PGP from: Cryptography and Network Security

Size: px
Start display at page:

Download "PGP from: Cryptography and Network Security"

Transcription

1 PGP from: Cryptography and Network Security Fifth Edition by William Stallings Lecture slides by Lawrie Brown (*) (*) adjusted by Fabrizio d'amore

2 Electronic Mail Security Despite the refusal of VADM Poindexter and LtCol North to appear, the Board's access to other sources of information filled much of this gap. The FBI provided documents taken from the files of the National Security Advisor and relevant NSC staff members, including messages from the PROF system between VADM Poindexter and LtCol North. The PROF messages were conversations by computer, written at the time events occurred and presumed by the writers to be protected from disclosure. In this sense, they provide a first-hand, contemporaneous account of events. The Tower Commission Report to President Reagan on the Iran-Contra Affair, 1987 May 2012 PGP - S/MIME 2

3 Security Ø is one of the most widely used and regarded network services Ø currently message contents are not secure l may be inspected either in transit l or by suitably privileged users on destination system May 2012 PGP - S/MIME 3

4 Security Enhancements Ø confidentiality l protection from disclosure Ø authentication l of sender of message Ø message integrity l protection from modification Ø non-repudiation of origin l protection from denial by sender May 2012 PGP - S/MIME 4

5 Pretty Good Privacy (PGP) Ø widely used de facto secure Ø developed by Phil Zimmermann Ø selected best available crypto algs to use Ø integrated into a single program Ø on Unix, PC, Macintosh and other systems Ø originally free, now also have commercial versions available May 2012 PGP - S/MIME 5

6 PGP Operation Authentication 1. sender creates message 2. make SHA bit hash of message 3. attached RSA signed hash to message 4. receiver decrypts & recovers hash code 5. receiver verifies received message hash May 2012 PGP - S/MIME 6

7 PGP Operation Confidentiality 1. sender forms 128-bit random session key 2. encrypts message with session key 3. attaches session key encrypted with RSA 4. receiver decrypts & recovers session key 5. session key is used to decrypt message May 2012 PGP - S/MIME 7

8 PGP Operation Confidentiality & Authentication Ø can use both services on same message l create signature & attach to message l encrypt both message & signature l attach RSA/ElGamal encrypted session key May 2012 PGP - S/MIME 8

9 PGP Operation Compression Ø by default PGP compresses message after signing but before encrypting l so can store uncompressed message & signature for later verification l because compression is non deterministic (result of compression depends upon user preferences) Ø uses ZIP compression algorithm May 2012 PGP - S/MIME 9

10 PGP Operation Compatibility Ø when using PGP will have binary data to send (encrypted message etc.) Ø however was designed only for text Ø hence PGP must encode raw binary data into printable ASCII characters Ø uses radix-64 algorithm (aka "ASCII Armour") l l maps 3 bytes to 4 printable chars (it's the Base64 of MIME) also appends a 24-bit CRC Ø PGP also segments messages if too big May 2012 PGP - S/MIME 10

11 PGP Operation Summary May 2012 PGP - S/MIME 11

12 PGP Session Keys Ø need a session key for each message l of varying sizes: 56-bit DES, 128-bit CAST or IDEA, 168-bit Triple-DES Ø generated using ANSI X12.17 mode Ø uses random inputs taken from previous uses and from keystroke timing of user May 2012 PGP - S/MIME 12

13 PGP Public & Private Keys Ø since many public/private keys may be in use (by one user), need to identify which is actually used to encrypt session key in a message l l could send full public-key with every message but this is inefficient Ø rather use a key identifier (ID) based on key l l is least significant 64-bits of the key will very likely be unique Ø also use key ID in signatures May 2012 PGP - S/MIME 13

14 PGP Message Format May 2012 PGP - S/MIME 14

15 PGP Key Rings Ø each PGP user has a pair of keyrings: l public-key ring contains all the public-keys of other PGP users known to this user, indexed by key ID l private-key ring contains the public/private key pair(s) for this user, indexed by key ID & encrypted keyed from a hashed passphrase Ø security of private keys thus depends on the pass-phrase security May 2012 PGP - S/MIME 15

16 PGP Key Rings May 2012 PGP - S/MIME 16

17 PGP Message Generation May 2012 PGP - S/MIME 17

18 PGP Message Reception May 2012 PGP - S/MIME 18

19 PGP Key Management Ø rather than relying on certificate authorities Ø in PGP every user is own CA l can sign keys for users they know directly Ø forms a web of trust l l trust keys have signed can trust keys others have signed if have a chain of signatures to them Ø key ring includes trust indicators Ø users can also revoke their keys May 2012 PGP - S/MIME 19

20 web of trust (Zimmermann) As time goes on, you will accumulate keys from other people that you may want to designate as trusted introducers. Everyone else will each choose their own trusted introducers. And everyone will gradually accumulate and distribute with their key a collection of certifying signatures from other people, with the expectation that anyone receiving it will trust at least one or two of the signatures. This will cause the emergence of a decentralized faulttolerant web of confidence for all public keys. May 2012 PGP - S/MIME 20

21 PGP Trust Model Example May 2012 PGP - S/MIME 21

22 PGP today Ø OpenPGP is an Internet standard (RFC 4880, 2007) Ø many clients provide OpenPGPcompliant security Ø best known implementations of OpenPGP l PGP by PGP Inc. l GNU Privacy Guard (GnuPG or GPG) by The Free Software Foundation. Open-source May 2012 PGP - S/MIME 22

