PB
Uploaded byPunnya Babu
PPTX, PDF441 views

Pretty good privacy

PGP (Pretty Good Privacy) is an open source encryption software that provides security mechanisms like authentication, confidentiality, compression, and email compatibility. It uses strong cryptographic algorithms like IDEA, RSA, and SHA-1. PGP protects messages by signing them with the sender's private key, encrypting them with a random symmetric key, and encrypting that key with the recipient's public key. This ensures message integrity and confidentiality. Compression is applied before encryption to save space. Radix-64 encoding allows encrypted messages to be transmitted over email. PGP's features help secure email communications and stored files from unauthorized access.

Embed presentation

Download to read offline
PRETTY GOOD PRIVACY from CNS Presented by, Punnya sureshbabu
PGP • PGP was invented by Phil Zimmermann. • Used to provide Email with privacy. • It is an open source. • ƒBased on strong cryptographic algorithms (IDEA, RSA, SHA-1).
Scenarios • Plaintext • Message integrity • Compression • Confidentiality with one-time session key • Code conversion • Segmentation
Plaintext • Simplest scenario. • There is no message integrity. • Sender compose the message and send it to the receiver. • The message stored in receivers mailbox, until it is received by him.
Message integrity • Sender create a message and ends with her private key. • When receiver receives the message, he get the message by using senders public key. Compression • Compress the message. • No security benefits. • Easy to send.
Confidentiality with one-time session key • First sender create session key. • Using this session key , sender encrypt the message. • Then send the message with the key to the receiver. • Receiver receive the package. • He encrypt the session key using his private key. • Receiver use the session key to encrypt the message. • After decrypt the message, receiver create a digest of the message and check. • If both are equal, then the message is authentic.
Code conversion • Most email message consist of ASCII characters. • To translate the characters PGP uses Radix-64 conversion. Segmentation • Maximum message length restrictions in email. • PGP automatically subdivides a large message into segments small enough to mail separately.
Services provide by PGP • Authentication • Confidentiality • Compression • E-mail compatibility
Authentication • The sender creates a message. • SHA-1 is used to generate a 160-bit hash code of the message. • The hash code is encrypted with RSA using the sender’s private key, and the result is pretended to the message. • The receiver uses RSA with the sender’s public key to decrypt and recover the hash code. • The receiver generates a new hash code for the message and compares it with the decrypted hash code. If the two match, the message is accepted as authentic.
Confidentiality • PGP another service is confidentiality, which is encrypting messages for transmitting or to store files locally. • In both cases, the symmetric encryption algorithm CAST-128 may be used. Alternatively, IDEA or 3DES may be used. And the 64-bit cipher feedback (CFB) mode is used. • In PGP, each symmetric key is used only once. The session key is bound to the message. To protect the key, it is encrypted with the receiver’s public key.
• The sender generates a message and a random 128-bit number to be used as a session key for this message only. • The message is encrypted using CAST-128 (or IDEA or 3DES) with the session key. • The session key is encrypted with RSA using the recipient’s public key and is prepended to the message. • The receiver uses RSA with its private key to decrypt and recover the session key. 5. The session key is used to decrypt the message.
Notations EP – Public key encryption(use either public key of receiver or private key of sender) DP – Public key decryption(we have to check for the encryption process which key is used at the encryption so the other key should be used in the decryption. EC – conventional encryption.(symmetric encryption same key used by ender and receiver) DC – Conventional decryption. H – Hash function/ hash code Z – zip (compression) KS – secret key used in conventional encryption.
Combine Authentication & Confidentiality • First, a signature is generated for the plaintext message and prepended to the message. Then the plaintext message plus signature is encrypted using CAST-128 (or IDEA or 3DES), and the session key is encrypted using RSA (or ElGamal). • In summary, when both services are used, the sender first signs the message with its own private key, then encrypts the message with a session key, and finally encrypts the session key with the recipient’s public key.
• FOR ACHIEVING AUTHENTICATION DSS approach with SHA alg or RSA with SHA alg • FOR ACHIEVING THE CONFIDENTIALITY CAST/IDEA/TRIPLE DES with DIFFIE HELLMAN KEY EXCHANGE
Compression • PGP compresses the message after applying the signature but before encryption. This has the benefit of saving space both for e-mail transmission and for file storage. • Z for compression and Z–1 for decompression The signature is generated before compression for two reasons: • It is preferable to sign an uncompressed message so that one can store only the uncompressed message together with the signature for future verification. • If you generate signature after compression then there is a need recompression for message verification, PGP’s compression algorithm presents a difficulty. • Message encryption is applied after compression to strengthen cryptographic security. Therefore cryptanalysis is more difficult. • The compression algorithm used here is ZIP Algorithm
E-mail compatibility • The resulting message block consists of a stream of arbitrary 8-bit octets. • However, many electronic mail systems only permit the use of blocks consisting of ASCII text. • To accommodate this restriction, PGP provides the service of converting the raw 8-bit binary stream to a stream of printable ASCII characters. • The scheme used for this purpose is radix-64 conversion. Each group of three octets of binary data is mapped into four ASCII characters. This format also appends a CRC to detect transmission errors. • The use of radix 64 expands a message by 33%. Fortunately, the session key and signature portions of the message are relatively compact, and the plaintext message has been compressed. • In fact, the compression should be more than enough to compensate for the radix-64 expansion.
ADVANTAGES OF PGP • Your valuable information is always protected, others cannot view it, and it cannot be stolen over the Internet . • No compatibility problems - works with any email application that you or your recipients are using . • Verification of the sender of information ensures you are not being spoofed by a third party. • Absolute assurity that the information you send or receive has not been modified in transit. • Your secure mail and text cannot be infiltrated by hackers or infected and mis-used by email attacks
DISADVANTAGES OF PGP • Administering conflicting versions. • Compatibility issues. • Complexity. • No recovery.
Thankyou

