTSqjlA5yekZ6YkQJaQIfLCa1Guierw9oFKAENMx1xzfL4TJWW RGx54xBUmMblZPVIDgE5cWVqmaZoRH5SvlEQEi9lW8yuGVvdJfdLHdPsRSxRPwz4 fDHfpYLYM9Kj5My3inYd9NmIvWoFTFgHJuy3B3pd4pPXLxjgA + Qo3ncCneQkluDe ySG6c8b + hCyl9b4S / qBnzPumxCVZ1FUvubuAboMgGno0hd8 = =2 IUj -----END PGP MESSAGE ----- Stefan More, Bakk@IAIK 17 June 13, 2014
tag: Public-Key Encrypted Session Key Packet length: 526 version: 3 keyId: “9BF7B564D09AFB49” publicKeyAlgorithm: “Elgamal (Encrypt-Only)” encryptedSessionKey tag: Public-Key Encrypted Session Key Packet length: 524 version: 3 keyId: “B5801FD826746039” publicKeyAlgorithm: “RSA (Encrypt or Sign)” encryptedSessionKey tag: Symmetrically Encrypted Data Packet length: 33 Encrypted Data Stefan More, Bakk@IAIK 18 June 13, 2014
Load Decrypt PGP Message IAIK . addAsProvider ( ) ; PGPMessage pgpMessage = parseMessage ( i s1 ) ; PGPPrivateKey pr ivKey = parsePr ivatekey ( i s2 ) ; PGPCipher c ipher = new PGPCipher ( ) ; c ipher . i n i t ( PGPCipher .DECRYPT MODE, pr i v key ) ; byte [ ] c l e a r t e x t = c ipher . doFinal ( pgpmessage ) ; Stefan More, Bakk@IAIK 19 June 13, 2014
Summary Studied RFC 4880 IAIK-JCE Implemented: Reading ASCII-Armor (Base 64 + CRC24) Parsing PGP Message Objects (Packets) Key Management (Simple Keychain) Message Decryption (RSA ElGamal) Signature Validation (RSA DSA) Decompression Stefan More, Bakk@IAIK 20 June 13, 2014
Outlook / Future Research Message Encryption and Signature Validation Missing parts of RFC 4880 (Partial body length, . . . ) RFC 6637: ECC Keyservers? Stefan More, Bakk@IAIK 21 June 13, 2014
Thank You for Your Attention Questions? Remarks? Stefan More, Bakk@IAIK 22 June 13, 2014
[1] Laura Poitras https://commons.wikimedia.org/wiki/File:Edward_Snowden-2.jpg [2] Glenn Greenwald https://en.wikipedia.org/wiki/File: Glenn_greenwald_portrait_transparent.png [3] Katy Scoggin https://commons.wikimedia.org/wiki/File:Laura_Poitras_2014.jpg [4] Regionales RechenZentrum Erlangen https://commons.wikimedia.org/wiki/Category:RRZE-Icon-Set [5] The Opte Project http://www.opte.org/the-internet [6] http://www.philzimmermann.com/EN/background/index.html [7] Recommendation for Key Management, Special Publication 800-57 Part 1 Rev. 3, NIST, 07/2012. http://www.keylength.com/en/4/ [8] http://cirw.in/gpg-decoder Stefan More, Bakk@IAIK 23 June 13, 2014
Oracle and Java are registered trademarks of Oracle and/or its affiliates. Google and Chrome are registered trademarks of Google and/or its affiliates. Other names may be trademarks of their respective owners. Stefan More, Bakk@IAIK 24 June 13, 2014

Recommended

TopicModelingNLPHandsOnML
TopicModelingNLPHandsOnMLTopicModelingNLPHandsOnML
TopicModelingNLPHandsOnMLSamir Aryamane
 
20190516 web security-basic
20190516 web security-basic20190516 web security-basic
20190516 web security-basic
MksYi
 
Anomaly detection in dns traffic
Anomaly detection in dns trafficAnomaly detection in dns traffic
Anomaly detection in dns traffic
Bangladesh Network Operators Group
 
Pretty good privacy
Pretty good privacyPretty good privacy
Pretty good privacy
Jernej Virag
 
OpenPGP/GnuPG Encryption
OpenPGP/GnuPG EncryptionOpenPGP/GnuPG Encryption
OpenPGP/GnuPG Encryption
Tanner Lovelace
 
Pgp pretty good privacy
Pgp pretty good privacyPgp pretty good privacy
Pgp pretty good privacy
Pawan Arya
 
[233] level 2 network programming using packet ngin rtos
[233] level 2 network programming using packet ngin rtos[233] level 2 network programming using packet ngin rtos
[233] level 2 network programming using packet ngin rtos
NAVER D2
 
The IPv6 Snort Plugin (at DeepSec 2014)
The IPv6 Snort Plugin (at DeepSec 2014)The IPv6 Snort Plugin (at DeepSec 2014)
The IPv6 Snort Plugin (at DeepSec 2014)
Martin Schütte
 

