Summary of PGP Services

Similar documents
Electronic Mail Security

Chapter 6 Electronic Mail Security

Electronic Mail Security. Security. is one of the most widely used and regarded network services currently message contents are not secure

Cryptography and Network Security Chapter 15

Network Security Essentials Chapter 7

Cryptography and Network Security

PGP - Pretty Good Privacy

PGP from: Cryptography and Network Security

Cryptography and Security

Network Security - Secure upper layer protocols - Background. Security. Question from last lecture: What s a birthday attack? Dr.

CS 393 Network Security. Nasir Memon Polytechnic University Module 11 Secure

CS 356 Lecture 27 Internet Security Protocols. Spring 2013

SubmitedBy: Name Reg No Address. Mirza Kashif Abrar T079 kasmir07 (at) student.hh.se

Elements of Security

Electronic mail security. MHS (Message Handling System)

Prof. Sead Muftic Feng Zhang. Lecture 10: Secure Systems

Lecture 10: 1. Secure E mail E systems. Systems. Page 1

NETWORK SECURITY. Farooq Ashraf. Department of Computer Engineering King Fahd University of Petroleum and Minerals Dhahran 31261, Saudi Arabia

The University of Saskatchewan Department of Computer Science. Technical Report #

Authentication applications Kerberos X.509 Authentication services E mail security IP security Web security

HIPAA: Briefing for Healthcare IT Security Personnel. Market Overview: HIPAA: Privacy Security and Electronic Transaction Standards

Electronic Mail

IT Networks & Security CERT Luncheon Series: Cryptography

Secure Shell SSH provides support for secure remote login, secure file transfer, and secure TCP/IP and X11 forwarding. It can automatically encrypt,

Chapter 11 Security+ Guide to Network Security Fundamentals, Third Edition Basic Cryptography

How encryption works to provide confidentiality. How hashing works to provide integrity. How digital signatures work to provide authenticity and

CS549: Cryptography and Network Security

Computer Security: Principles and Practice

Chapter 10. Network Security

SIP Security. ENUM-Tag am 28. September in Frankfurt. Prof. Dr. Andreas Steffen. Agenda.

Overview of CSS SSL. SSL Cryptography Overview CHAPTER

4.1: Securing Applications Remote Login: Secure Shell (SSH) PEM/PGP. Chapter 5: Security Concepts for Networks

Taxonomy of Security Protocol

Chapter 8. Network Security

Encryption, Data Integrity, Digital Certificates, and SSL. Developed by. Jerry Scott. SSL Primer-1-1

Introduction to Security and PIX Firewall

Electronic Mail Security

Safeguarding Data Using Encryption. Matthew Scholl & Andrew Regenscheid Computer Security Division, ITL, NIST

An Introduction to Cryptography as Applied to the Smart Grid

Announcement. Final exam: Wed, June 9, 9:30-11:18 Scope: materials after RSA (but you need to know RSA) Open books, open notes. Calculators allowed.

Introduction...3 Terms in this Document...3 Conditions for Secure Operation...3 Requirements...3 Key Generation Requirements...

A Standards-based Approach to IP Protection for HDLs

Communication Systems SSL

Implementation and Comparison of Various Digital Signature Algorithms. -Nazia Sarang Boise State University

A Noval Approach for S/MIME

Category: Standards Track June 1999

Deep-Secure Mail Guard Feature Guide

Federal S/MIME V3 Client Profile

Global Telehealth Conference 2012

Efficient Framework for Deploying Information in Cloud Virtual Datacenters with Cryptography Algorithms

Forging Digital Signatures

mod_ssl Cryptographic Techniques

Symmetric Mechanisms for Authentication in IDRP

Unifying Information Security. Implementing Encryption on the CLEARSWIFT SECURE Gateway

AD Image Encryption. Format Version 1.2

CS z/os Application Enhancements: Introduction to Advanced Encryption Standards (AES)

Managing and Securing Computer Networks. Guy Leduc. Chapter 3: Securing applications. Chapter goals: security in practice:

Balamaruthu Mani. Supervisor: Professor Barak A. Pearlmutter

Lecture 20: PGP, IPSec, SSL/TLS, and Tor Protocols. Lecture Notes on Computer and Network Security. by Avi Kak

Secure Socket Layer. Carlo U. Nicola, SGI FHNW With extracts from publications of : William Stallings.