More Related Content

PPTX
Cryptography.ppt
bykusum sharma
 
PPTX
MAC-Message Authentication Codes
byDarshanPatil82
 
PDF
symmetric key encryption algorithms
byRashmi Burugupalli
 
PDF
CRYPTOGRAPHY AND NETWORK SECURITY
byKathirvel Ayyaswamy
 
PPTX
key management in cryptography and network security
bySri Latha
 
PPTX
Topic1 substitution transposition-techniques
byMdFazleRabbi18
 
PPTX
substitution and transposition techniques_ppt.pptx
byGauriBornare1
 
PDF
2. public key cryptography and RSA
byDr.Florence Dayana
 
Cryptography.ppt
bykusum sharma
 
MAC-Message Authentication Codes
byDarshanPatil82
 
symmetric key encryption algorithms
byRashmi Burugupalli
 
CRYPTOGRAPHY AND NETWORK SECURITY
byKathirvel Ayyaswamy
 
key management in cryptography and network security
bySri Latha
 
Topic1 substitution transposition-techniques
byMdFazleRabbi18
 
substitution and transposition techniques_ppt.pptx
byGauriBornare1
 
2. public key cryptography and RSA
byDr.Florence Dayana
 

What's hot

PPTX
Public Key Cryptography
byGopal Sakarkar
 
PPT
Fundamentals of cryptography
byHossain Md Shakhawat
 
PPTX
Cryptography
byJens Patel
 
PPTX
Hash Function
bySiddharth Srivastava
 
PDF
Symmetric Cipher Model, Substitution techniques, Transposition techniques, St...
byJAINAM KAPADIYA
 
PPT
PUBLIC KEY ENCRYPTION
byraf_slide
 
PPTX
MapReduce Programming Model
byAdarshaDhakal
 
PDF
Introduction to Cryptography
bySeema Goel
 
PPTX
cryptography
byAbhijeet Singh
 
PPTX
Key Management and Distribution
bySyed Bahadur Shah
 
PPTX
CRYPTOGRAPHY & NETWORK SECURITY - unit 1
byRAMESHBABU311293
 
PPTX
Classical encryption techniques
byJanani S
 
PPTX
Key management and distribution
byRiya Choudhary
 
PPTX
Classical encryption techniques
byramya marichamy
 
PPT
key distribution in network security
bybabak danyal
 
PPT
Email Security : PGP & SMIME
byRohit Soni
 
PDF
MD-5 : Algorithm
bySahil Kureel
 
PPTX
Introduction to Cryptography
byMd. Afif Al Mamun
 
PPTX
Key management
bySujata Regoti
 
PPT
Authentication Protocols
byTrinity Dwarka
 
Public Key Cryptography
byGopal Sakarkar
 
Fundamentals of cryptography
byHossain Md Shakhawat
 
Cryptography
byJens Patel
 
Hash Function
bySiddharth Srivastava
 
Symmetric Cipher Model, Substitution techniques, Transposition techniques, St...
byJAINAM KAPADIYA
 
