SlideShare a Scribd company logo

PRETTY GOOD PRIVACY (PGP) AND S/MIME FOR EMAIL SECURITY

Download as PPT, PDF
S
Sou Jana

E-Mail Security Protocols

Engineering
1 of 37
PRETTY GOOD PRIVACY (PGP) Security for Electronic Email ~ S. Janani, AP/CSE
Contents • Introduction • Why PGP • Services
Problem • E-Mail Security
Everyone on the way can read it!! No Authentication. Everyone can pose as everyone Size Limit
There are two main schemes which are especially designed to provide confidentiality and authentication for electronic mail systems. These are: PGP (Pretty Good Privacy) S/MIME (Secure/Multipurpose Internet Mail Extension) 5
PGP • Developed by Phil Zimmerman in 1995. • Documentation and source code is freely available. • The package is independent of operating system and processor. • PGP does not rely on the “establishment” and it’s popularity and use have grown extensively since 1995. 6
Why PGP? •PGP combines the best available cryptographic algorithms to achieve secure e-mail communication. •It is assumed that all users are using public key cryptography and have generated a private/public key pair. •Either RSA (with RSA digital signatures) or El Gamal (with DSA) can be used. •All users also use a symmetric key system such as triple DES or Rijndael. 7
Services of PGP PGP offers 5 services: 1. Authentication – Digital Signature 2. Confidentiality – Symmetric Block Encryption 3. Compression - ZIP 4. E-mail compatibility – Radix 64 5. Segmentation 8
1. PGP Authentication This is a digital signature scheme with hashing. 1. Alice has (private/public) key pair (Ad/Ae) and she wants to send a digitally signed message m to Bob. 2. Alice hashes the message using SHA-1 to obtain SHA(m). 3. Alice encrypts the hash using her private key Ad to obtain ciphertext c given c=pk.encryptAd(SHA(m)) 4. Alice sends Bob the pair (m,c) 5. Bob receives (m,c) and decrypts c using Alice's public key Ae to obtain signature s s=pk.decryptAe(c) 11
6. He computes the hash of m using SHA-1 and if this hash value is equal to s then the message is authenticated. Bob is sure that the message is correct and that is does come from Alice. Furthermore Alice cannot later deny sending the message since only Alice has access to her private key Ad which works in conjunction with the public key Ae. 12
2. PGP Confidentiality 1. Alice wishes to send Bob a confidential message m. 2. Alice generates a random session key k for a symmetric cryptosystem. 3. Alice encrypts k using Bob’s public key Be to get k’ = pk.encryptBe(k) 4. Alice encrypts the message m with the session key k to get ciphertext c c=sk.encryptk(m) 5. Alice sends Bob the values (k’,c) 6. Bob receives the values (k’,c) and decrypts k’ using his private key Bd to obtain k k=pk.decryptBd(k’) 14
7. Bob uses the session key k to decrypt the ciphertext c and recover the message m m=sk.decryptk(c) Public and symmetric key cryptosystems are combined in this way to provide security for key exchange and then efficiency for encryption. The session key k is used only to encrypt message m and is not stored for any length of time. 15
PGP Authenticaton and Confidentiality (at the same time) The schemes for authentication and confidentiality can be combined so that Alice can sign a confidential message which is encrypted before transmission. The steps required are as follows: 1. Alice generates a signature c for her message m as in the Authentication scheme c=pk.encryptAd(SHA(m)) 2. Alice generates a random session key k and encrypts the message m and the signature c using a symmetric cryptosystem to obtain ciphertext C=sk.encryptk(m,c) 3. She encrypts the session key k using Bob’s public key k’ = pk.encryptBe(k) 4. Alice sends Bob the values (k’,C) 17
5. Bob recieves k’ and C and decrypts k’ using his private key Bd to obtain the session key k k=pk.decryptBd(k’) 6. Bob decrypts the ciphertext C using the session key k to obtain m and c (m,c) = sk.decryptk(C) 7. Bob now has the message m. In order to authenticate it he uses Alice’s public key Ae to decrypt the signature c and hashes the message m using SHA-1. If SHA(m) = pk.decryptAe(c) Then the message is authenticated. 18
3. PGP Compression PGP can also compress the message if desired. The compression algorithm is ZIP and the decompression algorithm is UNZIP. 1. The original message m is signed as before to obtain c=pk.encryptAd(SHA(m)) 2. Now the original message m is compressed to obtain M=ZIP(m) 3. Alice generates a session key k and encrypts the compressed message and the signature using the session key C=sk.encryptk(M,c) 19
4. The session key is encrypted using Bob’s public key as before. 5. Alice sends Bob the encrypted session key and ciphertext C. 6. Bob decrypts the session key using his private key and then uses the session key to decrypt the ciphertext C to obtain M and c (M,c) = sk.decryptk(C) 7. Bob decompresses the message M to obtain the original message m m=UNZIP(M) 8. Now Bob has the original message m and signature c. He verifies the signature using SHA-1 and Alice’s public key as before. 20
4. PGP E-Mail Compatibility Many electronic mail systems can only transmit blocks of ASCII text. This can cause a problem when sending encrypted data since ciphertext blocks might not correspond to ASCII characters which can be transmitted. PGP overcomes this problem by using radix-64 conversion. 21
Radix-64 conversion Suppose the text to be encrypted has been converted into binary using ASCII coding and encrypted to give a ciphertext stream of binary. Radix-64 conversion maps arbitrary binary into printable characters as follows: 22
Radix-64 conversion 1. The binary input is split into blocks of 24 bits (3 bytes). 2. Each 24 block is then split into four sets each of 6- bits. 3. Each 6-bit set will then have a value between 0 and 26-1 (=63). 4. This value is encoded into a printable character. 23
24 6 bit value Character encoding 6 bit value Character encoding 6 bit value Character encoding 6 bit value Character encoding 0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 A B C D E F G H I J K L M N O P 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 Q R S T U V W X Y Z a b c d e f 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 g h i j k l m n o p q r s t u v 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 (pad) w x y z 0 1 2 3 4 5 6 7 8 9 + / =
5. PGP Segmentation Another constraint of e-mail is that there is usually a maximum message length. PGP automatically blocks an encrypted message into segments of an appropriate length. On receipt, the segments must be re-assembled before the decryption process. 25
Key Issues 1. Key Generation Recall that a new session key is required each time a message is encrypted. How are these keys generated? PGP uses the timing of key strokes and key patterns to generate random numbers. 26
So a PGP message might consist of: • Message component – the actual data to be transmitted + a filename + a timestamp; • Signature component – timestamp + hash of message and timestamp + first part of message (so user can check that they are decrypting correctly) + Key ID of sender’s public key • Session Key component – session key + key ID of recipient’s public key 29
S/MIME – RFC5322 • Defines a format for text messages that are sent using electronic mail • Messages are viewed as having an envelope and contents • The envelope contains whatever information is needed to accomplish transmission and delivery • The contents compose the object to be delivered to the recipient The content standard includes a set of header fields that may be used by the mail system to create the envelope
Elements of MIME
Table 19.3 MIME Transfer Encodings
Five Header Fields
Table 19.2 MIME Content Types Content Formats
S/MIME Functions • enveloped data • encrypted content and associated keys • signed data • encoded message + signed digest • clear-signed data • cleartext message + encoded signed digest • signed & enveloped data • nesting of signed & encrypted entities
S/MIME Cryptographic Algorithms • hash functions: SHA-1 & MD5 • digital signatures: DSS & RSA • session key encryption: ElGamal & RSA • message encryption: Triple-DES, RC2/40 and others • have a procedure to decide which algorithms to use
S/MIME Certificate Processing • S/MIME uses X.509 v3 certificates • managed using a hybrid of a strict X.509 CA hierarchy & PGP’s web of trust • each client has a list of trusted CA’s certs and own public/private key pairs & certs • certificates must be signed by trusted CA’s
Certificate Authorities • have several well-known CA’s • Verisign one of most widely used • Verisign issues several types of Digital IDs • with increasing levels of checks & hence trust Class Identity Checks Usage 1 name/email check web browsing/email 2+ enroll/addr check email, subs, s/w validate 3+ ID documents e-banking/service access
Summary • E-Mail Security – importance • PGP – Services • S/MIME - Functions

