to hide away details from prying eyes. Pretty Good Privacy (PGP) utilizes many



Similar documents
Electronic Mail Security. Security. is one of the most widely used and regarded network services currently message contents are not secure

Chapter 10. Network Security

Electronic Mail Security

Chapter 6 Electronic Mail Security

Network Security Essentials Chapter 7

A Noval Approach for S/MIME

PGP from: Cryptography and Network Security

Module 8. Network Security. Version 2 CSE IIT, Kharagpur

Overview Keys. Overview

CS 393 Network Security. Nasir Memon Polytechnic University Module 11 Secure

Pretty Good Privacy (PGP)

Network Security. Computer Networking Lecture 08. March 19, HKU SPACE Community College. HKU SPACE CC CN Lecture 08 1/23

Cryptography and Network Security Chapter 15

CS 356 Lecture 27 Internet Security Protocols. Spring 2013

The basic groups of components are described below. Fig X- 1 shows the relationship between components on a network.

Cryptosystems. Bob wants to send a message M to Alice. Symmetric ciphers: Bob and Alice both share a secret key, K.

Secure Frequently Asked Questions

An Introduction to Cryptography as Applied to the Smart Grid

Internet Programming. Security

Key Management. CSC 490 Special Topics Computer and Network Security. Dr. Xiao Qin. Auburn University

An Introduction to Secure . Presented by: Addam Schroll IT Security & Privacy Analyst

PGP (Pretty Good Privacy) INTRODUCTION ZHONG ZHAO

Chapter 11 Security+ Guide to Network Security Fundamentals, Third Edition Basic Cryptography

EXAM questions for the course TTM Information Security May Part 1

Signature Schemes. CSG 252 Fall Riccardo Pucella

Security. Friends and Enemies. Overview Plaintext Cryptography functions. Secret Key (DES) Symmetric Key

Message authentication and. digital signatures

DomainKeys Identified Mail DKIM authenticates senders, message content

Is your data safe out there? -A white Paper on Online Security

Cryptography and Security

ELECTRONIC COMMERCE OBJECTIVE QUESTIONS

Managing and Securing Computer Networks. Guy Leduc. Chapter 3: Securing applications. Chapter goals: security in practice:

Overview of CSS SSL. SSL Cryptography Overview CHAPTER

1.2 Using the GPG Gen key Command

Public Key Infrastructure (PKI)

CSE/EE 461 Lecture 23

An Introduction to Cryptography and Digital Signatures

PGP - Pretty Good Privacy

IT Networks & Security CERT Luncheon Series: Cryptography

DKIM Enabled Two Factor Authenticated Secure Mail Client

Information Security

HMRC Secure Electronic Transfer (SET)

Guidelines Related To Electronic Communication And Use Of Secure Central Information Management Unit Office of the Prime Minister

Cryptography and Network Security

Network Security. Security Attacks. Normal flow: Interruption: 孫 宏 民 Phone: 國 立 清 華 大 學 資 訊 工 程 系 資 訊 安 全 實 驗 室

Network Security. Abusayeed Saifullah. CS 5600 Computer Networks. These slides are adapted from Kurose and Ross 8-1

Public Key Cryptography in Practice. c Eli Biham - May 3, Public Key Cryptography in Practice (13)

Elements of Security

Understanding Digital Certificates and Wireless Transport Layer Security (WTLS)

Authentication applications Kerberos X.509 Authentication services E mail security IP security Web security

The Feasibility and Application of using a Zero-knowledge Protocol Authentication Systems

Connected from everywhere. Cryptelo completely protects your data. Data transmitted to the server. Data sharing (both files and directory structure)

MANAGED FILE TRANSFER: 10 STEPS TO SOX COMPLIANCE

MANAGED FILE TRANSFER: 10 STEPS TO PCI DSS COMPLIANCE

Savitribai Phule Pune University

Content Teaching Academy at James Madison University

SubmitedBy: Name Reg No Address. Mirza Kashif Abrar T079 kasmir07 (at) student.hh.se

Digital Signatures. Murat Kantarcioglu. Based on Prof. Li s Slides. Digital Signatures: The Problem

Introduction to Cryptography CS 355

Ciphire Mail. Abstract

Texas Medicaid & Healthcare Partnership (TMHP)

An Introduction to Digital Signature Schemes

The Case For Secure

Taxonomy of Security Protocol

Outline. Digital signature. Symmetric-key Cryptography. Caesar cipher. Cryptography basics Digital signature

mod_ssl Cryptographic Techniques

Introduction to Computer Security

Report to WIPO SCIT Plenary Trilateral Secure Virtual Private Network Primer. February 3, 1999

What is network security?

