Scribd
Upload
50 views

E-Mail Security "Pretty Good Privacy"

E-mail security is important but basic email offers little protection. PGP and S/MIME are technical solutions that provide encryption and authentication for emails, but they have not been widely adopted. There are several reasons for this, including that users don't think encryption is necessary, find the tools difficult to use, or are concerned their correspondents would not understand encrypted messages. PGP in particular provides open-source email encryption through public-key cryptography and has been available for over 15 years but remains underutilized despite being freely available.

Uploaded by

Candace Lee
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPT, PDF, TXT or read online on Scribd
50 views

E-Mail Security "Pretty Good Privacy"

E-mail security is important but basic email offers little protection. PGP and S/MIME are technical solutions that provide encryption and authentication for emails, but they have not been widely adopted. There are several reasons for this, including that users don't think encryption is necessary, find the tools difficult to use, or are concerned their correspondents would not understand encrypted messages. PGP in particular provides open-source email encryption through public-key cryptography and has been available for over 15 years but remains underutilized despite being freely available.

Uploaded by

Candace Lee
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPT, PDF, TXT or read online on Scribd
You are on page 1/ 36

E-mail security

“Pretty Good Privacy”


Why Study E-mail Security?
• After web browsing, e-mail is the most
widely used network-reliant application.
• Mail servers, after web servers, are the
most often attacked Internet hosts.
• Basic e-mail offers little security, counter
to public perception.
• Good technical solutions are available,
but not widely used.
• If we understand why this is so, we might understand
something about why security is ‘hard’.
Threats to E-mail

• Loss of confidentiality.
• E-mails are sent in clear over open networks.
• E-mails stored on potentially insecure clients and
mail servers.
• Loss of integrity.
• No integrity protection on e-mails; anybody be
altered in transit or on mail server.
Threats to E-mail

• Lack of data origin authentication.


• Is this e-mail really from the person named in the
From:field?
• Lack of non-repudiation.
• Can I rely and act on the content? (integrity)
• If so, can the sender later deny having sent it? Who
is liable if I have acted?
Threats to E-mail

• Lack of notification of receipt.


• Has the intended recipient received my e-mail and
acted on it?
• A message locally marked as ‘sent’ may not have
been delivered.
E-mail security

• What are the Options?


• Secure the server to client connections (easy thing
first)
• https access to webmail
• Protection against insecure wireless access
• Secure the end-to-end email delivery
• The PGPs of the world
• Practical in an enterprise intra-network environment
E-mail security

• Email based Attacks


• Active content attack
• Clean up at the server
• Buffer over-flow attack
• Fix the code
• Trojan Horse Attack
• Web bugs (for tracking)
• Mangle the image at the mail server
E-mail security
• Software for encrypting email messages has
been widely available for more than 15
years, but the email-using public has failed
to adopt secure messaging. This failure can
be explained through a combination of:
• technical,
• community,
• and usability factors
E-mail security

• Why Don’t People Use Email Security?


• I don’t because I don’t care.
• I doubt any of my usual recipients
would understand
• the significance of the signature.
• Never had the need to send these kinds
of emails.
• I don’t think it’s necessary to encrypt
my email.
• it’s just another step & something else I
don’t have time
E-mail security

• Secure E-mail Standards and Products


• Other now defunct standards: PEM (privacy
enhanced mail), X.400. S/MIME.
• We focus on PGP
S/MIME
(Secure/Multipurpose Internet Mail Extension)
• Originated from RSA Data Security Inc. in
1995.
• Further development by IETF S/MIME
working group at:
www.ietf.org/html.charters/smime-
charter.html.
• Version 3 specified in RFCs2630-2634.
• Allows flexible client-client security
through encryption and signatures.
• Widely supported, e.g. in Microsoft
Outlook, Netscape Messenger, Lotus Notes.
PGP
(Pretty Good Privacy)

• Freeware: Open PGP and variants:


• www.openpgp.org, www.gnupg.org
• Open PGP specified in RFC 2440 and defined by
IETF Open PGP working group.
• www.ietf.org/html.charters/openpgp-
charter.html
• Available as plug-in for popular e-mail clients,
can also be used as stand-alone software.
PGP
(Pretty Good Privacy)

• “If all the personal computers in the world—


260 million—were put to work on a single PGP
encrypted message, it would still take an
estimated 12 million times the age of the
universe, on average, to break a single
message.”
PGP
(Pretty Good Privacy)
• PGP is an e-mail security program written by
Phil Zimmermann, based on the IDEA algorithm
for encryption of plaintext and uses the RSA
Public Key algorithm for encryption of the
private key.
• PGP incorporates tools for developing a public-
key trust model and public-key certificate
management.
PGP
(Pretty Good Privacy)

• PGP is an open-source freely available


software package for e-mail security. It
provides authentication;
confidentiality; compression; e-mail
compatibility; and segmentation and
reassembly.
PGP Services

Digital DSS/SHA or A hash code of a message is


signature RSA/SHA created using SHA-1. This
message digest is encrypted
using DSS or RSA with the
sender's private key and
included with the message.
Message CAST or IDEA or A message is encrypted using
encryption Three-key Triple CAST-128 or IDEA or 3DES
DES with Diffie- with a one-time session key
Hellman or RSA generated by the sender. The
session key is encrypted using
Diffie-Hellman or RSA with the
recipient's public key and
included with the message.
PGP
(Pretty Good Privacy)
Compression ZIP A message may be
compressed, for storage or
transmission, using ZIP.
Email Radix 64 To provide transparency for
compatibility conversion email applications, an
encrypted message may be
converted to an ASCII string
using radix 64 conversion.
Segmentation To accommodate maximum
message size limitations,
PGP performs segmentation
and reassembly.
PGP
(Pretty Good Privacy)