PUBLIC KEY ENCRYPTION
byraf_slide
 
MapReduce Programming Model
byAdarshaDhakal
 
Introduction to Cryptography
bySeema Goel
 
cryptography
byAbhijeet Singh
 
Key Management and Distribution
bySyed Bahadur Shah
 
CRYPTOGRAPHY & NETWORK SECURITY - unit 1
byRAMESHBABU311293
 
Classical encryption techniques
byJanani S
 
Key management and distribution
byRiya Choudhary
 
Classical encryption techniques
byramya marichamy
 
key distribution in network security
bybabak danyal
 
Email Security : PGP & SMIME
byRohit Soni
 
MD-5 : Algorithm
bySahil Kureel
 
Introduction to Cryptography
byMd. Afif Al Mamun
 
Key management
bySujata Regoti
 
Authentication Protocols
byTrinity Dwarka
 

Similar to Pretty good privacy

DOCX
Pgp
byAbhishek Kesharwani
 
DOCX
Pgp
byAbhishek Kesharwani
 
PDF
Email Security Pretty Good Privacy (PGP),Services Provided by PGP.pdf
byaryalmadhave123
 
PPTX
Pgp pretty good privacy
byPawan Arya
 
PPTX
Pgp1
bySanjeevsharma620
 
PPTX
E mail security
bySoumya Vijoy
 
DOCX
Unit 4
byVinod Kumar Gorrepati
 
PPT
PGP S/MIME
bySou Jana
 
PPT
CRYPTOGRAPHY_ENGG_CSE_III_YEAR_PGP_CNS.ppt
bySakethBhargavaRallap
 
PPT
Email security
byIndrajit Sreemany
 
PPTX
E-mail Security S/MIME PrettyGoodPrivacy
byDr.Manjunath Kotari
 
PPT
electronic mail security for authent.ppt
bynaghamallella
 
PPTX
Network security
bySVijaylakshmi
 
DOCX
network and cyber security
byShruthi Reddy
 
PPTX
Email sec11
byAthira Asakumar
 
PPT
PGP (1). in information security and data
bygallanandhini
 
PPT
Pgp
byReham Maher El-Safarini
 
PDF
M.FLORENCE DAYANA/electronic mail security.pdf
byDr.Florence Dayana
 
PPTX
Information and data security email security
byMazin Alwaaly
 
PDF
1682302951397_PGP.pdf
bygeorgejustymirobi1
 
Pgp
byAbhishek Kesharwani
 
Pgp
byAbhishek Kesharwani
 
Email Security Pretty Good Privacy (PGP),Services Provided by PGP.pdf
byaryalmadhave123
 
Pgp pretty good privacy
byPawan Arya
 
Pgp1
bySanjeevsharma620
 
E mail security
bySoumya Vijoy
 
Unit 4
byVinod Kumar Gorrepati
 
PGP S/MIME
bySou Jana
 
CRYPTOGRAPHY_ENGG_CSE_III_YEAR_PGP_CNS.ppt
bySakethBhargavaRallap
 
Email security
byIndrajit Sreemany
 
E-mail Security S/MIME PrettyGoodPrivacy
byDr.Manjunath Kotari
 
electronic mail security for authent.ppt
bynaghamallella
 
Network security
bySVijaylakshmi
 
network and cyber security
byShruthi Reddy
 
Email sec11
byAthira Asakumar
 
PGP (1). in information security and data
bygallanandhini
 
Pgp
byReham Maher El-Safarini
 
M.FLORENCE DAYANA/electronic mail security.pdf
byDr.Florence Dayana
 
Information and data security email security
byMazin Alwaaly
 
1682302951397_PGP.pdf
bygeorgejustymirobi1
 

Recently uploaded

PPTX
Overview of Unapproved Timeoff in Odoo 19
byCeline George
 
PDF
Types of Artificial Intelligence: Capabilities and Functionality Explained
byARTHIDEVARANIP
 
PPTX
special senses-eye, ear, nose, tongue.pptx
byAshish Umale
 
PDF
The Unique Wildlife of Ethiopia: From the Simien to the Bale Mountains
byfirtunagebremicheal
 
PDF
RPT FORM 1 English (2026 academic session) SMKTS.pdf
byWANAHMADAZIMIBINWANA
 
PPTX
Burnout_among_medical teachers_&_mentoring .pptx
byAhmadUzairQureshi
 
PPTX
How to Manage Scheduling Activities in Odoo 18 CRM
byCeline George
 
PPTX
How to create Article in Odoo 18 Knowledge App
byCeline George
 
PPTX
How to Create SMS Marketing Campaigns in Odoo 18
byCeline George
 
PPTX
Pneumonia, Social and Preventive Pharmacy .pptx
byVirat Ojha
 
PDF
Caribbean Examinations Council Literacy and Numeracy Standards
byCaribbean Examinations Council
 