Encrypting with KMail, Mozilla Thunderbird, and Evolution LOCK AND KEY BY FRAUKE OSTER

DarkFS - An Encrypted File System

Pretty Good Privacy with GnuPG

Encrypting and signing

Why you need secure

Exam Papers Encryption Project PGP Universal Server Trial Progress Report

Network Security - Secure upper layer protocols - Background. Security. Question from last lecture: What s a birthday attack? Dr.

Controller of Certification Authorities of Mauritius

Unifying Information Security. Implementing Encryption on the CLEARSWIFT SECURE Gateway

CS 758: Cryptography / Network Security

Part 2 D(E(M, K),K ) E(M, K) E(M, K) Plaintext M. Plaintext M. Decrypt with private key. Encrypt with public key. Ciphertext

Internetwork Security

Guide for Securing With WISeKey CertifyID Personal Digital Certificate (Personal eid)

The What, Why, and How of Authentication

GPG - GNU Privacy Guard

Certificate Authorities and Public Keys. How they work and 10+ ways to hack them.

Balamaruthu Mani. Supervisor: Professor Barak A. Pearlmutter

How To Encrypt Data With Encryption

4.1: Securing Applications Remote Login: Secure Shell (SSH) PEM/PGP. Chapter 5: Security Concepts for Networks

Lecture 9 - Network Security TDTS (ht1)

Outline. Computer Science 418. Digital Signatures: Observations. Digital Signatures: Definition. Definition 1 (Digital signature) Digital Signatures

DKIM last chance for mail service? TFMC2 01/2006

Dashlane Security Whitepaper

Digital Signatures. (Note that authentication of sender is also achieved by MACs.) Scan your handwritten signature and append it to the document?

CSC474/574 - Information Systems Security: Homework1 Solutions Sketch

Authenticity of Public Keys

Signing and Encryption with GnuPG

Computer Networks. Network Security and Ethics. Week 14. College of Information Science and Engineering Ritsumeikan University

Transcription:

In the world of secure email, there are many options from which to choose from to hide away details from prying eyes. Pretty Good Privacy (PGP) utilizes many cryptographical concepts to achieve a supposedly unbreakable system. What makes PGP so secure though? There are few parts that go into creating PGP encryptions: public/private key pairs, one-way hash functions, and a trust system called web of trust. Similarly, Secure/Multipurpose Internet Mail Extensions (S/MIME) is another form of encryption commonly used throughout the world. S/MIME utilizes certificates in order to exchange information securely, with the goal being end-to-end security rather than total security. Lastly, one may choose to utilize a DomainKeys Identified Mail system to ensure non-repudiation, and to try and protect against spam/unwanted messages. First we look at PGP. In the tests that were run for this, GPGTools, software that is compliant with PGP standards and made specifically for integration with a Mac s Mail.app program. After installing said software, it prompts for an email and a size of key desired. The normal setting is at 2048 for key length, with a more secure option at 4096, and a less secure option of 1024. These settings change how strong the RSA encryption algorithm will have to work in order to produce the public/private key pairs, but do not affect the length of encrypted messages or anything else for that matter. What it does afterwards is upload the public key to a server where others can look your key up via the email you provided, and send you encrypted messages by encrypting with the public key. With PGP, you can send encrypted messages, encrypted messages that are signed, or just simply signed messages. From within Mail.app, the emails sent and received from

friends appear normal, but looking through an email web client, the emails appear as jumbled up alphanumeric characters (see last page for example message). The advantage to using PGP for security here is that even if you send the exact same message more than once, the encryption will come out different every time, as part of the encryption algorithm for PGP has a random key generator, which is then encrypted with the public key and sent along side the encrypted data being sent. Something unique about PGP is that the system does not use conventional certificate authorities to validate everyone is who they say they are. Instead, signatures play a huge role in identifying those that can or should not be trusted. If someone wanted to be added into someone else s key ring, and subsequently become a trusted person, a simple way of doing that is to prove your identity to a trusted person and have them sign your public key. This is basically saying that someone else vouches for your identity and that they trust you to not be harmful to the overall efforts of secrecy in a group. One question that could come up here though would be the reliability of signatures, and whether or not they can be forged or copied from one message to another to claim to be someone else. Thankfully though, signatures are impossible to forge without already knowing the private key because signing a message involves the private key and is verified by using the public key to decrypt, which is true in both PGP and S/MIME. Next up is S/MIME, a deceptively simpler way of encrypting messages. Under S/MIME, authentication, integrity, non-repudiation, and security are provided much like in PGP. Authentication is provided via the certificates that are essential to S/MIME, non-