Recommended

TopicModelingNLPHandsOnML
TopicModelingNLPHandsOnMLTopicModelingNLPHandsOnML
TopicModelingNLPHandsOnMLSamir Aryamane
 
20190516 web security-basic
20190516 web security-basic20190516 web security-basic
20190516 web security-basic
MksYi
 
Anomaly detection in dns traffic
Anomaly detection in dns trafficAnomaly detection in dns traffic
Anomaly detection in dns traffic
Bangladesh Network Operators Group
 
Pretty good privacy
Pretty good privacyPretty good privacy
Pretty good privacy
Jernej Virag
 
OpenPGP/GnuPG Encryption
OpenPGP/GnuPG EncryptionOpenPGP/GnuPG Encryption
OpenPGP/GnuPG Encryption
Tanner Lovelace
 
Pgp pretty good privacy
Pgp pretty good privacyPgp pretty good privacy
Pgp pretty good privacy
Pawan Arya
 
[233] level 2 network programming using packet ngin rtos
[233] level 2 network programming using packet ngin rtos[233] level 2 network programming using packet ngin rtos
[233] level 2 network programming using packet ngin rtos
NAVER D2
 
The IPv6 Snort Plugin (at DeepSec 2014)
The IPv6 Snort Plugin (at DeepSec 2014)The IPv6 Snort Plugin (at DeepSec 2014)
The IPv6 Snort Plugin (at DeepSec 2014)
Martin Schütte
 
Programando o ESP8266 com Python
Programando o ESP8266 com PythonProgramando o ESP8266 com Python
Programando o ESP8266 com Python
Relsi Maron
 
Packet Sniffer
Packet Sniffer Packet Sniffer
Packet Sniffer
vilss
 
Sevcik, Chachra, and Brady "RFID in Libraries: Standards and Expanding Use"
Sevcik, Chachra, and Brady "RFID in Libraries: Standards and Expanding Use"Sevcik, Chachra, and Brady "RFID in Libraries: Standards and Expanding Use"
Sevcik, Chachra, and Brady "RFID in Libraries: Standards and Expanding Use"
National Information Standards Organization (NISO)
 
HTTP/3 for everyone
HTTP/3 for everyoneHTTP/3 for everyone
HTTP/3 for everyone
Daniel Stenberg
 
IoT 2.pptx
IoT 2.pptxIoT 2.pptx
IoT 2.pptx
WulandariWulandari68
 
Ipv6 tutorial
Ipv6 tutorialIpv6 tutorial
Ipv6 tutorial
Edress Oryakhail
 
Ipv6 tutorial
Ipv6 tutorialIpv6 tutorial
Ipv6 tutorialsaryu2011
 
IPsecurity.ppt
IPsecurity.pptIPsecurity.ppt
IPsecurity.ppt
ShineStar21
 
IPsecurity.ppt
IPsecurity.pptIPsecurity.ppt
IPsecurity.ppt
witscollege
 
IPsecurity (1).ppt
IPsecurity (1).pptIPsecurity (1).ppt
IPsecurity (1).ppt
ssuserec53e73
 
HTTP/3 is next generation HTTP
HTTP/3 is next generation HTTPHTTP/3 is next generation HTTP
HTTP/3 is next generation HTTP
Daniel Stenberg
 
SIP for geeks
SIP for geeksSIP for geeks
SIP for geeksKundan Singh
 
Securing the Web without site-specific passwords
Securing the Web without site-specific passwordsSecuring the Web without site-specific passwords
Securing the Web without site-specific passwords
Francois Marier
 
Asterisk WebRTC frontier: make client SIP Phone with sipML5 and Janus Gateway
Asterisk WebRTC frontier: make client SIP Phone with sipML5 and Janus GatewayAsterisk WebRTC frontier: make client SIP Phone with sipML5 and Janus Gateway
Asterisk WebRTC frontier: make client SIP Phone with sipML5 and Janus Gateway
Alessandro Polidori
 
Cfgmgmtcamp 2023 — eBPF Superpowers
Cfgmgmtcamp 2023 — eBPF SuperpowersCfgmgmtcamp 2023 — eBPF Superpowers
Cfgmgmtcamp 2023 — eBPF Superpowers
Raphaël PINSON
 
HTTPS: What, Why and How (SmashingConf Freiburg, Sep 2015)
HTTPS: What, Why and How (SmashingConf Freiburg, Sep 2015)HTTPS: What, Why and How (SmashingConf Freiburg, Sep 2015)
HTTPS: What, Why and How (SmashingConf Freiburg, Sep 2015)
Guy Podjarny
 
Http3 fullstackfest-2019
Http3 fullstackfest-2019Http3 fullstackfest-2019
Http3 fullstackfest-2019
Daniel Stenberg
 
Profiling and optimizing go programs
Profiling and optimizing go programsProfiling and optimizing go programs
Profiling and optimizing go programs
Badoo Development
 
SnorGen User Guide 2.0
SnorGen User Guide 2.0SnorGen User Guide 2.0
SnorGen User Guide 2.0
Sungho Yoon
 