Recommended

Public Key Cryptosystem
Public Key CryptosystemPublic Key Cryptosystem
Public Key CryptosystemDevakumar Kp
 
Cryptography and network security
Cryptography and network securityCryptography and network security
Cryptography and network securitypatisa
 
5. message authentication and hash function
5. message authentication and hash function5. message authentication and hash function
5. message authentication and hash functionChirag Patel
 
Principles of public key cryptography and its Uses
Principles of public key cryptography and its UsesPrinciples of public key cryptography and its Uses
Principles of public key cryptography and its UsesMohsin Ali
 
2. public key cryptography and RSA
2. public key cryptography and RSA2. public key cryptography and RSA
2. public key cryptography and RSADr.Florence Dayana
 
RSA ALGORITHM
RSA ALGORITHMRSA ALGORITHM
RSA ALGORITHMSathish Kumar
 
symmetric key encryption algorithms
symmetric key encryption algorithms symmetric key encryption algorithms
symmetric key encryption algorithmsRashmi Burugupalli
 
CRYPTOGRAPHY AND NETWORK SECURITY
CRYPTOGRAPHY AND NETWORK SECURITYCRYPTOGRAPHY AND NETWORK SECURITY
CRYPTOGRAPHY AND NETWORK SECURITYKathirvel Ayyaswamy
 

Recommended

Public Key Cryptosystem
Public Key CryptosystemPublic Key Cryptosystem
Public Key CryptosystemDevakumar Kp
 
Cryptography and network security
Cryptography and network securityCryptography and network security
Cryptography and network securitypatisa
 
5. message authentication and hash function
5. message authentication and hash function5. message authentication and hash function
5. message authentication and hash functionChirag Patel
 
Principles of public key cryptography and its Uses
Principles of public key cryptography and its UsesPrinciples of public key cryptography and its Uses
Principles of public key cryptography and its UsesMohsin Ali
 
2. public key cryptography and RSA
2. public key cryptography and RSA2. public key cryptography and RSA
2. public key cryptography and RSADr.Florence Dayana
 
RSA ALGORITHM
RSA ALGORITHMRSA ALGORITHM
RSA ALGORITHMSathish Kumar
 
symmetric key encryption algorithms
symmetric key encryption algorithms symmetric key encryption algorithms
symmetric key encryption algorithmsRashmi Burugupalli
 
CRYPTOGRAPHY AND NETWORK SECURITY
CRYPTOGRAPHY AND NETWORK SECURITYCRYPTOGRAPHY AND NETWORK SECURITY
CRYPTOGRAPHY AND NETWORK SECURITYKathirvel Ayyaswamy
 
MAC-Message Authentication Codes
MAC-Message Authentication CodesMAC-Message Authentication Codes
MAC-Message Authentication CodesDarshanPatil82
 
Secure Socket Layer
Secure Socket LayerSecure Socket Layer
Secure Socket LayerNaveen Kumar
 
Diffie-hellman algorithm
Diffie-hellman algorithmDiffie-hellman algorithm
Diffie-hellman algorithmComputer_ at_home
 
Data Encryption Standard (DES)
Data Encryption Standard (DES)Data Encryption Standard (DES)
Data Encryption Standard (DES)Haris Ahmed
 
Double DES & Triple DES
Double DES & Triple DESDouble DES & Triple DES
Double DES & Triple DESHemant Sharma
 
Asymmetric Cryptography
Asymmetric CryptographyAsymmetric Cryptography
Asymmetric CryptographyUTD Computer Security Group
 
Electronic mail security
Electronic mail securityElectronic mail security
Electronic mail securityDr.Florence Dayana
 
Classical Encryption Techniques in Network Security
Classical Encryption Techniques in Network SecurityClassical Encryption Techniques in Network Security
Classical Encryption Techniques in Network Securitybabak danyal
 