23 EnigMail example Ø supported clients l Mozilla Thunderbird l Mozilla SeaMonkey l Eudora 1.0 OSE l Postbox Ø GnuPG Software Ø EnigMail plugin (http://enigmail.mozdev.org) l language packs available May 2012 PGP - S/MIME 23

24 May 2012 PGP - S/MIME 24

25 S/MIME (Secure/Multipurpose Internet Mail Extensions) Ø security enhancement to MIME l original Internet RFC822 was text only l MIME provided support for varying content types and multi-part messages l with encoding of binary data to textual form l S/MIME added security enhancements Ø have S/MIME support in many mail agents l eg MS Outlook, Mozilla, Mac Mail etc May 2012 PGP - S/MIME 25

26 S/MIME Functions Ø enveloped data l encrypted content and associated keys Ø signed data l encoded message + signed digest Ø clear-signed data l cleartext message + encoded signed digest Ø signed & enveloped data l nesting of signed & encrypted entities May 2012 PGP - S/MIME 26

27 S/MIME Cryptographic Algorithms Ø digital signatures: DSS & RSA Ø hash functions: SHA-1 & MD5 Ø session key encryption: ElGamal & RSA Ø message encryption: AES, Triple-DES, RC2/40 and others Ø MAC: HMAC with SHA-1 Ø have process to decide which algs to use May 2012 PGP - S/MIME 27

28 S/MIME Messages Ø S/MIME secures a MIME entity with a signature, encryption, or both Ø forming a MIME wrapped PKCS object Ø have a range of content-types: l enveloped data l signed data l clear-signed data l registration request l certificate only message May 2012 PGP - S/MIME 28

29 S/MIME Certificate Processing Ø S/MIME uses X.509 v3 certificates Ø managed using a hybrid of a strict X.509 CA hierarchy & PGP s web of trust Ø each client has a list of trusted CA s certs Ø and own public/private key pairs & certs Ø certificates must be signed by trusted CA s May 2012 PGP - S/MIME 29

30 Certificate Authorities Ø have several well-known CA s Ø Verisign one of most widely used Ø Verisign issues several types of Digital IDs Ø increasing levels of checks & hence trust Class Identity Checks Usage 1 name/ check web browsing/ 2 + enroll/addr check , subs, s/w validate 3 + ID documents e-banking/service access May 2012 PGP - S/MIME 30

31 S/MIME Enhanced Security Services Ø 3 proposed enhanced security services: l signed receipts l security labels l secure mailing lists May 2012 PGP - S/MIME 31

Cryptography and Network Security Chapter 15

Cryptography and Network Security Chapter 15 Cryptography and Network Security Chapter 15 Fourth Edition by William Stallings Lecture slides by Lawrie Brown Chapter 15 Electronic Mail Security Despite the refusal of VADM Poindexter and LtCol North

More information

Network Security Essentials Chapter 7

Network Security Essentials Chapter 7 Network Security Essentials Chapter 7 Fourth Edition by William Stallings Lecture slides by Lawrie Brown Chapter 7 Electronic Mail Security Despite the refusal of VADM Poindexter and LtCol North to appear,

More information

Chapter 6 Electronic Mail Security

Chapter 6 Electronic Mail Security Cryptography and Network Security Chapter 6 Electronic Mail Security Lectured by Nguyễn Đức Thái Outline Pretty Good Privacy S/MIME 2 Electronic Mail Security In virtually all distributed environments,

More information

Electronic Mail Security. Email Security. email is one of the most widely used and regarded network services currently message contents are not secure

Electronic Mail Security. Email Security. email is one of the most widely used and regarded network services currently message contents are not secure Electronic Mail Security CSCI 454/554 Email Security email is one of the most widely used and regarded network services currently message contents are not secure may be inspected either in transit or by

More information

Electronic Mail Security

Electronic Mail Security Electronic Mail Security Raj Jain Washington University in Saint Louis Saint Louis, MO 63130 Jain@cse.wustl.edu Audio/Video recordings of this lecture are available at: http://www.cse.wustl.edu/~jain/cse571-11/

More information

Authentication applications Kerberos X.509 Authentication services E mail security IP security Web security

Authentication applications Kerberos X.509 Authentication services E mail security IP security Web security UNIT 4 SECURITY PRACTICE Authentication applications Kerberos X.509 Authentication services E mail security IP security Web security Slides Courtesy of William Stallings, Cryptography & Network Security,

More information

Network Security - Secure upper layer protocols - Background. Email Security. Question from last lecture: What s a birthday attack? Dr.

Network Security - Secure upper layer protocols - Background. Email Security. Question from last lecture: What s a birthday attack? Dr. Network Security - Secure upper layer protocols - Dr. John Keeney 3BA33 Question from last lecture: What s a birthday attack? might think a m-bit hash is secure but by Birthday Paradox is not the chance

More information

CS549: Cryptography and Network Security

CS549: Cryptography and Network Security CS549: Cryptography and Network Security by Xiang-Yang Li Department of Computer Science, IIT Cryptography and Network Security 1 Notice This lecture note (Cryptography and Network Security) is prepared

More information

Elements of Security

Elements of Security Elements of Security Dr. Bill Young Department of Computer Sciences University of Texas at Austin Last updated: April 15, 2015 Slideset 8: 1 Some Poetry Mary had a little key (It s all she could export)

More information

CS 393 Network Security. Nasir Memon Polytechnic University Module 11 Secure Email

CS 393 Network Security. Nasir Memon Polytechnic University Module 11 Secure Email CS 393 Network Security Nasir Memon Polytechnic University Module 11 Secure Email Course Logistics HW 5 due Thursday Graded exams returned and discussed. Read Chapter 5 of text 4/2/02 Module 11 - Secure