PLNOG16: Mix 2-in-1: IPv6 troubleshooting for helpdesks - and – DANE/DNSSE...
PLNOG16: Mix 2-in-1: IPv6 troubleshooting for helpdesks - and – DANE/DNSSE...PLNOG16: Mix 2-in-1: IPv6 troubleshooting for helpdesks - and – DANE/DNSSE...
PLNOG16: Mix 2-in-1: IPv6 troubleshooting for helpdesks - and – DANE/DNSSE...
PROIDEA
 
Enhancing Research Orchestration Capabilities at ORNL.pdf
Enhancing Research Orchestration Capabilities at ORNL.pdfEnhancing Research Orchestration Capabilities at ORNL.pdf
Enhancing Research Orchestration Capabilities at ORNL.pdf
Globus
 
OpenFOAM solver for Helmholtz equation, helmholtzFoam / helmholtzBubbleFoam
OpenFOAM solver for Helmholtz equation, helmholtzFoam / helmholtzBubbleFoamOpenFOAM solver for Helmholtz equation, helmholtzFoam / helmholtzBubbleFoam
OpenFOAM solver for Helmholtz equation, helmholtzFoam / helmholtzBubbleFoam
takuyayamamoto1800
 

More Related Content

Similar to OpenPGP Message Format

Programando o ESP8266 com Python
Programando o ESP8266 com PythonProgramando o ESP8266 com Python
Programando o ESP8266 com Python
Relsi Maron
 
Packet Sniffer
Packet Sniffer Packet Sniffer
Packet Sniffer
vilss
 
Sevcik, Chachra, and Brady "RFID in Libraries: Standards and Expanding Use"
Sevcik, Chachra, and Brady "RFID in Libraries: Standards and Expanding Use"Sevcik, Chachra, and Brady "RFID in Libraries: Standards and Expanding Use"
Sevcik, Chachra, and Brady "RFID in Libraries: Standards and Expanding Use"
National Information Standards Organization (NISO)
 
HTTP/3 for everyone
HTTP/3 for everyoneHTTP/3 for everyone
HTTP/3 for everyone
Daniel Stenberg
 
Ipv6 tutorial
Ipv6 tutorialIpv6 tutorial
Ipv6 tutorial
Edress Oryakhail
 
Ipv6 tutorial
Ipv6 tutorialIpv6 tutorial
Ipv6 tutorialsaryu2011
 
IPsecurity.ppt
IPsecurity.pptIPsecurity.ppt
IPsecurity.ppt
ShineStar21
 
IPsecurity.ppt
IPsecurity.pptIPsecurity.ppt
IPsecurity.ppt
witscollege
 
IPsecurity (1).ppt
IPsecurity (1).pptIPsecurity (1).ppt
IPsecurity (1).ppt
ssuserec53e73
 
HTTP/3 is next generation HTTP
HTTP/3 is next generation HTTPHTTP/3 is next generation HTTP
HTTP/3 is next generation HTTP
Daniel Stenberg
 
Securing the Web without site-specific passwords
Securing the Web without site-specific passwordsSecuring the Web without site-specific passwords
Securing the Web without site-specific passwords
Francois Marier
 
Asterisk WebRTC frontier: make client SIP Phone with sipML5 and Janus Gateway
Asterisk WebRTC frontier: make client SIP Phone with sipML5 and Janus GatewayAsterisk WebRTC frontier: make client SIP Phone with sipML5 and Janus Gateway
Asterisk WebRTC frontier: make client SIP Phone with sipML5 and Janus Gateway
Alessandro Polidori
 
Cfgmgmtcamp 2023 — eBPF Superpowers
Cfgmgmtcamp 2023 — eBPF SuperpowersCfgmgmtcamp 2023 — eBPF Superpowers
Cfgmgmtcamp 2023 — eBPF Superpowers
Raphaël PINSON
 
HTTPS: What, Why and How (SmashingConf Freiburg, Sep 2015)
HTTPS: What, Why and How (SmashingConf Freiburg, Sep 2015)HTTPS: What, Why and How (SmashingConf Freiburg, Sep 2015)
HTTPS: What, Why and How (SmashingConf Freiburg, Sep 2015)
Guy Podjarny
 
Http3 fullstackfest-2019
Http3 fullstackfest-2019Http3 fullstackfest-2019
Http3 fullstackfest-2019
Daniel Stenberg
 
Profiling and optimizing go programs
Profiling and optimizing go programsProfiling and optimizing go programs
Profiling and optimizing go programs
Badoo Development
 
SnorGen User Guide 2.0
SnorGen User Guide 2.0SnorGen User Guide 2.0
SnorGen User Guide 2.0
Sungho Yoon
 