PPTX
Exploring car engine oil and lubricants purpose and functions
bymjb77ny
 
PDF
BÀI GIẢNG POWERPOINT CHÍNH KHÓA PHIÊN BẢN AI TIẾNG ANH 6 CẢ NĂM, THEO TỪNG BÀ...
byNguyen Thanh Tu Collection
 
PDF
NCA New Family Orientation 2026 Dosemagen.pdf
bytimdosemagen1
 
PDF
McDowell Technical Community College Early Childhood Program Equitable Workfo...
byEducationNC
 
PDF
GIÁO ÁN KẾ HOẠCH BÀI DẠY NĂNG LỰC SỐ MÔN TIẾNG ANH LỚP 10 CẢ NĂM - GLOBAL SUC...
byNguyen Thanh Tu Collection
 
PDF
Problem Solving Agents in Artificial Intelligence with Examples and Water Jug...
byARTHIDEVARANIP
 
PDF
To synthesis and submit Benzamide synthesis.pdf
byPradeep Swarnkar
 
PDF
Geography unit 7-Population-Distribution`.pdf
byzerihunbrook7
 
PPTX
RECTAL IRRIGATION...................pptx
byAneetaSharma15
 
Overview of Unapproved Timeoff in Odoo 19
byCeline George
 
Types of Artificial Intelligence: Capabilities and Functionality Explained
byARTHIDEVARANIP
 
special senses-eye, ear, nose, tongue.pptx
byAshish Umale
 
The Unique Wildlife of Ethiopia: From the Simien to the Bale Mountains
byfirtunagebremicheal
 
RPT FORM 1 English (2026 academic session) SMKTS.pdf
byWANAHMADAZIMIBINWANA
 
Burnout_among_medical teachers_&_mentoring .pptx
byAhmadUzairQureshi
 
How to Manage Scheduling Activities in Odoo 18 CRM
byCeline George
 
How to create Article in Odoo 18 Knowledge App
byCeline George
 
How to Create SMS Marketing Campaigns in Odoo 18
byCeline George
 
Pneumonia, Social and Preventive Pharmacy .pptx
byVirat Ojha
 
Caribbean Examinations Council Literacy and Numeracy Standards
byCaribbean Examinations Council
 
Exploring car engine oil and lubricants purpose and functions
bymjb77ny
 
BÀI GIẢNG POWERPOINT CHÍNH KHÓA PHIÊN BẢN AI TIẾNG ANH 6 CẢ NĂM, THEO TỪNG BÀ...
byNguyen Thanh Tu Collection
 
NCA New Family Orientation 2026 Dosemagen.pdf
bytimdosemagen1
 
McDowell Technical Community College Early Childhood Program Equitable Workfo...
byEducationNC
 
GIÁO ÁN KẾ HOẠCH BÀI DẠY NĂNG LỰC SỐ MÔN TIẾNG ANH LỚP 10 CẢ NĂM - GLOBAL SUC...
byNguyen Thanh Tu Collection
 
Problem Solving Agents in Artificial Intelligence with Examples and Water Jug...
byARTHIDEVARANIP
 