Elliptic curve cryptography
Elliptic curve cryptographyElliptic curve cryptography
Elliptic curve cryptographyCysinfo Cyber Security Community
 
X.509 Certificates
X.509 CertificatesX.509 Certificates
X.509 CertificatesSou Jana
 
Symmetric & Asymmetric Cryptography
Symmetric & Asymmetric CryptographySymmetric & Asymmetric Cryptography
Symmetric & Asymmetric Cryptographychauhankapil
 
Symmetric and asymmetric key
Symmetric and asymmetric keySymmetric and asymmetric key
Symmetric and asymmetric keyTriad Square InfoSec
 
Modes of Operation
Modes of Operation Modes of Operation
Modes of Operation Showkot Usman
 
DES (Data Encryption Standard) pressentation
DES (Data Encryption Standard) pressentationDES (Data Encryption Standard) pressentation
DES (Data Encryption Standard) pressentationsarhadisoftengg
 
Security services and mechanisms
Security services and mechanismsSecurity services and mechanisms
Security services and mechanismsRajapriya82
 
Kerberos : An Authentication Application
Kerberos : An Authentication ApplicationKerberos : An Authentication Application
Kerberos : An Authentication ApplicationVidulatiwari
 
Cryptography.ppt
Cryptography.pptCryptography.ppt
Cryptography.pptUday Meena
 
Public Key Cryptography
Public Key CryptographyPublic Key Cryptography
Public Key CryptographyGopal Sakarkar
 
Key management
Key managementKey management
Key managementSujata Regoti
 
Pretty good privacy
Pretty good privacyPretty good privacy
Pretty good privacyPushkar Dutt
 
Network security cs9 10
Network security cs9 10Network security cs9 10
Network security cs9 10Infinity Tech Solutions
 
Email security
Email securityEmail security
Email securityMohammed Hilal
 

More Related Content

What's hot

MAC-Message Authentication Codes
MAC-Message Authentication CodesMAC-Message Authentication Codes
MAC-Message Authentication CodesDarshanPatil82
 
Secure Socket Layer
Secure Socket LayerSecure Socket Layer
Secure Socket LayerNaveen Kumar
 
Data Encryption Standard (DES)
Data Encryption Standard (DES)Data Encryption Standard (DES)
Data Encryption Standard (DES)Haris Ahmed
 
Double DES & Triple DES
Double DES & Triple DESDouble DES & Triple DES
Double DES & Triple DESHemant Sharma
 
Classical Encryption Techniques in Network Security
Classical Encryption Techniques in Network SecurityClassical Encryption Techniques in Network Security
Classical Encryption Techniques in Network Securitybabak danyal
 
X.509 Certificates
X.509 CertificatesX.509 Certificates
X.509 CertificatesSou Jana
 
Symmetric & Asymmetric Cryptography
Symmetric & Asymmetric CryptographySymmetric & Asymmetric Cryptography
Symmetric & Asymmetric Cryptographychauhankapil
 
DES (Data Encryption Standard) pressentation
DES (Data Encryption Standard) pressentationDES (Data Encryption Standard) pressentation
DES (Data Encryption Standard) pressentationsarhadisoftengg
 
Security services and mechanisms
Security services and mechanismsSecurity services and mechanisms
Security services and mechanismsRajapriya82
 
Kerberos : An Authentication Application
Kerberos : An Authentication ApplicationKerberos : An Authentication Application
Kerberos : An Authentication ApplicationVidulatiwari
 
Cryptography.ppt
Cryptography.pptCryptography.ppt
Cryptography.pptUday Meena
 
Public Key Cryptography
Public Key CryptographyPublic Key Cryptography
Public Key CryptographyGopal Sakarkar
 
Pretty good privacy
Pretty good privacyPretty good privacy
Pretty good privacyPushkar Dutt
 

What's hot (20)

MAC-Message Authentication Codes
MAC-Message Authentication CodesMAC-Message Authentication Codes
MAC-Message Authentication Codes
 
Secure Socket Layer
Secure Socket LayerSecure Socket Layer
Secure Socket Layer
 
Diffie-hellman algorithm
Diffie-hellman algorithmDiffie-hellman algorithm
Diffie-hellman algorithm
 
Data Encryption Standard (DES)
Data Encryption Standard (DES)Data Encryption Standard (DES)
Data Encryption Standard (DES)
 
Double DES & Triple DES
Double DES & Triple DESDouble DES & Triple DES
Double DES & Triple DES
 
Asymmetric Cryptography
Asymmetric CryptographyAsymmetric Cryptography
Asymmetric Cryptography
 
Electronic mail security
Electronic mail securityElectronic mail security
Electronic mail security
 
Classical Encryption Techniques in Network Security
Classical Encryption Techniques in Network SecurityClassical Encryption Techniques in Network Security
Classical Encryption Techniques in Network Security
 
Elliptic curve cryptography
Elliptic curve cryptographyElliptic curve cryptography
Elliptic curve cryptography
 
X.509 Certificates
X.509 CertificatesX.509 Certificates
X.509 Certificates
 
Symmetric & Asymmetric Cryptography
Symmetric & Asymmetric CryptographySymmetric & Asymmetric Cryptography
Symmetric & Asymmetric Cryptography
 
Symmetric and asymmetric key
Symmetric and asymmetric keySymmetric and asymmetric key
Symmetric and asymmetric key
 
Modes of Operation
Modes of Operation Modes of Operation
Modes of Operation
 
DES (Data Encryption Standard) pressentation
DES (Data Encryption Standard) pressentationDES (Data Encryption Standard) pressentation
DES (Data Encryption Standard) pressentation
 
Security services and mechanisms
Security services and mechanismsSecurity services and mechanisms
Security services and mechanisms
 
Kerberos : An Authentication Application
Kerberos : An Authentication ApplicationKerberos : An Authentication Application
Kerberos : An Authentication Application
 
Cryptography.ppt
Cryptography.pptCryptography.ppt
Cryptography.ppt
 
Public Key Cryptography
Public Key CryptographyPublic Key Cryptography
Public Key Cryptography
 