PLNOG16: Mix 2-in-1: IPv6 troubleshooting for helpdesks - and – DANE/DNSSE...
PLNOG16: Mix 2-in-1: IPv6 troubleshooting for helpdesks - and – DANE/DNSSE...PLNOG16: Mix 2-in-1: IPv6 troubleshooting for helpdesks - and – DANE/DNSSE...
PLNOG16: Mix 2-in-1: IPv6 troubleshooting for helpdesks - and – DANE/DNSSE...
PROIDEA
 

Similar to OpenPGP Message Format (20)

Programando o ESP8266 com Python
Programando o ESP8266 com PythonProgramando o ESP8266 com Python
Programando o ESP8266 com Python
 
Packet Sniffer
Packet Sniffer Packet Sniffer
Packet Sniffer
 
Sevcik, Chachra, and Brady "RFID in Libraries: Standards and Expanding Use"
Sevcik, Chachra, and Brady "RFID in Libraries: Standards and Expanding Use"Sevcik, Chachra, and Brady "RFID in Libraries: Standards and Expanding Use"
Sevcik, Chachra, and Brady "RFID in Libraries: Standards and Expanding Use"
 
HTTP/3 for everyone
HTTP/3 for everyoneHTTP/3 for everyone
HTTP/3 for everyone
 
IoT 2.pptx
IoT 2.pptxIoT 2.pptx
IoT 2.pptx
 
Ipv6 tutorial
Ipv6 tutorialIpv6 tutorial
Ipv6 tutorial
 
Ipv6 tutorial
Ipv6 tutorialIpv6 tutorial
Ipv6 tutorial
 
IPsecurity.ppt
IPsecurity.pptIPsecurity.ppt
IPsecurity.ppt
 
IPsecurity.ppt
IPsecurity.pptIPsecurity.ppt
IPsecurity.ppt
 
IPsecurity (1).ppt
IPsecurity (1).pptIPsecurity (1).ppt
IPsecurity (1).ppt
 
HTTP/3 is next generation HTTP
HTTP/3 is next generation HTTPHTTP/3 is next generation HTTP
HTTP/3 is next generation HTTP
 
SIP for geeks
SIP for geeksSIP for geeks
SIP for geeks
 
Securing the Web without site-specific passwords
Securing the Web without site-specific passwordsSecuring the Web without site-specific passwords
Securing the Web without site-specific passwords
 
Asterisk WebRTC frontier: make client SIP Phone with sipML5 and Janus Gateway
Asterisk WebRTC frontier: make client SIP Phone with sipML5 and Janus GatewayAsterisk WebRTC frontier: make client SIP Phone with sipML5 and Janus Gateway
Asterisk WebRTC frontier: make client SIP Phone with sipML5 and Janus Gateway
 
Cfgmgmtcamp 2023 — eBPF Superpowers
Cfgmgmtcamp 2023 — eBPF SuperpowersCfgmgmtcamp 2023 — eBPF Superpowers
Cfgmgmtcamp 2023 — eBPF Superpowers
 
HTTPS: What, Why and How (SmashingConf Freiburg, Sep 2015)
HTTPS: What, Why and How (SmashingConf Freiburg, Sep 2015)HTTPS: What, Why and How (SmashingConf Freiburg, Sep 2015)
HTTPS: What, Why and How (SmashingConf Freiburg, Sep 2015)
 
Http3 fullstackfest-2019
Http3 fullstackfest-2019Http3 fullstackfest-2019
Http3 fullstackfest-2019
 
Profiling and optimizing go programs
Profiling and optimizing go programsProfiling and optimizing go programs
Profiling and optimizing go programs
 
SnorGen User Guide 2.0
SnorGen User Guide 2.0SnorGen User Guide 2.0
SnorGen User Guide 2.0
 
PLNOG16: Mix 2-in-1: IPv6 troubleshooting for helpdesks - and – DANE/DNSSE...
PLNOG16: Mix 2-in-1: IPv6 troubleshooting for helpdesks - and – DANE/DNSSE...PLNOG16: Mix 2-in-1: IPv6 troubleshooting for helpdesks - and – DANE/DNSSE...
PLNOG16: Mix 2-in-1: IPv6 troubleshooting for helpdesks - and – DANE/DNSSE...
 

Recently uploaded

Enhancing Research Orchestration Capabilities at ORNL.pdf
Enhancing Research Orchestration Capabilities at ORNL.pdfEnhancing Research Orchestration Capabilities at ORNL.pdf
Enhancing Research Orchestration Capabilities at ORNL.pdf
Globus
 
OpenFOAM solver for Helmholtz equation, helmholtzFoam / helmholtzBubbleFoam
OpenFOAM solver for Helmholtz equation, helmholtzFoam / helmholtzBubbleFoamOpenFOAM solver for Helmholtz equation, helmholtzFoam / helmholtzBubbleFoam
OpenFOAM solver for Helmholtz equation, helmholtzFoam / helmholtzBubbleFoam
takuyayamamoto1800
 
Understanding Globus Data Transfers with NetSage
Understanding Globus Data Transfers with NetSageUnderstanding Globus Data Transfers with NetSage
Understanding Globus Data Transfers with NetSage
Globus
 