More information

Cryptography and Network Security

Cryptography and Network Security Cryptography and Network Security Spring 2012 http://users.abo.fi/ipetre/crypto/ Lecture 11: Email security: PGP and S/MIME Ion Petre Department of IT, Åbo Akademi University February 14, 2012 1 Email

More information

Cryptography and Security

Cryptography and Security Cunsheng DING Version 3 Lecture 17: Electronic Mail Security Outline of this Lecture 1. Email security issues. 2. Detailed introduction of PGP. Page 1 Version 3 About Electronic Mail 1. In virtually all

More information

PGP - Pretty Good Privacy

PGP - Pretty Good Privacy I should be able to whisper something in your ear, even if your ear is 1000 miles away, and the government disagrees with that. -- Philip Zimmermann PGP - Pretty Good Privacy - services - message format

More information

WiMAX Public Key Infrastructure (PKI) Users Overview

WiMAX Public Key Infrastructure (PKI) Users Overview WiMAX Public Key Infrastructure (PKI) Users Overview WiMAX, Mobile WiMAX, Fixed WiMAX, WiMAX Forum, WiMAX Certified, WiMAX Forum Certified, the WiMAX Forum logo and the WiMAX Forum Certified logo are trademarks

More information

SubmitedBy: Name Reg No Email Address. Mirza Kashif Abrar 790604-T079 kasmir07 (at) student.hh.se

SubmitedBy: Name Reg No Email Address. Mirza Kashif Abrar 790604-T079 kasmir07 (at) student.hh.se SubmitedBy: Name Reg No Email Address Mirza Kashif Abrar 790604-T079 kasmir07 (at) student.hh.se Abid Hussain 780927-T039 abihus07 (at) student.hh.se Imran Ahmad Khan 770630-T053 imrakh07 (at) student.hh.se

More information

Tutorial: Encrypted Email with Thunderbird and Enigmail. Author: Shashank Areguli. Published: Ed (August 9, 2014)

Tutorial: Encrypted Email with Thunderbird and Enigmail. Author: Shashank Areguli. Published: Ed (August 9, 2014) Tutorial: Encrypted Email with Thunderbird and Enigmail Author: Shashank Areguli Published: Ed (August 9, 2014) There are three issues of security that needs to dealt with on the internet, concerning information.

More information

CS 356 Lecture 27 Internet Security Protocols. Spring 2013

CS 356 Lecture 27 Internet Security Protocols. Spring 2013 CS 356 Lecture 27 Internet Security Protocols Spring 2013 Review Chapter 1: Basic Concepts and Terminology Chapter 2: Basic Cryptographic Tools Chapter 3 User Authentication Chapter 4 Access Control Lists

More information

GPG - GNU Privacy Guard

GPG - GNU Privacy Guard GPG - GNU Privacy Guard How to use Károly Erdei October 15, 2014 Károly Erdei GPG - GNU Privacy Guard 1/60 1 Why 2 Cryptography 3 PGP 4 KGPG-Assistant 5 -Key-Manager 6 -Editor 7 GPG4Win 8 Enigmail Károly

More information

A Noval Approach for S/MIME

A Noval Approach for S/MIME Volume 1, Issue 7, December 2013 International Journal of Advance Research in Computer Science and Management Studies Research Paper Available online at: www.ijarcsms.com A Noval Approach for S/MIME K.Suganya

More information

Introduction to Cryptography

Introduction to Cryptography Introduction to Cryptography Part 3: real world applications Jean-Sébastien Coron January 2007 Public-key encryption BOB ALICE Insecure M E C C D channel M Alice s public-key Alice s private-key Authentication

More information

Secure Client Applications

Secure Client Applications Secure Client Applications Networking Sirindhorn International Institute of Technology Thammasat University Prepared by Steven Gordon on 26 June 2014 Common/Reports/secure-client-apps.tex, r900 1/26 Acronyms

More information

Internet Programming. Security

Internet Programming. Security Internet Programming Security Introduction Security Issues in Internet Applications A distributed application can run inside a LAN Only a few users have access to the application Network infrastructures

More information

Cryptography and Network Security Chapter 14

Cryptography and Network Security Chapter 14 Cryptography and Network Security Chapter 14 Fifth Edition by William Stallings Lecture slides by Lawrie Brown Chapter 14 Key Management and Distribution No Singhalese, whether man or woman, would venture

More information

An Introduction to Secure Email. Presented by: Addam Schroll IT Security & Privacy Analyst

An Introduction to Secure Email. Presented by: Addam Schroll IT Security & Privacy Analyst An Introduction to Secure Email Presented by: Addam Schroll IT Security & Privacy Analyst Topics Secure Email Basics Types of Secure Email Walkthroughs 2 Secure Email Services Confidentiality Message Integrity

More information

Forging Digital Signatures

Forging Digital Signatures Forging Digital Signatures Albert Levi Sabanci University Istanbul, TURKEY levi@sabanciuniv.edu ACSAC 2002 Outline What s a digital signature? How S/MIME handles digital signatures? How to obtain a certificate

More information

Prof. Sead Muftic Feng Zhang. Lecture 10: Secure E-mail Systems

Prof. Sead Muftic Feng Zhang. Lecture 10: Secure E-mail Systems Prof. Sead Muftic Feng Zhang Lecture 10: Secure E-mail Systems Lecture 10 : Secure E mail Systems Subjects / Topics : 1. Secure E mail systems 2. Secure, Trusted, Authorized and Reliable E Mail System