Key management
Key managementKey management
Key management
 
Pretty good privacy
Pretty good privacyPretty good privacy
Pretty good privacy
 

Similar to PRETTY GOOD PRIVACY (PGP) AND S/MIME FOR EMAIL SECURITY

Cryptography Key Management.pptx
Cryptography Key Management.pptxCryptography Key Management.pptx
Cryptography Key Management.pptxSurendraBasnet6
 
module 4_7th sem_ Electronic Mail Security.pptx
module 4_7th sem_ Electronic Mail Security.pptxmodule 4_7th sem_ Electronic Mail Security.pptx
module 4_7th sem_ Electronic Mail Security.pptxprateekPallav2
 
Pretty good privacy
Pretty good privacyPretty good privacy
Pretty good privacyPunnya Babu
 
5.3. Undercover communications
5.3. Undercover communications5.3. Undercover communications
5.3. Undercover communicationsdefconmoscow
 
PROTECTED CONTENT: END-TO-END PGP ENCRYPTION FOR DRUPAL
PROTECTED CONTENT: END-TO-END PGP ENCRYPTION FOR DRUPALPROTECTED CONTENT: END-TO-END PGP ENCRYPTION FOR DRUPAL
PROTECTED CONTENT: END-TO-END PGP ENCRYPTION FOR DRUPALDrupalCamp Kyiv
 
Pgp pretty good privacy
Pgp pretty good privacyPgp pretty good privacy
Pgp pretty good privacyPawan Arya
 
E-mail Security.ppt
E-mail Security.pptE-mail Security.ppt
E-mail Security.pptmaniklal123
 
Message Authentication and Hash Function.pdf
Message Authentication and Hash Function.pdfMessage Authentication and Hash Function.pdf
Message Authentication and Hash Function.pdfsunil sharma
 
CS6701 CRYPTOGRAPHY AND NETWORK SECURITY
CS6701 CRYPTOGRAPHY AND NETWORK SECURITYCS6701 CRYPTOGRAPHY AND NETWORK SECURITY
CS6701 CRYPTOGRAPHY AND NETWORK SECURITYKathirvel Ayyaswamy
 
BAIT1103 Chapter 5
BAIT1103 Chapter 5BAIT1103 Chapter 5
BAIT1103 Chapter 5limsh
 
Distribution of public keys and hmac
Distribution of public keys and hmacDistribution of public keys and hmac
Distribution of public keys and hmacanuragjagetiya
 

Similar to PRETTY GOOD PRIVACY (PGP) AND S/MIME FOR EMAIL SECURITY (20)

Network security cs9 10
Network security cs9 10Network security cs9 10
Network security cs9 10
 
Email security
Email securityEmail security
Email security
 
Cryptography Key Management.pptx
Cryptography Key Management.pptxCryptography Key Management.pptx
Cryptography Key Management.pptx
 
module 4_7th sem_ Electronic Mail Security.pptx
module 4_7th sem_ Electronic Mail Security.pptxmodule 4_7th sem_ Electronic Mail Security.pptx
module 4_7th sem_ Electronic Mail Security.pptx
 
Pretty good privacy
Pretty good privacyPretty good privacy
Pretty good privacy
 
5.3. Undercover communications
5.3. Undercover communications5.3. Undercover communications
5.3. Undercover communications
 
CS6004 CYBER FORENSICS
CS6004 CYBER FORENSICS CS6004 CYBER FORENSICS
CS6004 CYBER FORENSICS
 
PROTECTED CONTENT: END-TO-END PGP ENCRYPTION FOR DRUPAL
PROTECTED CONTENT: END-TO-END PGP ENCRYPTION FOR DRUPALPROTECTED CONTENT: END-TO-END PGP ENCRYPTION FOR DRUPAL
PROTECTED CONTENT: END-TO-END PGP ENCRYPTION FOR DRUPAL
 
Pgp1
Pgp1Pgp1
Pgp1
 
E mail security
E mail securityE mail security
E mail security
 
Pgp pretty good privacy
Pgp pretty good privacyPgp pretty good privacy
Pgp pretty good privacy
 
Security
Security Security
Security
 
E-mail Security.ppt
E-mail Security.pptE-mail Security.ppt
E-mail Security.ppt
 
MD5.pptx.pdf
MD5.pptx.pdfMD5.pptx.pdf
MD5.pptx.pdf
 
encryption and decryption
encryption and decryptionencryption and decryption
encryption and decryption
 
Message Authentication and Hash Function.pdf
Message Authentication and Hash Function.pdfMessage Authentication and Hash Function.pdf
Message Authentication and Hash Function.pdf
 
CS6701 CRYPTOGRAPHY AND NETWORK SECURITY
CS6701 CRYPTOGRAPHY AND NETWORK SECURITYCS6701 CRYPTOGRAPHY AND NETWORK SECURITY
CS6701 CRYPTOGRAPHY AND NETWORK SECURITY
 
Email sec11
Email sec11Email sec11
Email sec11
 
BAIT1103 Chapter 5
BAIT1103 Chapter 5BAIT1103 Chapter 5
BAIT1103 Chapter 5
 
Distribution of public keys and hmac
Distribution of public keys and hmacDistribution of public keys and hmac
Distribution of public keys and hmac
 

More from Sou Jana

UHV Self Management and Peer Pressure.pptx
UHV Self Management and Peer Pressure.pptxUHV Self Management and Peer Pressure.pptx
UHV Self Management and Peer Pressure.pptxSou Jana
 
Digital Signature Standard
Digital Signature StandardDigital Signature Standard
Digital Signature StandardSou Jana
 
Message Authentication Requirement-MAC
Message Authentication Requirement-MACMessage Authentication Requirement-MAC
Message Authentication Requirement-MACSou Jana
 
Elliptic Curve Cryptography
Elliptic Curve CryptographyElliptic Curve Cryptography
Elliptic Curve CryptographySou Jana
 
Elgamal Digital Signature
Elgamal Digital SignatureElgamal Digital Signature
Elgamal Digital SignatureSou Jana
 
Key management.ppt
Key management.pptKey management.ppt
Key management.pptSou Jana
 