Innovating Inference - Remote Triggering of Large Language Models on HPC Clus...
Innovating Inference - Remote Triggering of Large Language Models on HPC Clus...Innovating Inference - Remote Triggering of Large Language Models on HPC Clus...
Innovating Inference - Remote Triggering of Large Language Models on HPC Clus...
Globus
 
A Comprehensive Look at Generative AI in Retail App Testing.pdf
A Comprehensive Look at Generative AI in Retail App Testing.pdfA Comprehensive Look at Generative AI in Retail App Testing.pdf
A Comprehensive Look at Generative AI in Retail App Testing.pdf
kalichargn70th171
 
Orion Context Broker introduction 20240604
Orion Context Broker introduction 20240604Orion Context Broker introduction 20240604
Orion Context Broker introduction 20240604
Fermin Galan
 
Using IESVE for Room Loads Analysis - Australia & New Zealand
Using IESVE for Room Loads Analysis - Australia & New ZealandUsing IESVE for Room Loads Analysis - Australia & New Zealand
Using IESVE for Room Loads Analysis - Australia & New Zealand
IES VE
 
Providing Globus Services to Users of JASMIN for Environmental Data Analysis
Providing Globus Services to Users of JASMIN for Environmental Data AnalysisProviding Globus Services to Users of JASMIN for Environmental Data Analysis
Providing Globus Services to Users of JASMIN for Environmental Data Analysis
Globus
 
Prosigns: Transforming Business with Tailored Technology Solutions
Prosigns: Transforming Business with Tailored Technology SolutionsProsigns: Transforming Business with Tailored Technology Solutions
Prosigns: Transforming Business with Tailored Technology Solutions
Prosigns
 
Large Language Models and the End of Programming
Large Language Models and the End of ProgrammingLarge Language Models and the End of Programming
Large Language Models and the End of Programming
Matt Welsh
 
Accelerate Enterprise Software Engineering with Platformless
Accelerate Enterprise Software Engineering with PlatformlessAccelerate Enterprise Software Engineering with Platformless
Accelerate Enterprise Software Engineering with Platformless
WSO2
 
Graphic Design Crash Course for beginners
Graphic Design Crash Course for beginnersGraphic Design Crash Course for beginners
Graphic Design Crash Course for beginners
e20449
 
Lecture 1 Introduction to games development
Lecture 1 Introduction to games developmentLecture 1 Introduction to games development
Lecture 1 Introduction to games development
abdulrafaychaudhry
 
Quarkus Hidden and Forbidden Extensions
Quarkus Hidden and Forbidden ExtensionsQuarkus Hidden and Forbidden Extensions
Quarkus Hidden and Forbidden Extensions
Max Andersen
 
TROUBLESHOOTING 9 TYPES OF OUTOFMEMORYERROR
TROUBLESHOOTING 9 TYPES OF OUTOFMEMORYERRORTROUBLESHOOTING 9 TYPES OF OUTOFMEMORYERROR
TROUBLESHOOTING 9 TYPES OF OUTOFMEMORYERROR
Tier1 app
 
AI Pilot Review: The World’s First Virtual Assistant Marketing Suite
AI Pilot Review: The World’s First Virtual Assistant Marketing SuiteAI Pilot Review: The World’s First Virtual Assistant Marketing Suite
AI Pilot Review: The World’s First Virtual Assistant Marketing Suite
Google
 
In 2015, I used to write extensions for Joomla, WordPress, phpBB3, etc and I ...
In 2015, I used to write extensions for Joomla, WordPress, phpBB3, etc and I ...In 2015, I used to write extensions for Joomla, WordPress, phpBB3, etc and I ...
In 2015, I used to write extensions for Joomla, WordPress, phpBB3, etc and I ...
Juraj Vysvader
 
BoxLang: Review our Visionary Licenses of 2024
BoxLang: Review our Visionary Licenses of 2024BoxLang: Review our Visionary Licenses of 2024
BoxLang: Review our Visionary Licenses of 2024
Ortus Solutions, Corp
 
top nidhi software solution freedownload
top nidhi software solution freedownloadtop nidhi software solution freedownload
top nidhi software solution freedownload
vrstrong314
 
A Sighting of filterA in Typelevel Rite of Passage
A Sighting of filterA in Typelevel Rite of PassageA Sighting of filterA in Typelevel Rite of Passage
A Sighting of filterA in Typelevel Rite of Passage
Philip Schwarz
 

Recently uploaded (20)

Enhancing Research Orchestration Capabilities at ORNL.pdf
Enhancing Research Orchestration Capabilities at ORNL.pdfEnhancing Research Orchestration Capabilities at ORNL.pdf
Enhancing Research Orchestration Capabilities at ORNL.pdf
 
OpenFOAM solver for Helmholtz equation, helmholtzFoam / helmholtzBubbleFoam
OpenFOAM solver for Helmholtz equation, helmholtzFoam / helmholtzBubbleFoamOpenFOAM solver for Helmholtz equation, helmholtzFoam / helmholtzBubbleFoam
OpenFOAM solver for Helmholtz equation, helmholtzFoam / helmholtzBubbleFoam
 
Understanding Globus Data Transfers with NetSage
Understanding Globus Data Transfers with NetSageUnderstanding Globus Data Transfers with NetSage
Understanding Globus Data Transfers with NetSage
 
Innovating Inference - Remote Triggering of Large Language Models on HPC Clus...
Innovating Inference - Remote Triggering of Large Language Models on HPC Clus...Innovating Inference - Remote Triggering of Large Language Models on HPC Clus...
Innovating Inference - Remote Triggering of Large Language Models on HPC Clus...
 