More information

Overview. SSL Cryptography Overview CHAPTER 1

Overview. SSL Cryptography Overview CHAPTER 1 CHAPTER 1 Note The information in this chapter applies to both the ACE module and the ACE appliance unless otherwise noted. The features in this chapter apply to IPv4 and IPv6 unless otherwise noted. Secure

More information

Cryptography and Network Security Chapter 14. Key Distribution. Key Management and Distribution. Key Distribution Task 4/19/2010

Cryptography and Network Security Chapter 14. Key Distribution. Key Management and Distribution. Key Distribution Task 4/19/2010 Cryptography and Network Security Chapter 14 Fifth Edition by William Stallings Lecture slides by Lawrie Brown Chapter 14 Key Management and Distribution No Singhalese, whether man or woman, would venture

More information

to hide away details from prying eyes. Pretty Good Privacy (PGP) utilizes many

to hide away details from prying eyes. Pretty Good Privacy (PGP) utilizes many In the world of secure email, there are many options from which to choose from to hide away details from prying eyes. Pretty Good Privacy (PGP) utilizes many cryptographical concepts to achieve a supposedly

More information

PGP (Pretty Good Privacy) INTRODUCTION ZHONG ZHAO

PGP (Pretty Good Privacy) INTRODUCTION ZHONG ZHAO PGP (Pretty Good Privacy) INTRODUCTION ZHONG ZHAO In The Next 15 Minutes, You May Know What is PGP? Why using PGP? What can it do? How did it evolve? How does it work? How to work it? What s its limitation?

More information

IT Networks & Security CERT Luncheon Series: Cryptography

IT Networks & Security CERT Luncheon Series: Cryptography IT Networks & Security CERT Luncheon Series: Cryptography Presented by Addam Schroll, IT Security & Privacy Analyst 1 Outline History Terms & Definitions Symmetric and Asymmetric Algorithms Hashing PKI

More information

Managing and Securing Computer Networks. Guy Leduc. Chapter 3: Securing applications. Chapter goals: security in practice:

Managing and Securing Computer Networks. Guy Leduc. Chapter 3: Securing applications. Chapter goals: security in practice: Managing and Securing Computer Networks Guy Leduc Chapter 3: Securing applications Computer Networking: A Top Down Approach, 6 th edition. Jim Kurose, Keith Ross Addison-Wesley, March 2012. (section 8.5)

More information

Signing and Encryption with GnuPG

Signing and Encryption with GnuPG Signing and Encryption with GnuPG Steve Revilak http://www.srevilak.net/wiki/talks Cryptoparty @ Somerville Public Library January 10, 2015 1 / 20 What is GnuPG? GnuPG is a free software implementation

More information

An Introduction to Cryptography as Applied to the Smart Grid

An Introduction to Cryptography as Applied to the Smart Grid An Introduction to Cryptography as Applied to the Smart Grid Jacques Benoit, Cooper Power Systems Western Power Delivery Automation Conference Spokane, Washington March 2011 Agenda > Introduction > Symmetric

More information

Lecture 10: 1. Secure E mail E systems. Systems. Page 1

Lecture 10: 1. Secure E mail E systems. Systems. Page 1 1 2 Prof. Sead Matei Ciobanu Morogan Abdul Ghafoor Abbasi Lecture 10: Secure E-mailE Lecture 10 : Secure E mail E Subjects / opics : 1. Secure E mail E systems 2. Secure, rusted, Authorized and eliable

More information

Security. Friends and Enemies. Overview Plaintext Cryptography functions. Secret Key (DES) Symmetric Key

Security. Friends and Enemies. Overview Plaintext Cryptography functions. Secret Key (DES) Symmetric Key Friends and Enemies Security Outline Encryption lgorithms Protocols Message Integrity Protocols Key Distribution Firewalls Figure 7.1 goes here ob, lice want to communicate securely Trudy, the intruder

More information

Message authentication and. digital signatures

Message authentication and. digital signatures Message authentication and " Message authentication digital signatures verify that the message is from the right sender, and not modified (incl message sequence) " Digital signatures in addition, non!repudiation

More information

Number of relevant issues

Number of relevant issues Electronic signature Lecture 8 Number of relevant issues cryptography itself algorithms for signing documents key management generating keys, distribution, key revocation security policy certificates may

More information

Encrypting Email with KMail, Mozilla Thunderbird, and Evolution LOCK AND KEY BY FRAUKE OSTER

Encrypting Email with KMail, Mozilla Thunderbird, and Evolution LOCK AND KEY BY FRAUKE OSTER COVER STORY Encrypting Email Encrypting Email with KMail, Mozilla Thunderbird, and Evolution LOCK AND KEY The leading email applications include new features for helping users secure and authenticate their

More information

HW/Lab 1: Email Security with PGP, and Crypto CS 336/536: Computer Network Security DUE 09/28/2015 (11am)

HW/Lab 1: Email Security with PGP, and Crypto CS 336/536: Computer Network Security DUE 09/28/2015 (11am) HW/Lab 1: Email Security with PGP, and Crypto CS 336/536: Computer Network Security DUE 09/28/2015 (11am) This HW/Lab assignment covers Lectures 2 to 4. Please review these thoroughly before starting to

More information

Sharing Secrets Using Encryption Facility

Sharing Secrets Using Encryption Facility Sharing Secrets Using Encryption Facility Eysha S. Powers IBM Corporation Insert Custom Session QR if Desired Tuesday, August 11, 2015: 6:00pm 7:00pm Session Number 17624 Cryptography is used in a variety

