1 2 Prof. Sead Matei Ciobanu Morogan Abdul Ghafoor Abbasi Lecture 10: Secure E-mailE Lecture 10 : Secure E mail E Subjects / opics : 1. Secure E mail E systems 2. Secure, rusted, Authorized and eliable E E Mail System 3. Secure applications based on secure E maile 3 4 Standard E-mail E system Lecture 10 : Secure E mail E Subjects / opics : 1. Secure E mail E systems 2. Secure, rusted, Authorized and eliable E E Mail System 3. Secure applications based on secure E maile Components of E-mail system are Mail Servers and User Agents (UA) 5 Internet E-mail E 6 FC 822 E-mail E format With a standard E-mail system a user creates an E-mail E letter at his/her workstation using UA Header B o d y o: sead@ dsv.su.se Dear Sead: Page 1 1
From: sead @ dsv.su.se o: APAEL @ ccvax.ucd.ie Date: 7-July-1993 Dear Ahmed: From: sead @ dsv.su.se o: APAEL @ ccvax.ucd.ie Date: 7-July-1993 Dear Ahmed: From: sead @ dsv.su.se o: APAEL @ ccvax.ucd.ie Date: 7-July-1993 Dear Ahmed: From: sead @ dsv.su.se o: APAEL @ ccvax.ucd.ie Date: 7-July-1993 Dear Ahmed: 7 ransmission - SMP (FC 821) 8 Internet E-mail E potential problems his implies the following problems: he of the letter may be read by anybody he correct contents of the received letter cannot be guaranteed he sender cannot be authenticated and verified he sender is not certain that the letter will be read only by the intended receiver he sender may repudiate sending the letter or its contents E-mail letters are transmitted in clear and during transmission stored at sending and receiving Mail Server 9 Secure Email - PEM 10 PEM principles Header B o d y Confidentiality Integrity (MIC) Sender s s Auth eceiver s s Auth Non-repudiation Header B o d y All security services and parameters are applied to the body of the letter 11 Format of PEM letter 12 ypes of PEM letters PEM header PEM letter he body of the PEM letter is divided in two parts: PEM header and PEM letter MIC - CLEA o: sead@ dsv.su.se Dear Sead: How are you? MIC - ONLY asdfegtylh uhgfdestgpl and ENCYPED o: sead@ dsv.su.se Page 2 2
13 MIC clear PEM letter 14 MIC only PEM letter Implements Data Integrity, Sender s s Authenticity and Non epudiation (letter contents guarantied) MIC - CLEA MIC - ONLY and ENCYPED Implements Data Integrity, Sender s s Authenticity and Non epudiation (letter contents guarantied) MIC - CLEA MIC - ONLY and ENCYPED o: sead@ dsv.su.se Dear John: How are you? asdfegtylh uhgfdestgpl Dear Sead: How are you? asdfegtylh uhgfdestgpl 15 ENCYPED PEM letter 16 Creating PEM letter Implements Data Integrity, Data Confidentiality, Sender s Authenticity, eceiver s s Authenticity and Non epudiation MIC - CLEA MIC - ONLY and ENCYPED Local Form Canonical Form April-1997 April-1997 April-1997 Cryptographic Processing Dear Sead: How are you? asdfegtylh uhgfdestgpl Base64 Encoding 17 Canonical form of a PEM letter 18 Cryptographic processing For MIC-ONLY and MIC-CLEA CLEA type of letters: ASCII character set <C><LF> line delimiters Calculate MIC (MD2 or MD5) on Canonical Form Sign MIC using Sender s s secret key Page 3 3
19 Cryptographic processing 20 Printable encoding For ENCYPED type of letters: Only for MIC-ONLY and ENCYPED type of letters. Calculate MIC over Canonical Form Sign MIC using Sender s s secret key Generate random Data Encryption Key - DEK Encrypt the Canonical Form using DEK Encrypt MIC using DEK Protect DEK with eceiver s s public key Base64 coding: Coding to 6 bits per printable character Input 24 bits from 3 bytes are transformed to 24 bits in 4 bytes Output line length - 64 printable characters 21 PEM header FC 1421 22 Example of PEM letter Proc-ype: Content-Domain: DEK-Info: ENCYPED MIC-ONLY MIC-CLEA CL FC822 <algorithm id.>, <mode>, <parameters> Originator-ID ID-Asymmetric: Originator-Certificate: Issuer-Certificate: MIC-Info: Info: Id. of Sender and of Sender s key Sender s certificate Issuer s certificate <MIC alg. id.>, <signing alg. id.