A Comprehensive Look at Generative AI in Retail App Testing.pdf
A Comprehensive Look at Generative AI in Retail App Testing.pdfA Comprehensive Look at Generative AI in Retail App Testing.pdf
A Comprehensive Look at Generative AI in Retail App Testing.pdf
 
Orion Context Broker introduction 20240604
Orion Context Broker introduction 20240604Orion Context Broker introduction 20240604
Orion Context Broker introduction 20240604
 
Using IESVE for Room Loads Analysis - Australia & New Zealand
Using IESVE for Room Loads Analysis - Australia & New ZealandUsing IESVE for Room Loads Analysis - Australia & New Zealand
Using IESVE for Room Loads Analysis - Australia & New Zealand
 
Providing Globus Services to Users of JASMIN for Environmental Data Analysis
Providing Globus Services to Users of JASMIN for Environmental Data AnalysisProviding Globus Services to Users of JASMIN for Environmental Data Analysis
Providing Globus Services to Users of JASMIN for Environmental Data Analysis
 
Prosigns: Transforming Business with Tailored Technology Solutions
Prosigns: Transforming Business with Tailored Technology SolutionsProsigns: Transforming Business with Tailored Technology Solutions
Prosigns: Transforming Business with Tailored Technology Solutions
 
Large Language Models and the End of Programming
Large Language Models and the End of ProgrammingLarge Language Models and the End of Programming
Large Language Models and the End of Programming
 
Accelerate Enterprise Software Engineering with Platformless
Accelerate Enterprise Software Engineering with PlatformlessAccelerate Enterprise Software Engineering with Platformless
Accelerate Enterprise Software Engineering with Platformless
 
Graphic Design Crash Course for beginners
Graphic Design Crash Course for beginnersGraphic Design Crash Course for beginners
Graphic Design Crash Course for beginners
 
Lecture 1 Introduction to games development
Lecture 1 Introduction to games developmentLecture 1 Introduction to games development
Lecture 1 Introduction to games development
 
Quarkus Hidden and Forbidden Extensions
Quarkus Hidden and Forbidden ExtensionsQuarkus Hidden and Forbidden Extensions
Quarkus Hidden and Forbidden Extensions
 
TROUBLESHOOTING 9 TYPES OF OUTOFMEMORYERROR
TROUBLESHOOTING 9 TYPES OF OUTOFMEMORYERRORTROUBLESHOOTING 9 TYPES OF OUTOFMEMORYERROR
TROUBLESHOOTING 9 TYPES OF OUTOFMEMORYERROR
 
AI Pilot Review: The World’s First Virtual Assistant Marketing Suite
AI Pilot Review: The World’s First Virtual Assistant Marketing SuiteAI Pilot Review: The World’s First Virtual Assistant Marketing Suite
AI Pilot Review: The World’s First Virtual Assistant Marketing Suite
 
In 2015, I used to write extensions for Joomla, WordPress, phpBB3, etc and I ...
In 2015, I used to write extensions for Joomla, WordPress, phpBB3, etc and I ...In 2015, I used to write extensions for Joomla, WordPress, phpBB3, etc and I ...
In 2015, I used to write extensions for Joomla, WordPress, phpBB3, etc and I ...
 
BoxLang: Review our Visionary Licenses of 2024
BoxLang: Review our Visionary Licenses of 2024BoxLang: Review our Visionary Licenses of 2024
BoxLang: Review our Visionary Licenses of 2024
 
top nidhi software solution freedownload
top nidhi software solution freedownloadtop nidhi software solution freedownload
top nidhi software solution freedownload
 
A Sighting of filterA in Typelevel Rite of Passage
A Sighting of filterA in Typelevel Rite of PassageA Sighting of filterA in Typelevel Rite of Passage
A Sighting of filterA in Typelevel Rite of Passage
 