More information

Authentication requirement Authentication function MAC Hash function Security of

Authentication requirement Authentication function MAC Hash function Security of UNIT 3 AUTHENTICATION Authentication requirement Authentication function MAC Hash function Security of hash function and MAC SHA HMAC CMAC Digital signature and authentication protocols DSS Slides Courtesy

More information

Chapter 10. Network Security

Chapter 10. Network Security Chapter 10 Network Security 10.1. Chapter 10: Outline 10.1 INTRODUCTION 10.2 CONFIDENTIALITY 10.3 OTHER ASPECTS OF SECURITY 10.4 INTERNET SECURITY 10.5 FIREWALLS 10.2 Chapter 10: Objective We introduce

More information

Cryptography & Digital Signatures

Cryptography & Digital Signatures Cryptography & Digital Signatures CS 594 Special Topics/Kent Law School: Computer and Network Privacy and Security: Ethical, Legal, and Technical Consideration Prof. Sloan s Slides, 2007, 2008 Robert H.

More information

Overview of CSS SSL. SSL Cryptography Overview CHAPTER

Overview of CSS SSL. SSL Cryptography Overview CHAPTER CHAPTER 1 Secure Sockets Layer (SSL) is an application-level protocol that provides encryption technology for the Internet, ensuring secure transactions such as the transmission of credit card numbers

More information

Encrypting and signing e-mail

Encrypting and signing e-mail Encrypting and signing e-mail V1.0 Developed by Gunnar Kreitz at CSC, KTH. V2.0 Developed by Pehr Söderman at ICT, KTH (Pehrs@kth.se) V3.0 Includes experiences from the 2009 course V3.1 Adaptation for

More information

Standards and Products. Computer Security. Kerberos. Kerberos

Standards and Products. Computer Security. Kerberos. Kerberos 3 4 Standards and Products Computer Security Standards and Products Public Key Infrastructure (PKI) IPsec SSL/TLS Electronic Mail Security: PEM, S/MIME, and PGP March 24, 2004 2004, Bryan J. Higgs 1 2

More information

Message Authentication Codes

Message Authentication Codes 2 MAC Message Authentication Codes : and Cryptography Sirindhorn International Institute of Technology Thammasat University Prepared by Steven Gordon on 28 October 2013 css322y13s2l08, Steve/Courses/2013/s2/css322/lectures/mac.tex,

More information

Electronic mail security. MHS (Message Handling System)

Electronic mail security. MHS (Message Handling System) Electronic mail security Diana Berbecaru < diana.berbecaru @ polito.it> Politecnico di Torino Dip. Automatica e Informatica MHS (Message Handling System) MS MS MUA MUA (Message Transfer ) MS (Message Store)

More information

Savitribai Phule Pune University

Savitribai Phule Pune University Savitribai Phule Pune University Centre for Information and Network Security Course: Introduction to Cyber Security / Information Security Module : Pre-requisites in Information and Network Security Chapter

More information

Overview Keys. Overview

Overview Keys. Overview Overview Keys Overview The PGPmail program performs fast, high-security, public-key encrypting (with optional compression), decrypting, and authenticating of electronic messages and files. The program

More information

E-mail Best Practices

E-mail Best Practices CMSGu2012-06 Mauritian Computer Emergency Response Team CERT-MU SECURITY GUIDELINE 2011-02 Enhancing Cyber Security in Mauritius E-mail Best Practices National Computer Board Mauritius Version 1.0 June

More information

Secure E-Mail Part II Due Date: Sept 27 Points: 25 Points

Secure E-Mail Part II Due Date: Sept 27 Points: 25 Points Secure E-Mail Part II Due Date: Sept 27 Points: 25 Points Objective 1. To explore a practical application of cryptography secure e-mail 2. To use public key encryption 3. To gain experience with the various

More information

Chapter 11 Security+ Guide to Network Security Fundamentals, Third Edition Basic Cryptography

Chapter 11 Security+ Guide to Network Security Fundamentals, Third Edition Basic Cryptography Chapter 11 Security+ Guide to Network Security Fundamentals, Third Edition Basic Cryptography What Is Steganography? Steganography Process of hiding the existence of the data within another file Example:

More information

Ciphire Mail. Abstract

Ciphire Mail. Abstract Ciphire Mail Technical Introduction Abstract Ciphire Mail is cryptographic software providing email encryption and digital signatures. The Ciphire Mail client resides on the user's computer between the

More information

Installing your Digital Certificate & Using on MS Out Look 2007.

Installing your Digital Certificate & Using on MS Out Look 2007. Installing your Digital Certificate & Using on MS Out Look 2007. Note: This technical paper is only to guide you the steps to follow on how to configure and use digital signatures. Therefore Certificate

More information

Key Management and Distribution

Key Management and Distribution Key Management and Distribution Overview Raj Jain Washington University in Saint Louis Saint Louis, MO 63130 Jain@cse.wustl.edu udio/video recordings of this lecture are available at: http://www.cse.wustl.edu/~jain/cse571-14/

More information

Network Security. Computer Networking Lecture 08. March 19, 2012. HKU SPACE Community College. HKU SPACE CC CN Lecture 08 1/23

Network Security. Computer Networking Lecture 08. March 19, 2012. HKU SPACE Community College. HKU SPACE CC CN Lecture 08 1/23 Network Security Computer Networking Lecture 08 HKU SPACE Community College March 19, 2012 HKU SPACE CC CN Lecture 08 1/23 Outline Introduction Cryptography Algorithms Secret Key Algorithm Message Digest

More information

4.1: Securing Applications Remote Login: Secure Shell (SSH) E-Mail: PEM/PGP. Chapter 5: Security Concepts for Networks