To synthesis and submit Benzamide synthesis.pdf
byPradeep Swarnkar
 
Geography unit 7-Population-Distribution`.pdf
byzerihunbrook7
 
RECTAL IRRIGATION...................pptx
byAneetaSharma15
 

Pretty good privacy

  • 1.
    PRETTY GOOD PRIVACY fromCNS Presented by, Punnya sureshbabu
  • 2.
    PGP • PGP wasinvented by Phil Zimmermann. • Used to provide Email with privacy. • It is an open source. • ƒBased on strong cryptographic algorithms (IDEA, RSA, SHA-1).
  • 3.
    Scenarios • Plaintext • Messageintegrity • Compression • Confidentiality with one-time session key • Code conversion • Segmentation
  • 4.
    Plaintext • Simplest scenario. •There is no message integrity. • Sender compose the message and send it to the receiver. • The message stored in receivers mailbox, until it is received by him.
  • 5.
    Message integrity • Sendercreate a message and ends with her private key. • When receiver receives the message, he get the message by using senders public key. Compression • Compress the message. • No security benefits. • Easy to send.
  • 6.
    Confidentiality with one-timesession key • First sender create session key. • Using this session key , sender encrypt the message. • Then send the message with the key to the receiver. • Receiver receive the package. • He encrypt the session key using his private key. • Receiver use the session key to encrypt the message. • After decrypt the message, receiver create a digest of the message and check. • If both are equal, then the message is authentic.
  • 7.
    Code conversion • Mostemail message consist of ASCII characters. • To translate the characters PGP uses Radix-64 conversion. Segmentation • Maximum message length restrictions in email. • PGP automatically subdivides a large message into segments small enough to mail separately.
  • 8.
    Services provide byPGP • Authentication • Confidentiality • Compression • E-mail compatibility
  • 9.
    Authentication • The sendercreates a message. • SHA-1 is used to generate a 160-bit hash code of the message. • The hash code is encrypted with RSA using the sender’s private key, and the result is pretended to the message. • The receiver uses RSA with the sender’s public key to decrypt and recover the hash code. • The receiver generates a new hash code for the message and compares it with the decrypted hash code. If the two match, the message is accepted as authentic.
  • 11.
    Confidentiality • PGP anotherservice is confidentiality, which is encrypting messages for transmitting or to store files locally. • In both cases, the symmetric encryption algorithm CAST-128 may be used. Alternatively, IDEA or 3DES may be used. And the 64-bit cipher feedback (CFB) mode is used. • In PGP, each symmetric key is used only once. The session key is bound to the message. To protect the key, it is encrypted with the receiver’s public key.
  • 12.
    • The sendergenerates a message and a random 128-bit number to be used as a session key for this message only. • The message is encrypted using CAST-128 (or IDEA or 3DES) with the session key. • The session key is encrypted with RSA using the recipient’s public key and is prepended to the message. • The receiver uses RSA with its private key to decrypt and recover the session key. 5. The session key is used to decrypt the message.
  • 14.
    Notations EP – Publickey encryption(use either public key of receiver or private key of sender) DP – Public key decryption(we have to check for the encryption process which key is used at the encryption so the other key should be used in the decryption. EC – conventional encryption.(symmetric encryption same key used by ender and receiver) DC – Conventional decryption. H – Hash function/ hash code Z – zip (compression) KS – secret key used in conventional encryption.
  • 15.
    Combine Authentication & Confidentiality •First, a signature is generated for the plaintext message and prepended to the message. Then the plaintext message plus signature is encrypted using CAST-128 (or IDEA or 3DES), and the session key is encrypted using RSA (or ElGamal). • In summary, when both services are used, the sender first signs the message with its own private key, then encrypts the message with a session key, and finally encrypts the session key with the recipient’s public key.
  • 17.
    • FOR ACHIEVINGAUTHENTICATION DSS approach with SHA alg or RSA with SHA alg • FOR ACHIEVING THE CONFIDENTIALITY CAST/IDEA/TRIPLE DES with DIFFIE HELLMAN KEY EXCHANGE
  • 18.
    Compression • PGP compressesthe message after applying the signature but before encryption. This has the benefit of saving space both for e-mail transmission and for file storage. • Z for compression and Z–1 for decompression The signature is generated before compression for two reasons: • It is preferable to sign an uncompressed message so that one can store only the uncompressed message together with the signature for future verification. • If you generate signature after compression then there is a need recompression for message verification, PGP’s compression algorithm presents a difficulty. • Message encryption is applied after compression to strengthen cryptographic security. Therefore cryptanalysis is more difficult. • The compression algorithm used here is ZIP Algorithm
  • 19.
    E-mail compatibility • Theresulting message block consists of a stream of arbitrary 8-bit octets. • However, many electronic mail systems only permit the use of blocks consisting of ASCII text. • To accommodate this restriction, PGP provides the service of converting the raw 8-bit binary stream to a stream of printable ASCII characters. • The scheme used for this purpose is radix-64 conversion. Each group of three octets of binary data is mapped into four ASCII characters. This format also appends a CRC to detect transmission errors. • The use of radix 64 expands a message by 33%. Fortunately, the session key and signature portions of the message are relatively compact, and the plaintext message has been compressed. • In fact, the compression should be more than enough to compensate for the radix-64 expansion.
  • 21.
    ADVANTAGES OF PGP •Your valuable information is always protected, others cannot view it, and it cannot be stolen over the Internet . • No compatibility problems - works with any email application that you or your recipients are using . • Verification of the sender of information ensures you are not being spoofed by a third party. • Absolute assurity that the information you send or receive has not been modified in transit. • Your secure mail and text cannot be infiltrated by hackers or infected and mis-used by email attacks
  • 22.
    DISADVANTAGES OF PGP •Administering conflicting versions. • Compatibility issues. • Complexity. • No recovery.
  • 23.