• Fake PGP: Since it’s all open source, there


are fake versions of the famous software
floating about the net. Unless you’re sure
that your copy of the program is from a
trusted source, it wouldn’t be surprising to
realize one day that your pass phrase was
sent to an attacker via email the moment
you went online! Once he has your pass
phrase, he has your private key.
PGP
(Pretty Good Privacy)

• PGP Algorithms
• Symmetric encryption:
• DES, 3DES, AES and others.
• Public key encryption of session keys:
• RSA or ElGamal.
• Hashing:
• SHA-1, MD-5 and others.
• Signature:
• RSA, DSS, ECDSA and others.
PGP
(Pretty Good Privacy)

• PGP use:
• public keys for encrypting session keys
/ verifying signatures.
• private keys for decrypting session
keys / creating signatures.
PGP
Alice wants to send confidential e-mail, m, to Bob.

KS

m K (.)
S
KS(m ) KS(m )
KS( )
. m

+ Internet - KS

KS .+
K ()
B + +
-
KB( )
.
KB(KS ) KB(KS )
+ -
KB
KB
Alice:
 generates random symmetric private key, KS.
 encrypts message with KS (for efficiency)
 also encrypts KS with Bob’s public key.
 sends both KS(m) and KB(KS) to Bob.
PGP at the Sender site (A
Alice wants to send confidential e-mail, m, to Bob.
PGP
 Alice wants to send confidential e-mail, m, to Bob.
KS

m K (.)
S
KS(m ) KS(m )
KS( ) . m

+ Internet - KS

KS
+.
K ()
B + +
- .
KB ( )
KB(KS ) KB(KS )
+ -
KB
KB

Bob:
 uses his private key to decrypt and recover KS
 uses KS to decrypt KS(m) to recover m
PGP at the Receiver site (B)
 Alice wants to send confidential e-mail, m, to Bob.
PGP
• Alice wants to provide sender authentication
message integrity.

- KA
+
KA
- -
m .
H( )
-.
K ()
A
KA(H(m)) KA(H(m)) + .
KA ( )
H(m )

+ Internet - compare

m H( ). H(m )
m

• Alice digitally signs message.


• sends both message (in the clear) and digital signature.
PGP
(Pretty Good Privacy)

• PGP Key Rings


• PGP supports multiple public/private keys pairs per
sender/recipient.
• Keys stored locally in a PGP Key Ring – essentially a
database of keys.
• Private keys stored in encrypted form; decryption
key determined by user-entered pass-phrase.
PGP Message Generation
PGP Message Generation
• The sending PGP entity performs the following steps:
• Signs the message:
• PGP gets sender’s private key from key ring using
its user id as an index.
• PGP prompts user for passphrase to decrypt
private key.
• PGP constructs the signature component of the
message.
• Encrypts the message:
• PGP generates a session key and encrypts the
message.
• PGP retrieves the receiver public key from the
key ring using its user id as an index.
• PGP constructs session component of message
PGP Message Reception
PGP Message Reception
• The receiving PGP entity performs the following steps:
• Decrypting the message:
• PGP get private key from private-key ring using Key ID
field in session key component of message as an index.
• PGP prompts user for passphrase to decrypt private key.
• PGP recovers the session key and decrypts the message.
• Authenticating the message:
• PGP retrieves the sender’s public key from the public-
key ring using the Key ID field in the signature key
component as index.
• PGP recovers the transmitted message digest.
• PGP computes the message for the received message
and compares it to the transmitted version for
authentication.
PGP
(Pretty Good Privacy)
• Key Management for PGP
• Public keys for encrypting session keys /
verifying signatures.
• Private keys for decrypting session keys /
creating signatures.
• Where do these keys come from and on what
basis can they be trusted?
PGP
(Pretty Good Privacy)

• PGP adopts a trust model called the web


of trust.
• No centralised authority
• Individuals sign one another’s public keys,
these “certificates” are stored along with
keys in key rings.
• PGP computes a trust level for each public
key in key ring.
• Users interpret trust level for themselves.
PGP
(Pretty Good Privacy)

• Trust levels for public keys dependent on:


• Number of signatures on the key;
• Trust level assigned to each of those signatures.
• Trust levels recomputed from time to time.
PGP
(Pretty Good Privacy)
• Security of PGP
• There are many known attacks against PGP.
• Attacks against cryptoalgorithms are not
the main threat
• IDEA is considered strong, and while
cryptoanalysis advances, it should be strong
still for some time.
• RSA may or may not be strong. There are
recent rumors of possible fast factorization
algorithms..
• The main threats are much more simple.
PGP
(Pretty Good Privacy)
• An attacker may socially engineer himself
into a web of trust, or some trustable
person may change. Then he could falsify
public keys. This breaks most of the
security.
• PGP binaries can be corrupted when they
are obtained.
• The PGP binaries can be modified in the
computer.
• The passphrase can be obtained by a
Trojan. Weak passphrases can be cracked.
• On multiuser system, access to the secret
key can be obtained.
Resources

• http://www.pgpi.org/doc/faq/
• www.gnupg.org
• William Stallings,” Cryptography and Network
Security Principles and Practices”, Fourth Edition
” Prentice Hall , 2005
• GITA” Encryption Technologies”, Standard P800-
S850 V2.0, April 5, 2004
• Sieuwert van Otterloo” A security analysis of
Pretty Good Privacy”, September 7, 2001
• Amr el-kadi” what is computer security”2005

You might also like