4.1: Securing Applications Remote Login: Secure Shell (SSH) E-Mail: PEM/PGP. Chapter 5: Security Concepts for Networks Chapter 2: Security Techniques Background Chapter 3: Security on Network and Transport Layer Chapter 4: Security on the Application Layer Secure Applications Network Authentication Service: Kerberos 4.1:

More information

Network Security. Security Attacks. Normal flow: Interruption: 孫 宏 民 hmsun@cs.nthu.edu.tw Phone: 03-5742968 國 立 清 華 大 學 資 訊 工 程 系 資 訊 安 全 實 驗 室

Network Security. Security Attacks. Normal flow: Interruption: 孫 宏 民 hmsun@cs.nthu.edu.tw Phone: 03-5742968 國 立 清 華 大 學 資 訊 工 程 系 資 訊 安 全 實 驗 室 Network Security 孫 宏 民 hmsun@cs.nthu.edu.tw Phone: 03-5742968 國 立 清 華 大 學 資 訊 工 程 系 資 訊 安 全 實 驗 室 Security Attacks Normal flow: sender receiver Interruption: Information source Information destination

More information

Network Security. Gaurav Naik Gus Anderson. College of Engineering. Drexel University, Philadelphia, PA. Drexel University. College of Engineering

Network Security. Gaurav Naik Gus Anderson. College of Engineering. Drexel University, Philadelphia, PA. Drexel University. College of Engineering Network Security Gaurav Naik Gus Anderson, Philadelphia, PA Lectures on Network Security Feb 12 (Today!): Public Key Crypto, Hash Functions, Digital Signatures, and the Public Key Infrastructure Feb 14:

More information

mod_ssl Cryptographic Techniques

mod_ssl Cryptographic Techniques mod_ssl Overview Reference The nice thing about standards is that there are so many to choose from. And if you really don t like all the standards you just have to wait another year until the one arises

More information

Unifying Information Security. Implementing Encryption on the CLEARSWIFT SECURE Email Gateway

Unifying Information Security. Implementing Encryption on the CLEARSWIFT SECURE Email Gateway Unifying Information Security Implementing Encryption on the CLEARSWIFT SECURE Email Gateway Contents 1 Introduction... 4 2 Encryption Options... 5 3 Basics of Encryption... 7 3.1 Public Key... 7 3.2 Private

More information

Key Management and Distribution

Key Management and Distribution Key Management and Distribution Raj Jain Washington University in Saint Louis Saint Louis, MO 63130 Jain@cse.wustl.edu Audio/Video recordings of this lecture are available at: http://www.cse.wustl.edu/~jain/cse571-11/

More information

GlobalSign Enterprise Solutions

GlobalSign Enterprise Solutions GlobalSign Enterprise Solutions Secure Email & Key Recovery Using GlobalSign s Auto Enrollment Gateway (AEG) 1 v.1.2 Table of Contents Table of Contents... 2 Introduction... 3 The Benefits of Secure Email...

More information

NETWORK SECURITY. Farooq Ashraf. Department of Computer Engineering King Fahd University of Petroleum and Minerals Dhahran 31261, Saudi Arabia

NETWORK SECURITY. Farooq Ashraf. Department of Computer Engineering King Fahd University of Petroleum and Minerals Dhahran 31261, Saudi Arabia NETWORK SECURITY Farooq Ashraf Department of Computer Engineering King Fahd University of Petroleum and Minerals Dhahran 31261, Saudi Arabia O u t l i n e o f t h e P r e s e n t a t i o n What is Security

More information

Network Security Essentials Chapter 5

Network Security Essentials Chapter 5 Network Security Essentials Chapter 5 Fourth Edition by William Stallings Lecture slides by Lawrie Brown Chapter 5 Transport-Level Security Use your mentality Wake up to reality From the song, "I've Got

More information

Institute of Computer Technology - Vienna University of Technology. L96 - SSL, PGP, Kerberos

Institute of Computer Technology - Vienna University of Technology. L96 - SSL, PGP, Kerberos SSL, PGP, Kerberos Secure Socket Layer (Web Security), Pretty Good Privacy (Email Security) and Authentication Agenda SSL PGP Kerberos SSL, PGP, Kerberos, v4.4 2 Page 96-1 SSL versus IPsec Application

More information

Receiving Secure Email from Citi For External Customers and Business Partners

Receiving Secure Email from Citi For External Customers and Business Partners Citi Secure Email Program Receiving Secure Email from Citi For External Customers and Business Partners Protecting the privacy and security of client information is a top priority at Citi. Citi s Secure

More information

Signing and Encryption with GnuPG

Signing and Encryption with GnuPG Signing and Encryption with GnuPG Steve Revilak Cryptoparty @ Northeastern Law School Feb. 9, 2014 1 / 22 What is GnuPG? GnuPG is a free software implementation of the OpenPGP standard. PGP stands for

More information

Secured Mail through PGP Mail Gateway

Secured Mail through PGP Mail Gateway Secured Mail through PGP Mail Gateway L. S. Haturusinha, Y. Y. Landersz, A. U. H. Gamage, P. N. Pathiranage, G. T. D. Rodrigo, and M. P. A. W. Gamage Abstract PGP Mail Gateway is a backend server which

More information

7! Cryptographic Techniques! A Brief Introduction

7! Cryptographic Techniques! A Brief Introduction 7! Cryptographic Techniques! A Brief Introduction 7.1! Introduction to Cryptography! 7.2! Symmetric Encryption! 7.3! Asymmetric (Public-Key) Encryption! 7.4! Digital Signatures! 7.5! Public Key Infrastructures