Mathematics of Asymmetric cryptography
Mathematics of Asymmetric cryptographyMathematics of Asymmetric cryptography
Mathematics of Asymmetric cryptographySou Jana
 
RSA Algm.pptx
RSA Algm.pptxRSA Algm.pptx
RSA Algm.pptxSou Jana
 
Diffie Hellman.pptx
Diffie Hellman.pptxDiffie Hellman.pptx
Diffie Hellman.pptxSou Jana
 
Security Model
Security ModelSecurity Model
Security ModelSou Jana
 
Classical Encryption Techniques
Classical Encryption TechniquesClassical Encryption Techniques
Classical Encryption TechniquesSou Jana
 
Perfect Security
Perfect SecurityPerfect Security
Perfect SecuritySou Jana
 
Cryptanalysis
CryptanalysisCryptanalysis
CryptanalysisSou Jana
 
Information Theory
Information TheoryInformation Theory
Information TheorySou Jana
 
Product Cipher
Product CipherProduct Cipher
Product CipherSou Jana
 
Multicore and shared multi processor
Multicore and shared multi processorMulticore and shared multi processor
Multicore and shared multi processorSou Jana
 

More from Sou Jana (18)

UHV Self Management and Peer Pressure.pptx
UHV Self Management and Peer Pressure.pptxUHV Self Management and Peer Pressure.pptx
UHV Self Management and Peer Pressure.pptx
 
RC4.pptx
RC4.pptxRC4.pptx
RC4.pptx
 
Digital Signature Standard
Digital Signature StandardDigital Signature Standard
Digital Signature Standard
 
Message Authentication Requirement-MAC
Message Authentication Requirement-MACMessage Authentication Requirement-MAC
Message Authentication Requirement-MAC
 
Kerberos
KerberosKerberos
Kerberos
 
Elliptic Curve Cryptography
Elliptic Curve CryptographyElliptic Curve Cryptography
Elliptic Curve Cryptography
 
Elgamal Digital Signature
Elgamal Digital SignatureElgamal Digital Signature
Elgamal Digital Signature
 
Key management.ppt
Key management.pptKey management.ppt
Key management.ppt
 
Mathematics of Asymmetric cryptography
Mathematics of Asymmetric cryptographyMathematics of Asymmetric cryptography
Mathematics of Asymmetric cryptography
 
RSA Algm.pptx
RSA Algm.pptxRSA Algm.pptx
RSA Algm.pptx
 
Diffie Hellman.pptx
Diffie Hellman.pptxDiffie Hellman.pptx
Diffie Hellman.pptx
 
Security Model
Security ModelSecurity Model
Security Model
 
Classical Encryption Techniques
Classical Encryption TechniquesClassical Encryption Techniques
Classical Encryption Techniques
 
Perfect Security
Perfect SecurityPerfect Security
Perfect Security
 
Cryptanalysis
CryptanalysisCryptanalysis
Cryptanalysis
 
Information Theory
Information TheoryInformation Theory
Information Theory
 
Product Cipher
Product CipherProduct Cipher
Product Cipher
 
Multicore and shared multi processor
Multicore and shared multi processorMulticore and shared multi processor
Multicore and shared multi processor
 

Recently uploaded

Sachpazis Costas: Geotechnical Engineering: A student's Perspective Introduction
Sachpazis Costas: Geotechnical Engineering: A student's Perspective IntroductionSachpazis Costas: Geotechnical Engineering: A student's Perspective Introduction
Sachpazis Costas: Geotechnical Engineering: A student's Perspective IntroductionDr.Costas Sachpazis
 
ZXCTN 5804 / ZTE PTN / ZTE POTN / ZTE 5804 PTN / ZTE POTN 5804 ( 100/200 GE Z...
ZXCTN 5804 / ZTE PTN / ZTE POTN / ZTE 5804 PTN / ZTE POTN 5804 ( 100/200 GE Z...ZXCTN 5804 / ZTE PTN / ZTE POTN / ZTE 5804 PTN / ZTE POTN 5804 ( 100/200 GE Z...
ZXCTN 5804 / ZTE PTN / ZTE POTN / ZTE 5804 PTN / ZTE POTN 5804 ( 100/200 GE Z...ZTE
 
Gfe Mayur Vihar Call Girls Service WhatsApp -> 9999965857 Available 24x7 ^ De...
Gfe Mayur Vihar Call Girls Service WhatsApp -> 9999965857 Available 24x7 ^ De...Gfe Mayur Vihar Call Girls Service WhatsApp -> 9999965857 Available 24x7 ^ De...
Gfe Mayur Vihar Call Girls Service WhatsApp -> 9999965857 Available 24x7 ^ De...srsj9000
 
power system scada applications and uses
power system scada applications and usespower system scada applications and uses
power system scada applications and usesDevarapalliHaritha
 
High Profile Call Girls Nagpur Isha Call 7001035870 Meet With Nagpur Escorts
High Profile Call Girls Nagpur Isha Call 7001035870 Meet With Nagpur EscortsHigh Profile Call Girls Nagpur Isha Call 7001035870 Meet With Nagpur Escorts
High Profile Call Girls Nagpur Isha Call 7001035870 Meet With Nagpur Escortsranjana rawat
 
Call Girls Delhi {Jodhpur} 9711199012 high profile service
Call Girls Delhi {Jodhpur} 9711199012 high profile serviceCall Girls Delhi {Jodhpur} 9711199012 high profile service
Call Girls Delhi {Jodhpur} 9711199012 high profile servicerehmti665
 
(MEERA) Dapodi Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Escorts
(MEERA) Dapodi Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Escorts(MEERA) Dapodi Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Escorts
(MEERA) Dapodi Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Escortsranjana rawat
 
VICTOR MAESTRE RAMIREZ - Planetary Defender on NASA's Double Asteroid Redirec...
VICTOR MAESTRE RAMIREZ - Planetary Defender on NASA's Double Asteroid Redirec...VICTOR MAESTRE RAMIREZ - Planetary Defender on NASA's Double Asteroid Redirec...
VICTOR MAESTRE RAMIREZ - Planetary Defender on NASA's Double Asteroid Redirec...VICTOR MAESTRE RAMIREZ
 
