Overview Of E-mail
This document was uploaded by user and they confirmed that they have the permission to share it. If you are author or own the copyright of this book, please report to us by using this DMCA report form. Report DMCA
Overview
Download & View Overview Of E-mail as PDF for free.
More details
- Words: 1,393
- Pages: 19
Overview of E-Mail • From (sender): Alice, To (recipient): Bob • Email list: – To: Bob, Carol, David – CC: Ted, Ulman, Vigenere – BCC: John, Karl
• Implementation of Email list – Remote explorer • Sender sends an email to the server who keeps the email list and distribute the email to the members in the list
– Local explorer • Sender gets the list from the server and distributes an email to the members in the list
• Multiple email list & email list with loop – Cryptographer list & Cryptanalyst list
Overview of Email (cont.) • Local explorer – Prevent loop – Prevent duplicate copies – Easy to deal with billing if needed
• Remote explorer – to recipients you do not know or are not allowed to know – One copy to geographically organized lists – More efficient if email list is longer than email itself – Parallelism can be exploited. (do not need to track down the entire tree of multiple email lists)
Security services for Email • • • • • • • • • • • • •
Privacy/confidentiality Authentication Integrity Non-repudiation Proof of submission (same as certified mail) Proof of delivery (same as post mail request return receipt) Anonymity Message flow confidentiality Containment Audit Accounting Self destruct Message sequence integrity
Email servers
POP3: Post Office Protocol, port #110 IMAP: Internet Mail Access Protocol, port #143 SMTP: Simple Main Transfer Protocol, port #25 The picture copied from http://www.howstuffworks.com/email.htm
Access email via telnet • • • • •
USER - enter your user ID PASS - enter your password QUIT - quit the POP3 server LIST - list the messages and their size RETR - retrieve a message, pass it a message number • DELE - delete a message, pass it a message number • TOP - show the top x lines of a message, pass it a message number and the number of lines
Secure e-mail
Alice wants to send confidential e-mail, m, to Bob. KS
m
KS
K (.) S
. K () +
B
+
KB
Alice:
KS(m )
KS(m )
+ +
KB(KS )
-
Internet
KS -
+
KB(KS )
symmetric private key, KS. encrypts message with KS (for efficiency) also encrypts KS with Bob’s public key. sends both KS(m) and KB(KS) to Bob. (Copied from Dr. Chang’s lecture.) generates random
.
KS( )
-
.
KB ( )
KB
m
Secure e-mail
Alice wants to send confidential e-mail, m, to Bob. KS
m
KS
K (.) S
. K () +
B
+
KB
KS(m )
KS(m )
+
-
Internet
+
KB(KS )
Bob:
KS -
+
KB(KS )
uses his private key to decrypt and recover KS uses KS to decrypt KS(m) to recover m
(Copied from Dr. Chang’s lecture.)
.
KS( )
-
.
KB ( )
KB
m
Secure e-mail (continued)
• Alice
wants to provide sender authentication message integrity.
+
-
m
.
H( )
KA
. K () -
A
-
-
KA(H(m))
KA(H(m))
+
KA
Internet
m
m
+
.
KA ( )
H(m )
compare
.
H( )
H(m )
Alice digitally signs message. • sends both message (in the clear) and digital signature. •
(Copied from Dr. Chang’s lecture.)
Secure e-mail (continued)
• Alice
wants to provide secrecy, sender authentication, message integrity. -
m
.
H( )
KA
-
.
KA ( )
-
KA(H(m))
+
.
KS( )
m KS
KS
+
.
KB ( )
+
KB
+
Internet
+
KB(KS )
Alice uses three keys: her private key, Bob’s public key, newly created symmetric key (Copied from Dr. Chang’s lecture.)
Pretty good privacy (PGP) • •
• •
Internet e-mail encryption scheme, de-facto standard. uses symmetric key cryptography, public key cryptography, hash function, and digital signature as described. provides secrecy, sender authentication, integrity. inventor, Phil Zimmerman, a undergraduate from FAU in 1991.