OpenPGP Message Format

  • 1. Java Privacy Guard An Implementation of the OpenPGP Message Format in Java Stefan More, Advisor: Dieter Bratko, Peter Lipp June 13, 2014
  • 2. Overview 1. Problem Statement 2. openPGP 3. Java Privacy Guard 4. Summary & Outlook Stefan More, Bakk@IAIK 2 June 13, 2014
  • 3.
  • 4.
  • 5.
  • 6. Problem Statement Message Confidentiality Message Integrity Sender Authentication Anonymity End to End Stefan More, Bakk@IAIK 4 June 13, 2014
  • 7. openPGP Stefan More, Bakk@IAIK 5 June 13, 2014
  • 8. PGP History Pretty Good Privacy 1991: PGP created by Phil Zimmermann most widely used email encryption software [6] 1998: PGP 5 standardized: openPGP (RFC 4880) 2010: PGP assets sold to Symantec for $ 300.000.000 (Enterprise Security) Stefan More, Bakk@IAIK 6 June 13, 2014
  • 9. Standard: openPGP (RFC 4880 etc.) Implementations: PGP (Zimmermann, Symantec) GnuPG / GPG (GNU) APG (Android) End-to-End (Google Chrome) Bouncycastle (Java) Java Privacy Guard (IAIK-JCE) Stefan More, Bakk@IAIK 7 June 13, 2014
  • 10. openPGP Combines Symmetric-Key Cryptography and Public-Key Cryptography + Hashing + Data Compression + Trust Model Stefan More, Bakk@IAIK 8 June 13, 2014
  • 11. Revisiting Problem Statement Message Confidentiality: Encryption Message Integrity: Digital Signatures Sender Authentication: Web Of Trust Anonymity? Tor, I2P, . . . Stefan More, Bakk@IAIK 9 June 13, 2014
  • 12. De-/Encryption Encrypt Data with Random Symmetric-Key, encrypt Symmetric-Key with Public-Key Multiple Receiver: Encrypt Data only once Symmetric Cipher: AES, IDEA, 3DES, CAST5, . . . Keysize 112 bits [7] Public-Key Cipher: RSA, ElGamal Keysize 2048 bits [7] Stefan More, Bakk@IAIK 10 June 13, 2014
  • 13. Stefan More, Bakk@IAIK 11 June 13, 2014
  • 14. Stefan More, Bakk@IAIK 11 June 13, 2014
  • 15. Stefan More, Bakk@IAIK 11 June 13, 2014
  • 16. Stefan More, Bakk@IAIK 11 June 13, 2014
  • 17. Digital Signatures Hash Message Body Sign Hash with Private Key Sign Other Keys (! Trust Model) Hash Algorithms: SHA-2, SHA-1, RIPE-MD/160, MD5 Signature Algorithms: RSA, DSA Stefan More, Bakk@IAIK 12 June 13, 2014
  • 18. Web Of Trust Decentralized Trust Model (Can be centralized) No Certificate Authority Transitive Trust Pathfinder: pgp.cs.uu.nl/doc/faq.html Key-Set Analysis: pgp.cs.uu.nl/plot Stefan More, Bakk@IAIK 13 June 13, 2014
  • 19. Java Privacy Guard openPGP in Java using IAIK-JCE Stefan More, Bakk@IAIK 14 June 13, 2014
  • 20. Java Privacy Guard Full Implementation of RFC 4880 (not yet) Compatibility to other PGP Implementations Simple API Extended API Key Management Crypto provided by JCA (default: IAIK-JCE) Stefan More, Bakk@IAIK 15 June 13, 2014
  • 21. openPGP Structure Packets: Internal Structure Contain actual Data (+ Metadata) Transferable: Consists Packets Message, Keys, Signature, Keyring, . . . Stefan More, Bakk@IAIK 16 June 13, 2014
  • 22. ----- BEGIN PGP MESSAGE ----- Comment : GPGTools - http :// gpgtools .org hQIOA5v3tWTQmvtJEAf / QPf5FuQMZpG + cKylmm819K2eoIv75nxTSk25tLwVkGMi IR0xOVCkTV + PNgi7aSbhNxBZ6dMJougl1cGx / XtKZ3bQ2gli5h + pxzGnRhTBzu2n BWh361unf42D9cIWV3ME + f18rZynp4EdBDk6NENdPiaV0odMdlxoDbPmrrdEzM5F ozjm6c9RJD7gDQ4KVfy13eiSX + MSgsbdMeDk0EgqwzczHl /5 ATWFMh3x + uDZ0mop 6 NXlX3rvzFoA9NkiDR0CDcYuTXspfDt6JJyDYRlgm4KEaBbP + Eh6rZK4vBIq / Bkj KK9ZwKZOtkljtMvGYWV9AD2CStOrP5lT7wFM / IAEAwf / RvAq6ixUhqjGExrcxc68 6 NB1Ka1zp4FfMYH9I3IKKQTjIVbgCqINil4hvaqUBdF7YXc / gS0skWKztqUqEKky