Unformatted text preview:

PRETTY GOOD PRIVACY (PGP)Slide 2Slide 3Slide 4NotationSlide 6Slide 7Slide 8Slide 9Cryptographic Keys and Key RingsSlide 11Slide 12Slide 13Key RingsSlide 15Slide 16Slide 17Slide 18Slide 19Slide 20PRETTY GOOD PRIVACY (PGP)•PGP is a package developed by Phil Zimmerman. PGP provides a confidentiality and authentication service that can be used for electronic mail and file storage applications.•PGP is based on algorithms that have survived extensive public review and are considered extremely secure. Specifically, the package includes RSA, DSS, and Diffie-Helmman for public-key encryption; CAST-128, IDEA, TDEA (TriDES) for conventional encryption, and SHA-1 for hash coding.PRETTY GOOD PRIVACY (PGP)•PGP has a wide range of applicability, from corporations that wish to select and enforce standardized scheme for encrypting files and messages to individuals who wish to communicate securely with others worldwide over the Internet and other networks.•http://web.mit.edu/network/pgp.htmlPRETTY GOOD PRIVACY (PGP)•PGP offers five services: authentication, confidentiality, compression, e-mail compatibility, and segmentation.•authentication = digital signatures•Confidentiality = encrypting messages to be transmitted or to be stored locally as files.Notation•Ks= session key used in conventional encryption•KRA= private key of user A, used in public-key encryption•KUA= public key of user A, used in public-key encryption•EP= public-key encryption•DP= public-key decryption•EC= conventional encryption•DC= conventional decryption•H= hash function•|| = concatenation•Z= compression using ZIP algorithm•R64= conversion to radix 64 ASCII formatPRETTY GOOD PRIVACY (PGP)Compression•As default, PGP compresses the message after applying the signature but before the encryption. This has the benefit of saving space both for e-mail transmission and for file storage.•Message encryption is applied after compression to strengthen cryptographic security. Because the compressed message has les redundancy than the original plaintext, cryptanalysis is more difficult.PRETTY GOOD PRIVACY (PGP)E-mail compatibilityBecause PGP operation involves several mathematical operations its output consists of blocks of arbitrary 8-bit octets, i.e. some non-ASCII characters may occur in these block.Many electronic mail systems only permit the use of blocks consisting of ASCII text. To accommodate this restriction, PGP provides the service of converting the raw 8-bit stream to a stream of printable ASCII characters. The scheme used for this purpose is radix 64.Cryptographic Keys and Key Rings•PGP makes use of four types of keys:1. One-time session conventional keys2. Public keys3. Private keys4. Pass -phrase conventional keys•Session Key Generation1. Each session key is associated with a single message and is used only for the purpose of encrypting and decrypting that message.Cryptographic Keys and Key Rings•The message encryption/decryption is done with a symmetric encryption algorithm: CAST-128, IDEA (128 bits), TDEA (168 bits).•The PGP session keys are obtained from a random number generator called ANSI X5.17(See appendix 5C, p. 167)•An encrypted message is accompanied by an encrypted form of the session key that was used. The session key itself is encrypted with recipient’s public key. Hence, only the recipient will be able to recover the session key and therefore recover the message.Cryptographic Keys and Key Rings•A user may have several public/private key pairs. For this reason PGP associates an identifier with each public key that is unique at least within one user. •Timestamp : the time at which the signature was made.•Leading two octets of message digest: To enable the recipient to determine if the correct public key was used to decrypt the message digest.Key Rings•PGP provides a pair of data structures at each node, one to store the public/private key pairs owned by that node and one to store the public keys of other users known at this node.These data structures are referred to, respectively, as private-key ring and the public-key ring.•Timestamp: the date/time when this key pair was generated.•Key ID: The least significant 64 bits of the public key for this


View Full Document

BARRY CS 477 - PRETTY GOOD

Download PRETTY GOOD
Our administrator received your request to download this document. We will send you the file to your email shortly.
Loading Unlocking...
Login

Join to view PRETTY GOOD and access 3M+ class-specific study document.

or
We will never post anything without your permission.
Don't have an account?
Sign Up

Join to view PRETTY GOOD 2 2 and access 3M+ class-specific study document.

or

By creating an account you agree to our Privacy Policy and Terms Of Use

Already a member?