(Copied from Dr. Chang’s lecture.)
A PGP signed message: ---BEGIN PGP SIGNED MESSAGE--Hash: SHA1 Bob:My husband is out of town tonight.Passionately yours, Alice ---BEGIN PGP SIGNATURE--Version: PGP 5.0 Charset: noconv yhHJRHhGJGhgg/12EpJ+lo8gE4vB3m qJhFEvZP9t6n7G6m5Gw2 ---END PGP SIGNATURE---
Pretty Good Privacy (PGP) • Freeware • He was the target of a three-year criminal investigation because of so-call violation of US export law. • “Although we honest people don’t really think we need to encrypt our email—we’re not hiding anything– we should all start encrypting our email so that in case someone needs privacy, the poor soul won’t arouse suspicion by being the only one encrypting email.” • “if privacy is outlawed, only outlaws will have privacy”
PGP overview • Not just for email, it performs encryption and integrity protection on files – – – –
Your email is treated as a file Encrypt the file Send the encrypted file by regular e-mailer. The receiver saves the email to a file and then, decrypt the file by PGP
• Directly embedded in email for convenience. • Visit: http://www.pitt.edu/~poole/PGP.htm
PGP overview — mechanism • Anybody creates his/her RSA public key and private key (512, 768, or 1024 bits) (automatically generated by PGP) • Anybody (e.g., Alice) can send encrypted (as well as signed) email to anybody else (e.g., Bob). – Generate a one-time random key to encrypt the email using a secret key system (e.g., IDEA) – Encrypt the random key with Bob’s public key – May sign the email with her own private key – May compress the email before encryption • Bob can use his private key to decrypt the encrypted email. – Moreover, “pass phrase” is required for decryption
– The “pass phrase” is typed by Bob when PGP generates RSA keys for him
PGP overview—key distribution • Public key system (RSA), key distribution – PEM: rigid hierarchy of CAs. – S/MIME: (being agnostic), assume that a number of parallel independent hierarchies. – PGP: anarchy, each user decides which keys to trust. • You contact Alice in person to get Alice’s public key, and trust it • You find the public key of Alice on her web page or from email, you can copy it to your PGP system to trust it if you want. • Public key server (e.g., http://math-www.unipaderborn.de/pgp/).
PGP--certificates • Certificates are an optional in PGP – anyone can issue a certificate to anyone else – If you trust Alice and get Carol’s public key certificate signed by Alice, you will trust Carol’s public key – If you get Carol’s two public key certificates, one signed by Alice, and the other signed by Bob, both Alice and Bob are trusted by you, then you can trust both Carol’s certificates.
• Therefore PGP is very flexible and easy to use
PGP– trust levels • Problem with PGP anarchistic structure: – Alice was bribed to issue certificate for Carol – Alice was sloppy about checking (key,identity) and sign the certificate. – Suppose Ted is honest and never sloppy, could you trust Ted’s signature for Carol’s public key, from whom he had a bitter divorce?
• Solutions: – All are determined by yourself – Give a trust level for a public key – Given a trust level for the certificates signed by the key
Certificate and key revocation • You can revoke (delete) any public key anytime • A public key of a person can be revoked by the corresponding private key • The issuer of a certificate can revoke the certificate – Does not mean that the holder of revoked certificate is a bad person, but the issuers does not want to vouch for its authenticity.
• Validity period of a key and a certificate
PGP—key ring • A data structure containing key materials – pubring.pgp: containing your public keys, other people’s public keys, information about people, and certificates. – secring.pgp: containing your private keys.
• Three trust levels currently in PGP: none, partial, complete. • A trust level of a person may determine the trust level of the certificates signed by the person.