BIW8pmKw0 + AIHuHQUtebSnd / y3LmQhlMj / WjnTEK2DeirU5e05YzKnSdZMRBDAEg GMFSs9gNgYBvrh1LQhXCdwwga05s5sOFPk4lRMAjm1eKjny74OpBv0Ze4UKWeG /4 DLhPAa5n0GZWVZ81UK5xeQEuWoH2BTtbUJ32yxFDrCFUNqRBJh67AiXQeT3gzkp7 cmjxdvSZLQd94mOChWvPAqxgG4w0SPSeJVaiDDVj0P24Lt + yHBSMOaxi3k7vWJwW moUCDAO1gB / YJnRgOQEP / iIX3 / GYPJvegETBEV8z8ug36TLlqx6VDK2B6wp7C9BB E0FfIKa6vVDmUt7FOtzHIfcu1by9U0NAt4IzIs8gO9P ++ vI72qwyjJmapkdJ6TOk w8pJn8sweV / rNT5NoYjhG10ErxtzhspQCykt8d3hx4mCoBxDYtJl6fDLceji / YJV 2 tI0 /0 I8wiKsl / EkO817 / BgjnLKQvVctqiHBlo5o4YxyxWycXVVdkctAtH4NWO0H dmr76stfCFPQTo24Fjd /1 fi8rIcHVJIv + yuEd1ZkBw / BibaCkBCseNXJUVsedEAC 0 rGcCCT56gQuGrzlmRbptvzgr2WQ + qYZJwmomZqeF4xP81A9rbWaDINr5 / slkRIZ ie9HV +6 krAaDJ9iEAJcK0yorkznFszW6 + uynljZ + sWn72Ff / UBVSktYF + J8zDISI e/6 NpeEvgL5EByrY / LEXeCzPjok3JCt7wZhqjdcrDJLveYfw2StGunxhfl33wRqx kBG0G49ba + v3fyOTSqjlA5yekZ6YkQJaQIfLCa1Guierw9oFKAENMx1xzfL4TJWW RGx54xBUmMblZPVIDgE5cWVqmaZoRH5SvlEQEi9lW8yuGVvdJfdLHdPsRSxRPwz4 fDHfpYLYM9Kj5My3inYd9NmIvWoFTFgHJuy3B3pd4pPXLxjgA + Qo3ncCneQkluDe ySG6c8b + hCyl9b4S / qBnzPumxCVZ1FUvubuAboMgGno0hd8 = =2 IUj -----END PGP MESSAGE ----- Stefan More, Bakk@IAIK 17 June 13, 2014
  • 23. tag: Public-Key Encrypted Session Key Packet length: 526 version: 3 keyId: “9BF7B564D09AFB49” publicKeyAlgorithm: “Elgamal (Encrypt-Only)” encryptedSessionKey tag: Public-Key Encrypted Session Key Packet length: 524 version: 3 keyId: “B5801FD826746039” publicKeyAlgorithm: “RSA (Encrypt or Sign)” encryptedSessionKey tag: Symmetrically Encrypted Data Packet length: 33 Encrypted Data Stefan More, Bakk@IAIK 18 June 13, 2014
  • 24. Load Decrypt PGP Message IAIK . addAsProvider ( ) ; PGPMessage pgpMessage = parseMessage ( i s1 ) ; PGPPrivateKey pr ivKey = parsePr ivatekey ( i s2 ) ; PGPCipher c ipher = new PGPCipher ( ) ; c ipher . i n i t ( PGPCipher .DECRYPT MODE, pr i v key ) ; byte [ ] c l e a r t e x t = c ipher . doFinal ( pgpmessage ) ; Stefan More, Bakk@IAIK 19 June 13, 2014
  • 25. Summary Studied RFC 4880 IAIK-JCE Implemented: Reading ASCII-Armor (Base 64 + CRC24) Parsing PGP Message Objects (Packets) Key Management (Simple Keychain) Message Decryption (RSA ElGamal) Signature Validation (RSA DSA) Decompression Stefan More, Bakk@IAIK 20 June 13, 2014
  • 26. Outlook / Future Research Message Encryption and Signature Validation Missing parts of RFC 4880 (Partial body length, . . . ) RFC 6637: ECC Keyservers? Stefan More, Bakk@IAIK 21 June 13, 2014
  • 27. Thank You for Your Attention Questions? Remarks? Stefan More, Bakk@IAIK 22 June 13, 2014
  • 28. [1] Laura Poitras https://commons.wikimedia.org/wiki/File:Edward_Snowden-2.jpg [2] Glenn Greenwald https://en.wikipedia.org/wiki/File: Glenn_greenwald_portrait_transparent.png [3] Katy Scoggin https://commons.wikimedia.org/wiki/File:Laura_Poitras_2014.jpg [4] Regionales RechenZentrum Erlangen https://commons.wikimedia.org/wiki/Category:RRZE-Icon-Set [5] The Opte Project http://www.opte.org/the-internet [6] http://www.philzimmermann.com/EN/background/index.html [7] Recommendation for Key Management, Special Publication 800-57 Part 1 Rev. 3, NIST, 07/2012. http://www.keylength.com/en/4/ [8] http://cirw.in/gpg-decoder Stefan More, Bakk@IAIK 23 June 13, 2014
  • 29. Oracle and Java are registered trademarks of Oracle and/or its affiliates. Google and Chrome are registered trademarks of Google and/or its affiliates. Other names may be trademarks of their respective owners. Stefan More, Bakk@IAIK 24 June 13, 2014