Artificial-Intelligence-in-Electronics (K).pptx
Artificial-Intelligence-in-Electronics (K).pptxArtificial-Intelligence-in-Electronics (K).pptx
Artificial-Intelligence-in-Electronics (K).pptxbritheesh05
 
APPLICATIONS-AC/DC DRIVES-OPERATING CHARACTERISTICS
APPLICATIONS-AC/DC DRIVES-OPERATING CHARACTERISTICSAPPLICATIONS-AC/DC DRIVES-OPERATING CHARACTERISTICS
APPLICATIONS-AC/DC DRIVES-OPERATING CHARACTERISTICSKurinjimalarL3
 
CCS355 Neural Network & Deep Learning Unit II Notes with Question bank .pdf
CCS355 Neural Network & Deep Learning Unit II Notes with Question bank .pdfCCS355 Neural Network & Deep Learning Unit II Notes with Question bank .pdf
CCS355 Neural Network & Deep Learning Unit II Notes with Question bank .pdfAsst.prof M.Gokilavani
 
Current Transformer Drawing and GTP for MSETCL
Current Transformer Drawing and GTP for MSETCLCurrent Transformer Drawing and GTP for MSETCL
Current Transformer Drawing and GTP for MSETCLDeelipZope
 
HARMONY IN THE NATURE AND EXISTENCE - Unit-IV
HARMONY IN THE NATURE AND EXISTENCE - Unit-IVHARMONY IN THE NATURE AND EXISTENCE - Unit-IV
HARMONY IN THE NATURE AND EXISTENCE - Unit-IVRajaP95
 
Study on Air-Water & Water-Water Heat Exchange in a Finned Tube Exchanger
Study on Air-Water & Water-Water Heat Exchange in a Finned Tube ExchangerStudy on Air-Water & Water-Water Heat Exchange in a Finned Tube Exchanger
Study on Air-Water & Water-Water Heat Exchange in a Finned Tube ExchangerAnamika Sarkar
 
Decoding Kotlin - Your guide to solving the mysterious in Kotlin.pptx
Decoding Kotlin - Your guide to solving the mysterious in Kotlin.pptxDecoding Kotlin - Your guide to solving the mysterious in Kotlin.pptx
Decoding Kotlin - Your guide to solving the mysterious in Kotlin.pptxJoão Esperancinha
 
Past, Present and Future of Generative AI
Past, Present and Future of Generative AIPast, Present and Future of Generative AI
Past, Present and Future of Generative AIabhishek36461
 
microprocessor 8085 and its interfacing
microprocessor 8085 and its interfacingmicroprocessor 8085 and its interfacing
microprocessor 8085 and its interfacingjaychoudhary37
 
Gurgaon ✡️9711147426✨Call In girls Gurgaon Sector 51 escort service
Gurgaon ✡️9711147426✨Call In girls Gurgaon Sector 51 escort serviceGurgaon ✡️9711147426✨Call In girls Gurgaon Sector 51 escort service
Gurgaon ✡️9711147426✨Call In girls Gurgaon Sector 51 escort servicejennyeacort
 
Internship report on mechanical engineering
Internship report on mechanical engineeringInternship report on mechanical engineering
Internship report on mechanical engineeringmalavadedarshan25
 
OSVC_Meta-Data based Simulation Automation to overcome Verification Challenge...
OSVC_Meta-Data based Simulation Automation to overcome Verification Challenge...OSVC_Meta-Data based Simulation Automation to overcome Verification Challenge...
OSVC_Meta-Data based Simulation Automation to overcome Verification Challenge...Soham Mondal
 

Recently uploaded (20)

Sachpazis Costas: Geotechnical Engineering: A student's Perspective Introduction
Sachpazis Costas: Geotechnical Engineering: A student's Perspective IntroductionSachpazis Costas: Geotechnical Engineering: A student's Perspective Introduction
Sachpazis Costas: Geotechnical Engineering: A student's Perspective Introduction
 
ZXCTN 5804 / ZTE PTN / ZTE POTN / ZTE 5804 PTN / ZTE POTN 5804 ( 100/200 GE Z...
ZXCTN 5804 / ZTE PTN / ZTE POTN / ZTE 5804 PTN / ZTE POTN 5804 ( 100/200 GE Z...ZXCTN 5804 / ZTE PTN / ZTE POTN / ZTE 5804 PTN / ZTE POTN 5804 ( 100/200 GE Z...
ZXCTN 5804 / ZTE PTN / ZTE POTN / ZTE 5804 PTN / ZTE POTN 5804 ( 100/200 GE Z...
 
Gfe Mayur Vihar Call Girls Service WhatsApp -> 9999965857 Available 24x7 ^ De...
Gfe Mayur Vihar Call Girls Service WhatsApp -> 9999965857 Available 24x7 ^ De...Gfe Mayur Vihar Call Girls Service WhatsApp -> 9999965857 Available 24x7 ^ De...
Gfe Mayur Vihar Call Girls Service WhatsApp -> 9999965857 Available 24x7 ^ De...
 
power system scada applications and uses
power system scada applications and usespower system scada applications and uses
power system scada applications and uses
 
High Profile Call Girls Nagpur Isha Call 7001035870 Meet With Nagpur Escorts
High Profile Call Girls Nagpur Isha Call 7001035870 Meet With Nagpur EscortsHigh Profile Call Girls Nagpur Isha Call 7001035870 Meet With Nagpur Escorts
High Profile Call Girls Nagpur Isha Call 7001035870 Meet With Nagpur Escorts
 
Call Girls Delhi {Jodhpur} 9711199012 high profile service
Call Girls Delhi {Jodhpur} 9711199012 high profile serviceCall Girls Delhi {Jodhpur} 9711199012 high profile service
Call Girls Delhi {Jodhpur} 9711199012 high profile service
 
(MEERA) Dapodi Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Escorts
(MEERA) Dapodi Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Escorts(MEERA) Dapodi Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Escorts
(MEERA) Dapodi Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Escorts
 
VICTOR MAESTRE RAMIREZ - Planetary Defender on NASA's Double Asteroid Redirec...
VICTOR MAESTRE RAMIREZ - Planetary Defender on NASA's Double Asteroid Redirec...VICTOR MAESTRE RAMIREZ - Planetary Defender on NASA's Double Asteroid Redirec...
VICTOR MAESTRE RAMIREZ - Planetary Defender on NASA's Double Asteroid Redirec...
 