repudiation and integrity via signatures, and security with encryption. The difference between S/MIME and PGP is that they use different encryption algorithms and hashes to achieve a similar goal. With S/MIME, one has to first acquire and install certificates for themselves and then for every other person that they wish to communicate with. These can either be temporary certificates that are usually free, or must be bought from a trusted certificate authority for durations of time. This introduces the idea of rogue certificate agencies though, as someone or some group could then try and clone certificates to gain access to otherwise secured emails. PGP circumvents this mostly via its web of trust, but here in S/MIME it is a serious issue. Thankfully, with S/MIME, it is easy to stop a certificate from working if it is compromised, as a legitimate certificate authority can shut down a rogue certificate via revocation. There are also two different kinds of certificates that one could obtain to be used with S/MIME: the first kind only ensuring non-repudiation where the sender can be identified, and the second where the sender s company name and more can be verified. Lastly there is DKIM, which is the simplest to understand, but also the easiest to break down from the research that was done. It encapsulates a message with a signature not by either of the sending or receiving parties, but by a third party that verifies the identity of the sender and the receiver. The lengths used for DKIM tend to be 512 bits, but again, the bigger the size, the more security it offers. In using this form of encryption, the message is given a signature by a signer, and then verified on the other side by a verifier which looks up and finds the senders public key. DKIM was first used in order to

combat spam messages in emails, as changing the from address field can be done with relative ease. Because of the growing capacity of computers, it is becoming more and more important to have bigger key sizes for encryption purposes. The most common minimum requirement for all of the protocols is 1024 bits. This is because at current computing speeds, it would take a relatively impractical amount of time to factor the key and use it to read the information. For most of the protocols, the normal option used keys of size 2048, and for the highly paranoid, keys of size 4096. Over all, the protocols discussed are simple to use with modern email clients. Although they might not necessarily be usable for web-clients, that sacrifice allows for another layer of security as the physical device which holds the certificates and public/private key pairs needs to be possessed to enable forgery or snooping.

-----BEGIN PGP MESSAGE----- Version: GnuPG/MacGPG2 v2.0.19 (Darwin) hqemay2+gd2ag+vcaqf/q8d84maoksllijz5kq1oc2fngiltdk66f2+iz23tkmts BE36wNWjYu/kfsxM/pzFidFbbAqzkuQES3qHPoxHeMvt2yx8hVpRUEzEm0JY6kvg XHcBA4IHQbXjK2CHw0SxkF2H+iy9OonwzC4sbSJurZYW1Kr+rh9gI/wo8KMlXK5u nldyg/r3iiuqyig/jkkmke0nilbtkkzrodqvaniwym1tpf4t7wvtls5vyxziobsa HPKnT0FeU5qgQ1fzWDDTmqUNvhUJtlXSPv5Qc/ULsOlCO91nx9EYc1bLyAKkx8R w asaf3ybilrficdj0xbknsn5oxjvy5aqd5imkvgpjdiubdammnb6dxk5nugeh/rfx whhxvau6mabnj3xuyh7w/umrwlbhviw4mz+xzlycd82luqagroiumbzooe2 GoR4O PnLVTVGQpL72qvjPgXxUoEF5bgDw/hf9RZ5/qAJ9osGQk2+o8WtOroLFjnVxCJlP ulcb1s4lpxd3h+guzjgxr1+jyrruaipm0f9qkcrmj7atyshtbvsysrovrs4z8rjz KdHCiWSsxalkT3FoaKwGESaE3d9Dv4ZjCQivI5xqx9qgvU4/B1v+fTLfK/BAwWL5 QsD1+ilVEDUmLSYBpxSWfjotUzt03/6e2m176cnZYb6UoYFMbPxTIEpCwOkUR5R7 ond0jfreh94fjsnz1glswaqb9kzhksk5f8vfvd8u8u8mqa96u3szqbbz/rih8bq7 kx0gb232/abjqtiwb20w9uqghvzzsnevcwkxextkg5pmvl+vwpidaqbpge55ma VH N2GsrurRgG/7C83uTxEsbxl3b1iif+J4ORcnZVSTb+fXi+CAse+1/OvFt8FN+NAI nwqxsrsocvzo39odqn4s3wmn7czrwn+ri213hrpk3nwjzvz0q5v0pxwhowm4gio A VyPaK8YGbLrxQb8MPROr5QJL4yzP =gg26 -----END PGP MESSAGE----- Which translates to: Dear Christian, This is a test of PGP encryption via GPG for mac, Chris

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information