PGP--fingerprint • A short, fixed-seize string intended to be a unique representation of a string of arbitrary length and obtained by a one-way hash function. • For PGP, the fingerprint is a 256 bit string for a public key (which may be 1024 bits) by MD5 • Purpose of a fingerprint for a public key is for people to easily remember and verify the public key
• Implementation of Email list – Remote explorer • Sender sends an email to the server who keeps the email list and distribute the email to the members in the list
– Local explorer • Sender gets the list from the server and distributes an email to the members in the list
• Multiple email list & email list with loop – Cryptographer list & Cryptanalyst list
Overview of Email (cont.) • Local explorer – Prevent loop – Prevent duplicate copies – Easy to deal with billing if needed
• Remote explorer – to recipients you do not know or are not allowed to know – One copy to geographically organized lists – More efficient if email list is longer than email itself – Parallelism can be exploited. (do not need to track down the entire tree of multiple email lists)
Security services for Email • • • • • • • • • • • • •
Privacy/confidentiality Authentication Integrity Non-repudiation Proof of submission (same as certified mail) Proof of delivery (same as post mail request return receipt) Anonymity Message flow confidentiality Containment Audit Accounting Self destruct Message sequence integrity
Email servers
POP3: Post Office Protocol, port #110 IMAP: Internet Mail Access Protocol, port #143 SMTP: Simple Main Transfer Protocol, port #25 The picture copied from http://www.howstuffworks.com/email.htm
Access email via telnet • • • • •
USER - enter your user ID PASS - enter your password QUIT - quit the POP3 server LIST - list the messages and their size RETR - retrieve a message, pass it a message number • DELE - delete a message, pass it a message number • TOP - show the top x lines of a message, pass it a message number and the number of lines
Secure e-mail
Alice wants to send confidential e-mail, m, to Bob. KS
m
KS
K (.) S
. K () +
B
+
KB
Alice:
KS(m )
KS(m )
+ +
KB(KS )
-
Internet
KS -
+
KB(KS )
symmetric private key, KS. encrypts message with KS (for efficiency) also encrypts KS with Bob’s public key. sends both KS(m) and KB(KS) to Bob. (Copied from Dr. Chang’s lecture.) generates random
.
KS( )
-
.
KB ( )
KB
m
Secure e-mail
Alice wants to send confidential e-mail, m, to Bob. KS
m
KS
K (.) S
. K () +
B
+
KB
KS(m )
KS(m )
+
-
Internet
+
KB(KS )
Bob:
KS -
+
KB(KS )
uses his private key to decrypt and recover KS uses KS to decrypt KS(m) to recover m
(Copied from Dr. Chang’s lecture.)
.
KS( )
-
.
KB ( )
KB
m
Secure e-mail (continued)
• Alice
wants to provide sender authentication message integrity.
+
-
m
.
H( )
KA
. K () -
A
-
-
KA(H(m))
KA(H(m))
+
KA
Internet
m
m
+
.
KA ( )
H(m )
compare
.
H( )
H(m )
Alice digitally signs message. • sends both message (in the clear) and digital signature. •
(Copied from Dr. Chang’s lecture.)
Secure e-mail (continued)
• Alice
wants to provide secrecy, sender authentication, message integrity. -
m
.
H( )
KA
-
.
KA ( )
-
KA(H(m))
+
.
KS( )
m KS
KS
+
.
KB ( )
+
KB
+
Internet
+
KB(KS )
Alice uses three keys: her private key, Bob’s public key, newly created symmetric key (Copied from Dr. Chang’s lecture.)
Pretty good privacy (PGP) • •
• •
Internet e-mail encryption scheme, de-facto standard. uses symmetric key cryptography, public key cryptography, hash function, and digital signature as described. provides secrecy, sender authentication, integrity. inventor, Phil Zimmerman, a undergraduate from FAU in 1991.
(Copied from Dr. Chang’s lecture.)