Artificial-Intelligence-in-Electronics (K).pptx
Artificial-Intelligence-in-Electronics (K).pptxArtificial-Intelligence-in-Electronics (K).pptx
Artificial-Intelligence-in-Electronics (K).pptx
 
APPLICATIONS-AC/DC DRIVES-OPERATING CHARACTERISTICS
APPLICATIONS-AC/DC DRIVES-OPERATING CHARACTERISTICSAPPLICATIONS-AC/DC DRIVES-OPERATING CHARACTERISTICS
APPLICATIONS-AC/DC DRIVES-OPERATING CHARACTERISTICS
 
CCS355 Neural Network & Deep Learning Unit II Notes with Question bank .pdf
CCS355 Neural Network & Deep Learning Unit II Notes with Question bank .pdfCCS355 Neural Network & Deep Learning Unit II Notes with Question bank .pdf
CCS355 Neural Network & Deep Learning Unit II Notes with Question bank .pdf
 
Current Transformer Drawing and GTP for MSETCL
Current Transformer Drawing and GTP for MSETCLCurrent Transformer Drawing and GTP for MSETCL
Current Transformer Drawing and GTP for MSETCL
 
HARMONY IN THE NATURE AND EXISTENCE - Unit-IV
HARMONY IN THE NATURE AND EXISTENCE - Unit-IVHARMONY IN THE NATURE AND EXISTENCE - Unit-IV
HARMONY IN THE NATURE AND EXISTENCE - Unit-IV
 
Study on Air-Water & Water-Water Heat Exchange in a Finned Tube Exchanger
Study on Air-Water & Water-Water Heat Exchange in a Finned Tube ExchangerStudy on Air-Water & Water-Water Heat Exchange in a Finned Tube Exchanger
Study on Air-Water & Water-Water Heat Exchange in a Finned Tube Exchanger
 
Decoding Kotlin - Your guide to solving the mysterious in Kotlin.pptx
Decoding Kotlin - Your guide to solving the mysterious in Kotlin.pptxDecoding Kotlin - Your guide to solving the mysterious in Kotlin.pptx
Decoding Kotlin - Your guide to solving the mysterious in Kotlin.pptx
 
Past, Present and Future of Generative AI
Past, Present and Future of Generative AIPast, Present and Future of Generative AI
Past, Present and Future of Generative AI
 
microprocessor 8085 and its interfacing
microprocessor 8085 and its interfacingmicroprocessor 8085 and its interfacing
microprocessor 8085 and its interfacing
 
Gurgaon ✡️9711147426✨Call In girls Gurgaon Sector 51 escort service
Gurgaon ✡️9711147426✨Call In girls Gurgaon Sector 51 escort serviceGurgaon ✡️9711147426✨Call In girls Gurgaon Sector 51 escort service
Gurgaon ✡️9711147426✨Call In girls Gurgaon Sector 51 escort service
 
Internship report on mechanical engineering
Internship report on mechanical engineeringInternship report on mechanical engineering
Internship report on mechanical engineering
 
OSVC_Meta-Data based Simulation Automation to overcome Verification Challenge...
OSVC_Meta-Data based Simulation Automation to overcome Verification Challenge...OSVC_Meta-Data based Simulation Automation to overcome Verification Challenge...
OSVC_Meta-Data based Simulation Automation to overcome Verification Challenge...
 