>, <protected MIC> ecipient-id ID-Asymmetric: Key-Info: Id. of eceiver and eceiver s key <protected DEK>, <protecting alg. id.> -----BEGIN PIVACY-ENHANCED MESSAGE----- Proc-ype:4,CL CL: MIHeMIGJMA0GCSqGSIb3DQEBAgUAMEgxjAJBgNVBAYAlNFMAsGA1UEChMEQ09 VDAsBgNVBAsJUxvdyBBc3N1cmFuY2UgQ2VydGlmaWNhdGlvbiBBdXob3JpdHkX Czk1MDMwMjA5MDJaFws5NA0MDIwOAyWjASMBACAQAXCzk1MDMwMjA4Mzha8yAw DQYJKoZIhvcNAQECBQADQQAolGV3ahJWeOSL7bFhOl9BIOmhiqtnIAIHjoInFdM1 NM6PjFZMdcE11nOFf8nnh24obKYm/q2y5ZMV8MKdF78B Originator-Certificate: MIIBgjCCASwCBQEXVNaqMA0GCSqGSIb3DQEBAgUAMFIxUDAJBgNVBAYAnVzMBcG A1UEChMQSW50ZXJuZXQgU29jaWV0eAqBgNVBAsI0ludGVybmV0IFBDQSBSZWdp c3yyxpb24gqxv0ag9yax5mboxczk1mdmwmja5mdjafws5njazmdiwoaywjbi MUYwCQYDVQQGEwJALBgNVBAoBENPU1QwLAYDVQQLEyVMb3cgQXNzdXJhbmNl IENlcnpZmljYXpb24gQXV0aG9yaX5MFowDQYJKoZIhvcNAQEBBQADSQAwgJB ALk7mQW6uHi9Buyhqk1rXpbWefB6eBlUuNZLrsV99puwroNeAt7udJnKfADY YSqzfGZi8cQBIjrZOcS+tZ0CAQMwDQYJKoZIhvcNAQECBQADQQAdwL4/0j829o +YGFDZq114hjKIOvrvJwj0eSiECk/JYMPPg7+/1Namu8lkV4/IjjDQhIDmZCeP steg28c9 -----END PIVACY-ENHANCED MESSAGE----- 23 Secure Email - Pretty Good Privacy (PGP) 24 Pretty Good Privacy (PGP) Plain uncertified document Digital signature added (MD5/SA) Document with signature compressed Session key used to encrypt file (IDEA) Session key used to decrypt file to compressed format File uncompressed and signature verified Page 4 4
25 PGP rust model 26 Secure Email - S/MIME YOU Features : - Based on PKCS #7 security services - Combination of MIME messages and PKCS objects A B C D E - Suitable for binary data (multimedia) F G H I? - Includes message formatting and certificate handling - International standard (interoperability) - Available with major browsers and mailers 27 S/MIME general format 28 S/MIME format example Content-ype: multipart/mixed; boundary=bar --bar Content-ype: /plain; charset=iso-8859-1 Content-ransfer-Encoding: quoted-printable Standard header PKCS-7 object PKCS-7 object A1Hola Michael! How do you like the new S/MIME standard? I agree. It's generally a good idea to encode lines that begin with From=20because some mail transport agents will insert a greaterthan (>) sign, thus invalidating the signature. Also, in some cases it might be desirable to encode any =20 trailing whitespace that occurs on lines in order to ensure =20 that the message signature is not invalidated when passing =20 a gateway that modifies such whitespace (like BINE). =20 --bar Content-ype: application/wally-wiggle iqcvawubmjrf2n9owbghpdjaqe9uqqatl7luvndbjrk4eqybib3h5qxix/lc// jjv5bnvkzigpicemi5ifd9boegvpirhtieeqlqkynobactfbzmh9gc3c041wgq umbrbxc+nis1ikla08rvi9ig/2yh7lfrk5ein57u/w72vgsxlhe/zhdfol9brn HOxEa44b+EI= =ndaj --bar-- 29 S/MIME file extensions 30 S/MIME signed message S/MIME ype application/pkcs7-mime (signeddata, envelopeddata) File Extension.p7m Content-type: application/mime; content-type="multipart/signed"; protocol="application/pkcs7-signature"; micalg=rsa-md5; name=smime.aps Content-disposition: attachment; filename=smime.aps Content-ype: multipart/signed; protocol="application/pkcs7-signature"; micalg=rsa-md5; boundary=boundary42 application/pkcs7-mime.p7c (degenerate signeddata "certs-only" message) application/pkcs7-signature.p7s application/pkcs10.p10 --boundary42 Content-ype: /plain his is a very short clear-signed message. However, at least you can read it! --boundary42 Content-ype: application/pkcs7-signature Content-ransfer-Encoding: base64 ghyhhhuujhjhjh77n8hhgrfvbnj756tbb9hg4vqpfyf467ghigfhfy6 4VQpfyF467GhIGfHfY6jH77n8HHGghyHhHUujhJh756tbB9HGrfvbnj n8hhgrfvhjhjh776tbb9hg4vqbnj7567ghigfhfy6ghyhhhuujpfyf4 7GhIGfHfY64VQbnj756 --boundary42-- Page 5 5