1.2 Using the GPG Gen key Command

Standards and Products. Computer Security. Kerberos. Kerberos

Savitribai Phule Pune University

ELECTRONIC COMMERCE OBJECTIVE QUESTIONS

How To Encrypt With An Certificate On An From A Gmail Account On A Pc Or Mac Or Ipa (For A Pc) On A Microsoft Gmail (For An Ipa) Or Ipad (For Mac) On

A Novel Approach For Intranet Mailing For Providing. User Authentication

Security. Contents. S Wireless Personal, Local, Metropolitan, and Wide Area Networks 1

Overview of Cryptographic Tools for Data Security. Murat Kantarcioglu

AC76/AT76 CRYPTOGRAPHY & NETWORK SECURITY DEC 2014

NOORUL ISLAM COLLEGE OF ENGINEERING,KUMARACOIL. ME COMPUTER SCIENCE AND ENGG CS1629 -NETWORK SECURITY

Computer System Management: Hosting Servers, Miscellaneous

A Mechanism for VHDL Source Protection

Communication Security for Applications

Communication Systems 16 th lecture. Chair of Communication Systems Department of Applied Sciences University of Freiburg 2009

Introduction to Network Security. 1. Introduction. And People Eager to Take Advantage of the Vulnerabilities

NXP & Security Innovation Encryption for ARM MCUs

Accellion Secure File Transfer Cryptographic Module Security Policy Document Version 1.0. Accellion, Inc.

encoding compression encryption

Installing your Digital Certificate & Using on MS Out Look 2007.

7 Network Security. 7.1 Introduction 7.2 Improving the Security 7.3 Internet Security Framework. 7.5 Absolute Security?

ICTTEN8195B Evaluate and apply network security

Networking Applications

Is your data safe out there? -A white Paper on Online Security

Understanding the Cisco VPN Client

Project: Simulated Encrypted File System (SEFS)

Introduction to Computer Security

Chapter 7 Transport-Level Security

Package PKI. July 28, 2015

Alternate Representations of the Public Key Cryptography Standards (PKCS) Using S-Expressions, S-PKCS

Public Key Cryptography in Practice. c Eli Biham - May 3, Public Key Cryptography in Practice (13)

SMPTE Standards Transition Issues for NIST/FIPS Requirements v1.1

Connected from everywhere. Cryptelo completely protects your data. Data transmitted to the server. Data sharing (both files and directory structure)

Authentication requirement Authentication function MAC Hash function Security of

to hide away details from prying eyes. Pretty Good Privacy (PGP) utilizes many

How To Encrypt Data With Encryption

NISTIR 7676 Maintaining and Using Key History on Personal Identity Verification (PIV) Cards

Security Policy for Oracle Advanced Security Option Cryptographic Module

CRYPTOGRAPHY AND NETWORK SECURITY

Network Working Group. R. Levien University of California at Berkeley T. Roessler August 2001

DIGITAL SIGNATURE FOR EANCOM MESSAGES

Transcription:

Table 5.1 Summary of PGP Services Function Algorithms Used Description Digital signature Message encryption Compression Email compatibility DSS/SHA or RSA/SHA CAST or IDEA or Three-key Triple DES with Diffie-Hellman or RSA ZIP Radix 64 conversion A hash code of a message is created using SHA-1. This message digest is encrypted using DSS or RSA with the sender's private key and included with the message. A message is encrypted using CAST-128 or IDEA or 3DES with a one-time session key generated by the sender. The session key is encrypted using Diffie-Hellman or RSA with the recipient's public key and included with the message. A message may be compressed, for storage or transmission, using ZIP. To provide transparency for email applications, an encrypted message may be converted to an ASCII string using radix 64 conversion. Segmentation To accommodate maximum message size limitations, PGP performs segmentation and reassembly.

