1236227.network

CRYPTOGRAPHY AND INFORMATION SECURITY

Lecturer: Dr. Nguyen Nam Hong

Tel.: 048781437.

Mob.: 0912312816.

Email:

[email protected]

Website:

www.freewebs.com/namhongthanhloc

Chapter 16. Electronic Mail Security

Chapter 16. Electronic Mail Security (1/3) 16.01. Email Security

16.02. Email Security Enhancement

16.03. The Secure Email

16.04. Private Enhanced Mail (PEM)

16.05. PEM Implementation

16.06. PEM Security Services

16.07. PEM Format and Implementation

16.08. Pretty Good Privacy (PGP)

16.09. PGP Origins

Dr. Nguyen Nam Hong, Le Quy Don Technical University Slide 2 / 32

Chapter 16. Electronic Mail Security (2/3) 16.10. PGP Versions

16.11. Some PGP Versions in Windows

16.12. PGP Authentication

16.13. PGP Confidentials

16.14. PGP Uses

16.15. PGP Compression

16.16. PGP Email Compatibility

16.17. PGP Diagrams

16.18. PGP Session Key


Chapter 16. Electronic Mail Security (3/3) 16.19. PGP Public and Private Key

16.20. PGP Key Rings

16.21. PGP Key Management

16.22. S/MIME

16.23. S/MIME Functions

16.24. S/MIME Cryptographic Algorithms

16.25. S/MIME Certificate Processing

16.16. Certificate Authorities

16.27. Summary


16.01. Email Security

email is one of the most widely used and regarded network services

currently message contents are not secure

may be inspected either in transit

or by suitably privileged users on destination system


16.02. Email Security Enhancements

confidentiality

protection from disclosure

authentication

of sender of message

message integrity

protection from modification

non-repudiation of origin

protection from denial by sender


16.03. The secure e-mail • On open systems as in the case of the Internet, the secure email is achieved through the plataform S/MIME which means Secure Multipurpose Internet Mail Extensions. • In the beginning of the 90´s two systems or applications of secure email appear: PEM: Private Enhanced Mail PGP: Pretty Good Privacy • From both, PGP has been the one that became an standard for secure e-mail clients on closed environments. • Therefore we'll see only some of the generic aspects of PEM and we will analyze PGP in deeply.


It is a proposal of the IETF Internet Engineering Task Force in 1985. The technic document is published in 1993.

The technic specifications are in RFCs Request For Comments numbers 1421, 1422, 1423 and 1424.

It used to link to protocol SMTP Simple Mail Internet Protocol.

Encryption of the information: DES in CBC mode. Generation and key management: RSA from 508

to 1024 bits. Structure of certificates as per the X.509 rule.

Session key: DES in CBC mode, TripleDES-EDE. Digital signature: RSA, MD2, MD5.

16.04. Private Enhanced Mail (PEM)


• It is compatible with other engineering models like, for example, X.400.

• PEM is implemented at the application level: • It is independent from the protocols of the OSI

levels or from lower TCP/IP levels. • It is independent from the operative systems

or from the computer. • It can be implemented as an independent module

that works with the common email client for the user.

16.05. PEM Implementation


Security services contemplated: Source authentication. Confidentiality. Integrity of the message. Non repudiation of the source when key

management with asymmetric key algorithm is used.

Security services not contemplated: Access control. Confidentiality in the traffic of the messages. Non repudiation of the message by the

receiver.

16.06. PEM Security Services


TIS/PEM

UNIX Plataforms UNIX. Trusted

Information System. Source code

available for citizens or companies

from USA or Canada. It uses a

hierarchy of multilple certification.

RIPEM

It implements part of the PEM

protocols

without certificates for keys

authentication. Free for non

commercial applications. Export

forbidden out of the United States.

There are versions utilized all over

the world.

16.07. PEM Format and Implementation

Header of the E-mail Service

(Headers of RFC822)

Encapsuled header Fields related to authentication,

integrity and confidentiality

Encapsuled text

User's message with some optional

fields

Blank line


16.08. Pretty Good Privacy (PGP)

widely used de facto secure email

developed by Phil Zimmermann

selected best available crypto algs to use

integrated into a single program

available on Unix, PC, Macintosh and Amiga systems

originally free, now have commercial versions available also


Philip Zimmermann publishes the version 1.0 of PGP in 1991 with minimum requirements of hardware and software.

In 1992 appears version 2.0 on which programmers from all over the world participate. Its code it's written out of USA to avoid the restrictive laws regarding cryptographyc software and its legal problems.

In 1993 version 2.3a appears that is very popular on FTP sites and valid for several platforms of operative systems.

In 1994 the Massachusetts Institute of Technology MIT participates on the project and versions 2.4, 2.5 and 2.6 appear.

Version 2.6.3i is popularized globally.

16.09. PGP Origins


• Though there is more than a software offer for secure mail besides the PGP program, this became an standard in fact.

• Although the last versions of the program oriented to Windows environments present high capability, the basic operations continue being the same as in knowing version 2.6.3i.