31 32 Problems in Current Email Lecture 10 : Secure E mail E Subjects / opics : 1. Secure E mail E systems 2. Secure, rusted, Authorized and eliable E E Mail System 3. Secure applications based on secure E maile Problems : Weak Authentication Protection of mail boxes and email letters on email server from SPAM email Unauthorized email (SPAM) Contents of address book Email confirmation E mail is main source for distribution of malicious and dangerous content 33 equirements for Secure Email 34 Layers: Secure Email equirements: Secure E-Mail Infrastructure Efficient Handling of attachments Current status of email letter (Confirmations) Handling of certificates Integration with smart cards Sending and receiving authorization Cross domain bilateral or multilateral arrangements Credential Server Secure E-Mail Server Secure E-Mail Client 35 Layer-1: Secure E-Mail E Client 36 Layer 2: Secure E Mail E Servers Standard Mailing Functions Handling of Certificates Standard Security Services Secure Address Book Confirmations Strong Authentication With SEM Server Handling of Attachments Management of Authorizarion Handling of Certificates Handling of Address Book Encryption Keys Confirmations Strong Authentication Handling of Attachments Management and Enforcement of Authorizations Page 6 6
37 Layer 3: Credentials Servers 38 Layer 4: PKI and SMI Servers Issuing PKI Server SAML Policy Server PKI Servers SMI Servers Federation Validation 39 Secure Email System: Design and Implementation 40 Graphical User Interface SMP/POP3 Standard Email Server A L I C S User I E Email user Interface O N E N S S Email Handler Strong Authentication Session management Message Handler Address book A N S P O E A N S P O E Strong Authentication Session management Message Handler Email Handler L A I S C User Interface E I N O Security E Server N S S Admin Address book Storage Symmetric Key SMIME Cert proto PKCS7 DistinguishedName Certificate Hash Storage Symmetric Key SMIME Cert proto PKCS7 DistinguishedName Certificate Hash Header SessionID Data(PKCS7) 41 Graphical User Interface 42 S/MIME Message: SignedAndEncrypted eturn-path: <aghafoor@130.237.158.247> Message-ID: <15206040.11225246288906.JavaMail.sead@sec-office> MIME-Version: 1.0 Delivered-o: aghafoor@130.237.158.247 eceived: from l884.dsv.su.se ([130.237.158.18]) by sec-office (JAMES SMP Server 2.3.1) with SMP ID 184 for <aghafoor@130.237.158.247>; ue, 28 Oct 2008 19:11:28-0700 (PD) Content-Disposition: attachment; filename="smime.p7m" Content-ype: application/x-pkcs7-mime; name="smime.p7m" Content-ransfer-Encoding: base64 From: aghafoor@130.237.158.247 o: aghafoor@130.237.158.247 Subject: Signed and encrypted message Date: ue, 28 Oct 2008 18:14:04 +0100 (CE) MIIoOwYJKoZIhvcNAQcDoIIoLDCCKCgCAQAxggE7MIIBNwIBADCBnzCBmELMAkGA1UEBhMCVVMx Page 7 7
43 S/MIME Message: Signed 44 MS Outlook Security Configuration eturn-path: <aghafoor@130.237.158.247> Delivered-o: agha@130.237.158.247 eceived: from l884.dsv.su.se ([130.237.158.18]) by sec-office (JAMES SMP Server 2.3.1) with SMP ID 175 for <agha@130.237.158.247>; ue, 28 Oct 2008 19:10:47-0700 (PD) Date: ue, 28 Oct 2008 18:13:23 +0100 (CE) From: aghafoor@130.237.158.247 o: agha@130.237.158.247 Message-ID: <31936094.11225214003474.JavaMail.aghafoor@L884> Subject: Signed message MIME-Version: 1.0 Content-ype: multipart/signed; protocol="application/x-pkcs7-signature"; micalg=sha1; boundary="------------dsvseclab-sem-agent384282" Content-ransfer-Encoding: 7bit his is a cryptographically signed message in MIME format. --------------dsv-seclab-sem-agent384282 Content-ype: /plain; charset=iso-8859-1; format=flowed Content-ransfer-Encoding: 7bit his is a signed message from aghafoor to agha --------------dsv-seclab-sem-agent384282 MIME-Version: 1.0 Content-Disposition: attachment; filename="smime.p7m" Content-ype: application/x-pkcs7-mime; name="smime.p7m" Content-ransfer-Encoding: base64 MIIbcwYJKoZIhvcNAQcCoIIbZDCCG2ACAQExCzAJBgUrDgMCGgUAMEEGCSqGSIb3 45 46 Mozilla hunderbird Security Configuration Lecture 10 : Secure E mail E Subjects / opics : 1. Secure E mail E systems 2. Secure, rusted, Authorized and eliable E E Mail System 3. Secure applications based on secure E maile 47 Business applications based on secure E mail E 48 Questions? Demonstration Page 8 8