A PGP signed message: ---BEGIN PGP SIGNED MESSAGE--Hash: SHA1 Bob:My husband is out of town tonight.Passionately yours, Alice ---BEGIN PGP SIGNATURE--Version: PGP 5.0 Charset: noconv yhHJRHhGJGhgg/12EpJ+lo8gE4vB3m qJhFEvZP9t6n7G6m5Gw2 ---END PGP SIGNATURE---
Pretty Good Privacy (PGP) • Freeware • He was the target of a three-year criminal investigation because of so-call violation of US export law. • “Although we honest people don’t really think we need to encrypt our email—we’re not hiding anything– we should all start encrypting our email so that in case someone needs privacy, the poor soul won’t arouse suspicion by being the only one encrypting email.” • “if privacy is outlawed, only outlaws will have privacy”
PGP overview • Not just for email, it performs encryption and integrity protection on files – – – –
Your email is treated as a file Encrypt the file Send the encrypted file by regular e-mailer. The receiver saves the email to a file and then, decrypt the file by PGP
• Directly embedded in email for convenience. • Visit: http://www.pitt.edu/~poole/PGP.htm
PGP overview — mechanism • Anybody creates his/her RSA public key and private key (512, 768, or 1024 bits) (automatically generated by PGP) • Anybody (e.g., Alice) can send encrypted (as well as signed) email to anybody else (e.g., Bob). – Generate a one-time random key to encrypt the email using a secret key system (e.g., IDEA) – Encrypt the random key with Bob’s public key – May sign the email with her own private key – May compress the email before encryption • Bob can use his private key to decrypt the encrypted email. – Moreover, “pass phrase” is required for decryption
– The “pass phrase” is typed by Bob when PGP generates RSA keys for him
PGP overview—key distribution • Public key system (RSA), key distribution – PEM: rigid hierarchy of CAs. – S/MIME: (being agnostic), assume that a number of parallel independent hierarchies. – PGP: anarchy, each user decides which keys to trust. • You contact Alice in person to get Alice’s public key, and trust it • You find the public key of Alice on her web page or from email, you can copy it to your PGP system to trust it if you want. • Public key server (e.g., http://math-www.unipaderborn.de/pgp/).
PGP--certificates • Certificates are an optional in PGP – anyone can issue a certificate to anyone else – If you trust Alice and get Carol’s public key certificate signed by Alice, you will trust Carol’s public key – If you get Carol’s two public key certificates, one signed by Alice, and the other signed by Bob, both Alice and Bob are trusted by you, then you can trust both Carol’s certificates.
• Therefore PGP is very flexible and easy to use
PGP– trust levels • Problem with PGP anarchistic structure: – Alice was bribed to issue certificate for Carol – Alice was sloppy about checking (key,identity) and sign the certificate. – Suppose Ted is honest and never sloppy, could you trust Ted’s signature for Carol’s public key, from whom he had a bitter divorce?
• Solutions: – All are determined by yourself – Give a trust level for a public key – Given a trust level for the certificates signed by the key
Certificate and key revocation • You can revoke (delete) any public key anytime • A public key of a person can be revoked by the corresponding private key • The issuer of a certificate can revoke the certificate – Does not mean that the holder of revoked certificate is a bad person, but the issuers does not want to vouch for its authenticity.
• Validity period of a key and a certificate
PGP—key ring • A data structure containing key materials – pubring.pgp: containing your public keys, other people’s public keys, information about people, and certificates. – secring.pgp: containing your private keys.
• Three trust levels currently in PGP: none, partial, complete. • A trust level of a person may determine the trust level of the certificates signed by the person.
PGP--fingerprint • A short, fixed-seize string intended to be a unique representation of a string of arbitrary length and obtained by a one-way hash function. • For PGP, the fingerprint is a 256 bit string for a public key (which may be 1024 bits) by MD5 • Purpose of a fingerprint for a public key is for people to easily remember and verify the public key
Related Documents
Overview Of
October 2019 29