More information

Taxonomy of E-Mail Security Protocol

Taxonomy of E-Mail Security Protocol Taxonomy of E-Mail Security Protocol Ankur Dumka, Ravi Tomar, J.C.Patni, Abhineet Anand Assistant Professor, Centre for information Technology, University of Petroleum and Energy Studies,Dehradun, India

More information

1.2 Using the GPG Gen key Command

1.2 Using the GPG Gen key Command Creating Your Personal Key Pair GPG uses public key cryptography for encrypting and signing messages. Public key cryptography involves your public key which is distributed to the public and is used to

More information

S/MIME Compatibility. Assessing the compatibility and best practices of using S/MIME encryption GLOBALSIGN WHITE PAPER. www.globalsign.

S/MIME Compatibility. Assessing the compatibility and best practices of using S/MIME encryption GLOBALSIGN WHITE PAPER. www.globalsign. S/MIME Compatibility Assessing the compatibility and best practices of using S/MIME encryption GLOBALSIGN WHITE PAPER Ben Lightowler, Security Analyst GMO GlobalSign Ltd Contents Introduction...3 Why S/MIME

More information

Aloaha Sign! (English Version)

Aloaha Sign! (English Version) Aloaha Sign! (English Version) Aloaha Sign! (English Version) All rights reserved. No parts of this work may be reproduced in any form or by any means - graphic, electronic, or mechanical, including photocopying,

More information

How encryption works to provide confidentiality. How hashing works to provide integrity. How digital signatures work to provide authenticity and

How encryption works to provide confidentiality. How hashing works to provide integrity. How digital signatures work to provide authenticity and How encryption works to provide confidentiality. How hashing works to provide integrity. How digital signatures work to provide authenticity and non-repudiation. How to obtain a digital certificate. Installing

More information

Ubuntu Open PGP IMPLEMENTATION. Dr. ENİS KARAARSLAN 2014

Ubuntu Open PGP IMPLEMENTATION. Dr. ENİS KARAARSLAN 2014 Ubuntu Open PGP IMPLEMENTATION Dr. ENİS KARAARSLAN 2014 Enter your personal information, select your key encryption type, key strength, and when you want your key to expire. Your name and email address

More information

On-Core Software, LLC. 893 Sycamore Ave. Tinton Falls, NJ 07724 United States of America

On-Core Software, LLC. 893 Sycamore Ave. Tinton Falls, NJ 07724 United States of America On-Core Software, LLC. 893 Sycamore Ave. Tinton Falls, NJ 07724 United States of America Website: http://www.on-core.com Technical Support: support@on-core.com Information: info@on-core.com Phone: (732)

More information

CIPHERMAIL EMAIL ENCRYPTION. CipherMail white paper

CIPHERMAIL EMAIL ENCRYPTION. CipherMail white paper CIPHERMAIL EMAIL ENCRYPTION CipherMail white paper Copyright 2009-2014, ciphermail.com. Introduction Most email is sent as plain text. This means that anyone who can intercept email messages, either in

More information

E-Mail Security: PGP (Pretty Good Privacy) & PEM (Privacy-Enhanced Mail)

E-Mail Security: PGP (Pretty Good Privacy) & PEM (Privacy-Enhanced Mail) Dept. of Information & Communication Systems E-Mail Security: PGP (Pretty Good Privacy) & PEM (Privacy-Enhanced Mail) Konstantinos Raptis Supervisor: Sokratis Katsikas Samos, September 99 Table of Contents:

More information

INTRODUCTION to CRYPTOGRAPHY & CRYPTOGRAPHIC SERVICES on Z/OS BOSTON UNIVERSITY SECURITY CAMP MARCH 14, 2003

INTRODUCTION to CRYPTOGRAPHY & CRYPTOGRAPHIC SERVICES on Z/OS BOSTON UNIVERSITY SECURITY CAMP MARCH 14, 2003 INTRODUCTION to CRYPTOGRAPHY & CRYPTOGRAPHIC SERVICES on Z/OS BOSTON UNIVERSITY SECURITY CAMP MARCH 14, 2003 History of Cryptography The concept of securing messages through cryptography has a long history.

More information

Biography of Trainer. Education. Experience. Summary. TLS/SSL : Securing your website PGP : Secure your email communication. Topic

Biography of Trainer. Education. Experience. Summary. TLS/SSL : Securing your website PGP : Secure your email communication. Topic Topic Name of the Trainer/Speaker Professional Position and Name of Organization Email TLS/SSL : Securing your website PGP : Secure your email communication Mohammad Fakrul Alam CTO bdhub Limited fakrul@bdhub.com

More information

CRYPTOG NETWORK SECURITY

CRYPTOG NETWORK SECURITY CRYPTOG NETWORK SECURITY PRINCIPLES AND PRACTICES FOURTH EDITION William Stallings Prentice Hall Upper Saddle River, NJ 07458 'jkfetmhki^^rij^jibwfcmf «MMr""'-^.;

More information

Email: The Electronic Postcard. By Daniel Herren

Email: The Electronic Postcard. By Daniel Herren Email: The Electronic Postcard By Daniel Herren 1 Table of Contents 1.0 Introduction.page 3 2.0 Internet Overview...page 3,4 3.0 Email vulnerabilities...page 5-7 3.1 Privacy..page 5 3.2 Authentication.page

More information

Secure Socket Layer. Carlo U. Nicola, SGI FHNW With extracts from publications of : William Stallings.

