Cryptography and Network Security Chapter 18Chapter 15 – Electronic Mail SecurityEmail SecurityEmail Security EnhancementsPretty Good Privacy (PGP)PGP Operation – AuthenticationPGP Operation – ConfidentialityPGP Operation – Confidentiality & AuthenticationPGP Operation – CompressionPGP Operation – Email CompatibilityPGP Operation – SummaryPGP Session KeysPGP Public & Private KeysPGP Message FormatPGP Key RingsSlide 16PGP Message GenerationPGP Message ReceptionPGP Key ManagementPGP Trust Model ExampleS/MIME (Secure/Multipurpose Internet Mail Extensions)S/MIME FunctionsS/MIME Cryptographic AlgorithmsS/MIME MessagesS/MIME Certificate ProcessingCertificate AuthoritiesS/MIME Enhanced Security ServicesDomain Keys Identified MailInternet Mail ArchitectureEmail ThreatsDKIM StrategyDCIM Functional FlowSummaryCryptography and Cryptography and Network SecurityNetwork SecurityChapter 18Chapter 18Fifth EditionFifth Editionby William Stallingsby William StallingsLecture slides by Lawrie BrownLecture slides by Lawrie BrownChapter 15 – Chapter 15 – Electronic Mail Electronic Mail SecuritySecurityDespite the refusal of VADM Poindexter and LtCol North to Despite the refusal of VADM Poindexter and LtCol North to appear, the Board's access to other sources of appear, the Board's access to other sources of information filled much of this gap. The FBI provided information filled much of this gap. The FBI provided documents taken from the files of the National Security documents taken from the files of the National Security Advisor and relevant NSC staff members, including Advisor and relevant NSC staff members, including messages from the PROF system between VADM messages from the PROF system between VADM Poindexter and LtCol North. The PROF messages were Poindexter and LtCol North. The PROF messages were conversations by computer, written at the time events conversations by computer, written at the time events occurred and presumed by the writers to be protected occurred and presumed by the writers to be protected from disclosure. In this sense, they provide a first-hand, from disclosure. In this sense, they provide a first-hand, contemporaneous account of events.contemporaneous account of events.——The Tower Commission Report to President Reagan The Tower Commission Report to President Reagan on the Iran-Contra Affair, 1987on the Iran-Contra Affair, 1987Email SecurityEmail Securityemail is one of the most widely used and email is one of the most widely used and regarded network services regarded network services currently message contents are not currently message contents are not secure secure may be inspected either in transit may be inspected either in transit or by suitably privileged users on destination or by suitably privileged users on destination systemsystemEmail Security EnhancementsEmail Security Enhancementsconfidentialityconfidentialityprotection from disclosureprotection from disclosureauthenticationauthenticationof sender of messageof sender of messagemessage integritymessage integrityprotection from modification protection from modification non-repudiation of originnon-repudiation of originprotection from denial by senderprotection from denial by senderPretty Good Privacy (PGP)Pretty Good Privacy (PGP)widely used de facto secure emailwidely used de facto secure emaildeveloped by Phil Zimmermanndeveloped by Phil Zimmermannselected best available crypto algs to useselected best available crypto algs to useintegrated into a single programintegrated into a single programon Unix, PC, Macintosh and other systems on Unix, PC, Macintosh and other systems originally free, now also have commercial originally free, now also have commercial versions availableversions availablePGP Operation – PGP Operation – AuthenticationAuthentication1.1.sender creates messagesender creates message2.2.make SHA-1160-bit hash of message make SHA-1160-bit hash of message 3.3.attached RSA signed hash to messageattached RSA signed hash to message4.4.receiver decrypts & recovers hash codereceiver decrypts & recovers hash code5.5.receiver verifies received message hashreceiver verifies received message hashPGP Operation – PGP Operation – ConfidentialityConfidentiality1.1.sender forms 128-bit random session keysender forms 128-bit random session key2.2.encrypts message with session keyencrypts message with session key3.3.attaches session key encrypted with RSAattaches session key encrypted with RSA4.4.receiver decrypts & recovers session keyreceiver decrypts & recovers session key5.5.session key is used to decrypt messagesession key is used to decrypt messagePGP Operation – Confidentiality PGP Operation – Confidentiality & Authentication & Authentication can use both services on same messagecan use both services on same messagecreate signature & attach to messagecreate signature & attach to messageencrypt both message & signatureencrypt both message & signatureattach RSA/ElGamal encrypted session keyattach RSA/ElGamal encrypted session keyPGP Operation – PGP Operation – CompressionCompressionby default PGP compresses message by default PGP compresses message after signing but before encryptingafter signing but before encryptingso can store uncompressed message & so can store uncompressed message & signature for later verificationsignature for later verification& because compression is non deterministic& because compression is non deterministicuses ZIP compression algorithmuses ZIP compression algorithmPGP Operation – Email PGP Operation – Email CompatibilityCompatibilitywhen using PGP will have binary data to send when using PGP will have binary data to send (encrypted message etc)(encrypted message etc)however email was designed only for texthowever email was designed only for texthence PGP must encode raw binary data into hence PGP must encode raw binary data into printable ASCII charactersprintable ASCII charactersuses radix-64 algorithmuses radix-64 algorithmmaps 3 bytes to 4 printable charsmaps 3 bytes to 4 printable charsalso appends a CRCalso appends a CRCPGP also segments messages if too bigPGP also segments messages if too bigPGP Operation – SummaryPGP Operation – SummaryPGP Session KeysPGP Session Keysneed a session key for each messageneed a session key for each messageof varying sizes: 56-bit DES, 128-bit CAST or of varying sizes: 56-bit DES, 128-bit CAST