• The new PGP versions on the Windows environment change very fast therefore it is very difficult to have up-to-date notes permanently.

16.10. PGP versions


16.11. Some PGP versions in Windows

PGP 6.5.1 PGP 7.0.3

From version 5.0 to the current ones (versions 8.0 and next) the local

encryption schemes, asymmetric cipher and digital signature have changed

very little though they present bigger capabilities. Nevertheless, remember

that some capabilities will only be activated on commercial versions.

We will see some operations from these three versions on detail. Remember, besides, that version 7.0.3 has not published its code.

PGP 8.0


16.12. PGP Authentication

1. sender creates a message 2. SHA-1 used to generate 160-bit hash code of

message 3. hash code is encrypted with RSA using the

sender's private key, and result is attached to message

4. receiver uses RSA or DSS with sender's public key to decrypt and recover hash code

5. receiver generates new hash code for message and compares with decrypted hash code, if match, message is accepted as authentic


16.13. PGP Confidentiality

1. sender generates message and random 128-bit number to be used as session key for this message only

2. message is encrypted, using CAST-128 / IDEA/3DES with session key

3. session key is encrypted using RSA with recipient's public key, then attached to message

4. receiver uses RSA with its private key to decrypt and recover session key

5. session key is used to decrypt message


16.14. PGP Uses

uses both services on same message

create signature & attach to message

encrypt both message & signature

attach RSA encrypted session key


16.15. PGP Compression

by default PGP compresses message after signing but before encrypting

so can store uncompressed message & signature for later verification

& because compression is non deterministic

uses ZIP compression algorithm


16.16. PGP Email Compatibility

when using PGP will have binary data to send (encrypted message etc)

however email was designed only for text

hence PGP must encode raw binary data into printable ASCII characters

uses radix-64 algorithm

maps 3 bytes to 4 printable chars

also appends a CRC

PGP also segments messages if too big


16.17. PGP Diagrams


16.18. PGP Session Keys

need a session key for each message

of varying sizes: 56-bit DES, 128-bit CAST or IDEA, 168-bit Triple-DES

generated using ANSI X12.17 mode

uses random inputs taken from previous uses and from keystroke timing of user


16.19. PGP Public & Private Keys

since many public/private keys may be in use, need to identify which is actually used to encrypt session key in a message

could send full public-key with every message

but this is inefficient

rather use a key identifier based on key

is least significant 64-bits of the key

will very likely be unique

also use key ID in signatures


16.20. PGP Key Rings

each PGP user has a pair of key rings:

public-key ring contains all the public-keys of other PGP users known to this user, indexed by key ID

private-key ring contains the public/private key pair(s) for this user, indexed by key ID & encrypted keyed from a hashed passphrase


16.21. PGP Key Management

rather than relying on certificate authorities

in PGP every user is own CA

can sign keys for users they know directly

forms a “web of trust”

trust keys have signed

can trust keys others have signed if have a chain of signatures to them

key ring includes trust indicators

users can also revoke their keys


16.22. S/MIME (1/2) S/MIME: Secure Multipurpose Internet Mail Extensions Unlike the standard PGP, that is based on the trust among users, S/MIME uses digital certificates X.509 brought by a Certification Authority that the e-mail clients must recognized as such. It will add encryption and signature services on the e-mail clients (Outlook Express, Netscape Messenger, ...) in MIME format. It creates such an envelope on which the data are embedded encrypted and/or signed.


16.22. S/MIME (2/2) It uses platforms of standards PKCS (Public-

Key Cryptography Standards).

security enhancement to MIME email

original Internet RFC822 email was text only

MIME provided support for varying content types and multi-part messages

with encoding of binary data to textual form

S/MIME added security enhancements

have S/MIME support in various modern mail agents: MS Outlook, Netscape etc


16.23. S/MIME Functions

enveloped data

encrypted content and associated keys

encoded signed data

message + signed digest

clear-signed data

cleartext message + encoded signed digest

signed & enveloped data

nesting of signed & encrypted entities


16.24. S/MIME Cryptographic Algorithms

hash functions: SHA-1 & MD5

digital signatures: DSS & RSA

session key encryption: ElGamal & RSA

message encryption: Triple-DES, RC2/40 and others

have a procedure to decide which algorithms to use


16.25. S/MIME Certificate Processing

S/MIME uses X.509 v3 certificates

managed using a hybrid of a strict X.509 CA hierarchy & PGP’s web of trust

each client has a list of trusted CA’s certs

and own public/private key pairs & certs

certificates must be signed by trusted CA’s


16.26. Certificate Authorities

have several well-known CA’s

Verisign one of most widely used

Verisign issues several types of Digital IDs

with increasing levels of checks & hence trust

Class Identity Checks Usage

1 name/email check web browsing/email

2+ enroll/addr check email, subs, s/w valid.

3+ ID documents e-banking/service access


16.27. Summary

have considered:

secure email

PEM

PGP

S/MIME


1236227.network

Documents

email security email

pgp authentication

pgp versions

pgp email compatibility

pgp origins

pgp public

pgp confidentials

pgp compression