Secure Socket Layer. Carlo U. Nicola, SGI FHNW With extracts from publications of : William Stallings. Secure Socket Layer Carlo U. Nicola, SGI FHNW With extracts from publications of : William Stallings. Abstraction: Crypto building blocks NS HS13 2 Abstraction: The secure channel 1., run a key-exchange

More information

Computer Networks 1 (Mạng Máy Tính 1) Lectured by: Dr. Phạm Trần Vũ MEng. Nguyễn CaoĐạt

Computer Networks 1 (Mạng Máy Tính 1) Lectured by: Dr. Phạm Trần Vũ MEng. Nguyễn CaoĐạt Computer Networks 1 (Mạng Máy Tính 1) Lectured by: Dr. Phạm Trần Vũ MEng. Nguyễn CaoĐạt 1 Lecture 11: Network Security Reference: Chapter 8 - Computer Networks, Andrew S. Tanenbaum, 4th Edition, Prentice

More information

Introduction to Network Security. 1. Introduction. And People Eager to Take Advantage of the Vulnerabilities

Introduction to Network Security. 1. Introduction. And People Eager to Take Advantage of the Vulnerabilities TÜBİTAK Ulusal Elektronik ve Kriptoloji Araştırma Enstitüsü Introduction to Network Security (Revisit an Historical 12 year old Presentation) Prof. Dr. Halûk Gümüşkaya Why Security? Three primary reasons

More information

Secure Shell SSH provides support for secure remote login, secure file transfer, and secure TCP/IP and X11 forwarding. It can automatically encrypt,

Secure Shell SSH provides support for secure remote login, secure file transfer, and secure TCP/IP and X11 forwarding. It can automatically encrypt, Secure Shell SSH provides support for secure remote login, secure file transfer, and secure TCP/IP and X11 forwarding. It can automatically encrypt, authenticate, and compress transmitted data. The main

More information

Transport Level Security

Transport Level Security Transport Level Security Overview Raj Jain Washington University in Saint Louis Saint Louis, MO 63130 Jain@cse.wustl.edu Audio/Video recordings of this lecture are available at: http://www.cse.wustl.edu/~jain/cse571-14/

More information

Computer Security: Principles and Practice

Computer Security: Principles and Practice Computer Security: Principles and Practice Chapter 20 Public-Key Cryptography and Message Authentication First Edition by William Stallings and Lawrie Brown Lecture slides by Lawrie Brown Public-Key Cryptography

More information

PKI: Public Key Infrastructure

PKI: Public Key Infrastructure PKI: Public Key Infrastructure What is it, and why should I care? Conference on Higher Education Computing in Kansas June 3, 2004 Wes Hubert Information Services The University of Kansas Why? PKI adoption

More information

CRYPTOGRAPHY AND NETWORK SECURITY

CRYPTOGRAPHY AND NETWORK SECURITY CRYPTOGRAPHY AND NETWORK SECURITY PRINCIPLES AND PRACTICE SIXTH EDITION William Stallings International Edition contributions by Mohit P Tahiliani NITK Surathkal PEARSON Boston Columbus Indianapolis New

More information

Encrypting your Email Communications using PGP

Encrypting your Email Communications using PGP Encrypting your Email Communications using PGP If you are watching this tutorial as part of the conference materials, the software is on a separate CD. Alternately, you can obtain the software at the following

More information

USING ENCRYPTION TO PROTECT SENSITIVE INFORMATION Commonwealth Office of Technology Security Month Seminars October 29, 2013

USING ENCRYPTION TO PROTECT SENSITIVE INFORMATION Commonwealth Office of Technology Security Month Seminars October 29, 2013 USING ENCRYPTION TO PROTECT SENSITIVE INFORMATION Commonwealth Office of Technology Security Month Seminars Alternate Title? Boy, am I surprised. The Entrust guy who has mentioned PKI during every Security

More information

ECE-8843 Prof. John A. Copeland 404 894-5177 fax 404 894-0035

ECE-8843  Prof. John A. Copeland 404 894-5177 fax 404 894-0035 ECE-8843 http://www.csc.gatech.edu/copeland/jac/8813-03/ Prof. John A. Copeland john.copeland@ece.gatech.edu 404 894-5177 fax 404 894-0035 Office: GCATT Bldg 579 email or call for office visit, or call

More information

Understanding Digital Certificates on z/os Vanguard Las Vegas, NV Session AST3 June 26th 2012

Understanding Digital Certificates on z/os Vanguard Las Vegas, NV Session AST3 June 26th 2012 Understanding Digital Certificates on z/os Vanguard Las Vegas, NV Session AST3 June 26th 2012 Wai Choi, CISSP IBM Corporation RACF/PKI Development & Design Poughkeepsie, NY e-mail: wchoi@us.ibm.com 1 Trademarks

More information

Cryptography and Network Security Chapter 12

Cryptography and Network Security Chapter 12 Cryptography and Network Security Chapter 12 Fifth Edition by William Stallings Lecture slides by Lawrie Brown (with edits by RHB) Chapter 12 Message Authentication Codes At cats' green on the Sunday he

More information

CS 348: Computer Networks. - Security; 30 th - 31 st Oct 2012. Instructor: Sridhar Iyer IIT Bombay

CS 348: Computer Networks. - Security; 30 th - 31 st Oct 2012. Instructor: Sridhar Iyer IIT Bombay CS 348: Computer Networks - Security; 30 th - 31 st Oct 2012 Instructor: Sridhar Iyer IIT Bombay Network security Security Plan (RFC 2196) Identify assets Determine threats Perform risk analysis Implement

More information