Table 5.4 MIME Transfer Encodings 7bit 8bit binary quoted-printable base64 x-token The data are all represented by short lines of ASCII s. The lines are short, but there may be non-ascii s (octets with the high-order bit set). Not only may non-ascii s be present but the lines are not necessarily short enough for SMTP transport. Encodes the data in such a way that if the data being encoded are mostly ASCII text, the encoded form of the data remains largely recognizable by humans. Encodes data by mapping 6-bit blocks of input to 8-bit blocks of output, all of which are printable ASCII s. A named nonstandard.

Table 5.5 Native and Canonical Form Native Form Canonical Form The body to be transmitted is created in the system's native format. The native set is used and, where appropriate, local end-of-line conventions are used as well. The body may be a UNIX-style text file, or a Sun raster image, or a VMS indexed file, or audio data in a system-dependent format stored only in memory, or anything else that corresponds to the local model for the representation of some form of information. Fundamentally, the data is created in the "native" form that corresponds to the type specified by the media type. The entire body, including "out-of-band" information such as record lengths and possibly file attribute information, is converted to a universal canonical form. The specific media type of the body as well as its associated attributes dictate the nature of the canonical form that is used. Conversion to the proper canonical form may involve set conversion, transformation of audio data, compression, or various other operations specific to the various media types. If set conversion is involved, however, care must be taken to understand the semantics of the media type, which may have strong implications for any set conversion (e.g. with regard to syntactically meaningful s in a text subtype other than "plain").

Table 5.6 Cryptographic Algorithms Used in S/MIME Function Create a message digest to be used in forming a digital signature. Encrypt message digest to form digital signature. Encrypt session key for transmission with message. Encrypt message for transmission with onetime session key. Create a message authentication code MUST support SHA-1. Requirement Receiver SHOULD support MD5 for backward compatibility. Sending and receiving agents MUST support DSS. Sending agents SHOULD support RSA encryption. Receiving agents SHOULD support verification of RSA signatures with key sizes 512 bits to 1024 bits. Sending and receiving agents SHOULD support Diffie-Hellman. Sending and receiving agents MUST support RSA encryption with key sizes 512 bits to 1024 bits. Sending and receiving agents MUST support encryption with tripledes Sending agents SHOULD support encryption with AES. Sending agents SHOULD support encryption with RC2/40. Receiving agents MUST support HMAC with SHA-1. Receiving agents SHOULD support HMAC with SHA-1.

Table 5.7 S/MIME Content Types Type Subtype smime Parameter Description Multipart Signed A clear-signed message in two parts: one is the message and the other is the signature. Application pkcs7-mime signeddata A signed S/MIME entity. pkcs7-mime envelopeddata An encrypted S/MIME entity. pkcs7-mime degenerate signeddata An entity containing only publickey certificates. pkcs7-mime CompressedData A compressed S/MIME entity pkcs7-signature signeddata The content type of the signature subpart of a multipart/signed message.

Table 5.9 Radix-64 Encoding 0 A 16 Q 32 g 48 w 1 B 17 R 33 h 49 x 2 C 18 S 34 i 50 y 3 D 19 T 35 j 51 z 4 E 20 U 36 k 52 0 5 F 21 V 37 l 53 1 6 G 22 W 38 m 54 2 7 H 23 X 39 n 55 3 8 I 24 Y 40 o 56 4 9 J 25 Z 41 p 57 5 10 K 26 a 42 q 58 6 11 L 27 b 43 r 59 7 12 M 28 c 44 s 60 8 13 N 29 d 45 t 61 9 14 O 30 e 46 u 62 + 15 P 31 f 47 v 63 / (pad) =

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information