PRETTY GOOD PRIVACY (PGP) AND S/MIME FOR EMAIL SECURITY

  • 1. PRETTY GOOD PRIVACY (PGP) Security for Electronic Email ~ S. Janani, AP/CSE
  • 4. Everyone on the way can read it!! No Authentication. Everyone can pose as everyone Size Limit
  • 5. There are two main schemes which are especially designed to provide confidentiality and authentication for electronic mail systems. These are: PGP (Pretty Good Privacy) S/MIME (Secure/Multipurpose Internet Mail Extension) 5
  • 6. PGP • Developed by Phil Zimmerman in 1995. • Documentation and source code is freely available. • The package is independent of operating system and processor. • PGP does not rely on the “establishment” and it’s popularity and use have grown extensively since 1995. 6
  • 7. Why PGP? •PGP combines the best available cryptographic algorithms to achieve secure e-mail communication. •It is assumed that all users are using public key cryptography and have generated a private/public key pair. •Either RSA (with RSA digital signatures) or El Gamal (with DSA) can be used. •All users also use a symmetric key system such as triple DES or Rijndael. 7
  • 8. Services of PGP PGP offers 5 services: 1. Authentication – Digital Signature 2. Confidentiality – Symmetric Block Encryption 3. Compression - ZIP 4. E-mail compatibility – Radix 64 5. Segmentation 8
  • 9.
  • 10.
  • 11. 1. PGP Authentication This is a digital signature scheme with hashing. 1. Alice has (private/public) key pair (Ad/Ae) and she wants to send a digitally signed message m to Bob. 2. Alice hashes the message using SHA-1 to obtain SHA(m). 3. Alice encrypts the hash using her private key Ad to obtain ciphertext c given c=pk.encryptAd(SHA(m)) 4. Alice sends Bob the pair (m,c) 5. Bob receives (m,c) and decrypts c using Alice's public key Ae to obtain signature s s=pk.decryptAe(c) 11
  • 12. 6. He computes the hash of m using SHA-1 and if this hash value is equal to s then the message is authenticated. Bob is sure that the message is correct and that is does come from Alice. Furthermore Alice cannot later deny sending the message since only Alice has access to her private key Ad which works in conjunction with the public key Ae. 12
  • 13.
  • 14. 2. PGP Confidentiality 1. Alice wishes to send Bob a confidential message m. 2. Alice generates a random session key k for a symmetric cryptosystem. 3. Alice encrypts k using Bob’s public key Be to get k’ = pk.encryptBe(k) 4. Alice encrypts the message m with the session key k to get ciphertext c c=sk.encryptk(m) 5. Alice sends Bob the values (k’,c) 6. Bob receives the values (k’,c) and decrypts k’ using his private key Bd to obtain k k=pk.decryptBd(k’) 14
  • 15. 7. Bob uses the session key k to decrypt the ciphertext c and recover the message m m=sk.decryptk(c) Public and symmetric key cryptosystems are combined in this way to provide security for key exchange and then efficiency for encryption. The session key k is used only to encrypt message m and is not stored for any length of time. 15
  • 16.
  • 17. PGP Authenticaton and Confidentiality (at the same time) The schemes for authentication and confidentiality can be combined so that Alice can sign a confidential message which is encrypted before transmission. The steps required are as follows: 1. Alice generates a signature c for her message m as in the Authentication scheme c=pk.encryptAd(SHA(m)) 2. Alice generates a random session key k and encrypts the message m and the signature c using a symmetric cryptosystem to obtain ciphertext C=sk.encryptk(m,c) 3. She encrypts the session key k using Bob’s public key k’ = pk.encryptBe(k) 4. Alice sends Bob the values (k’,C) 17
  • 18. 5. Bob recieves k’ and C and decrypts k’ using his private key Bd to obtain the session key k k=pk.decryptBd(k’) 6. Bob decrypts the ciphertext C using the session key k to obtain m and c (m,c) = sk.decryptk(C) 7. Bob now has the message m. In order to authenticate it he uses Alice’s public key Ae to decrypt the signature c and hashes the message m using SHA-1. If SHA(m) = pk.decryptAe(c) Then the message is authenticated. 18
  • 19. 3. PGP Compression PGP can also compress the message if desired. The compression algorithm is ZIP and the decompression algorithm is UNZIP. 1. The original message m is signed as before to obtain c=pk.encryptAd(SHA(m)) 2. Now the original message m is compressed to obtain M=ZIP(m) 3. Alice generates a session key k and encrypts the compressed message and the signature using the session key C=sk.encryptk(M,c) 19
  • 20. 4. The session key is encrypted using Bob’s public key as before. 5. Alice sends Bob the encrypted session key and ciphertext C. 6. Bob decrypts the session key using his private key and then uses the session key to decrypt the ciphertext C to obtain M and c (M,c) = sk.decryptk(C) 7. Bob decompresses the message M to obtain the original message m m=UNZIP(M) 8. Now Bob has the original message m and signature c. He verifies the signature using SHA-1 and Alice’s public key as before. 20
  • 21. 4. PGP E-Mail Compatibility Many electronic mail systems can only transmit blocks of ASCII text. This can cause a problem when sending encrypted data since ciphertext blocks might not correspond to ASCII characters which can be transmitted. PGP overcomes this problem by using radix-64 conversion. 21
  • 22. Radix-64 conversion Suppose the text to be encrypted has been converted into binary using ASCII coding and encrypted to give a ciphertext stream of binary. Radix-64 conversion maps arbitrary binary into printable characters as follows: 22
  • 23. Radix-64 conversion 1. The binary input is split into blocks of 24 bits (3 bytes). 2. Each 24 block is then split into four sets each of 6- bits. 3. Each 6-bit set will then have a value between 0 and 26-1 (=63). 4. This value is encoded into a printable character. 23
  • 24. 24 6 bit value Character encoding 6 bit value Character encoding 6 bit value Character encoding 6 bit value Character encoding 0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 A B C D E F G H I J K L M N O P 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 Q R S T U V W X Y Z a b c d e f 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 g h i j k l m n o p q r s t u v 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 (pad) w x y z 0 1 2 3 4 5 6 7 8 9 + / =
  • 25. 5. PGP Segmentation Another constraint of e-mail is that there is usually a maximum message length. PGP automatically blocks an encrypted message into segments of an appropriate length. On receipt, the segments must be re-assembled before the decryption process. 25
  • 26. Key Issues 1. Key Generation Recall that a new session key is required each time a message is encrypted. How are these keys generated? PGP uses the timing of key strokes and key patterns to generate random numbers. 26
  • 27. So a PGP message might consist of: • Message component – the actual data to be transmitted + a filename + a timestamp; • Signature component – timestamp + hash of message and timestamp + first part of message (so user can check that they are decrypting correctly) + Key ID of sender’s public key • Session Key component – session key + key ID of recipient’s public key 29
  • 28. S/MIME – RFC5322 • Defines a format for text messages that are sent using electronic mail • Messages are viewed as having an envelope and contents • The envelope contains whatever information is needed to accomplish transmission and delivery • The contents compose the object to be delivered to the recipient The content standard includes a set of header fields that may be used by the mail system to create the envelope
  • 33. S/MIME Functions • enveloped data • encrypted content and associated keys • signed data • encoded message + signed digest • clear-signed data • cleartext message + encoded signed digest • signed & enveloped data • nesting of signed & encrypted entities
  • 34. S/MIME Cryptographic Algorithms • hash functions: SHA-1 & MD5 • digital signatures: DSS & RSA • session key encryption: ElGamal & RSA • message encryption: Triple-DES, RC2/40 and others • have a procedure to decide which algorithms to use
  • 35. S/MIME Certificate Processing • S/MIME uses X.509 v3 certificates • managed using a hybrid of a strict X.509 CA hierarchy & PGP’s web of trust • each client has a list of trusted CA’s certs and own public/private key pairs & certs • certificates must be signed by trusted CA’s
  • 36. Certificate Authorities • have several well-known CA’s • Verisign one of most widely used • Verisign issues several types of Digital IDs • with increasing levels of checks & hence trust Class Identity Checks Usage 1 name/email check web browsing/email 2+ enroll/addr check email, subs, s/w validate 3+ ID documents e-banking/service access
  • 37. Summary • E-Mail Security – importance • PGP – Services • S/MIME - Functions