You are on page 1of 15

Internet Technologies g

Pretty Good Privacy

Mridul Sankar Barik Dept. of Comp. Sc. & Engg. Jadavpur University

Jadavpur University

Mridul S. Barik

Email Security y
Email is one of the most widely used and regarded network services Message contents are not secure M b i May be inspected either t d ith
During transit By suitably privileged users on destination system

Jadavpur University

Mridul S. Barik

Email Security Enhancements y


Confidentiality
protection from disclosure

Authentication
of sender of message

Message integrity
protection from modification

Non-repudiation of origin
protection from denial by sender

Jadavpur University

Mridul S. Barik

Pretty Good Privacy ( y y (PGP) )


Widely used de facto secure email Developed by Phil Zimmermann Selected best available crypto algs to use Integrated into a single program Available on Unix, PC, Macintosh and Amiga systems Originally free, now have commercial versions available free also

Jadavpur University

Mridul S. Barik

PGP
Five services
Authentication Confidentiality Compression Email compatibility Segmentation

Jadavpur University

Mridul S. Barik

PGP Operation Authentication p


Sender creates a message SHA-1 is used to generate 160-bit hash code of message Hash code is encrypted with RSA using the sender's private key, and result i attached t message i t k d lt is tt h d to Receiver uses RSA with sender's public key to decrypt and recover hash code Receiver generates new hash code for message and compares with decrypted hash code, if match, message is accepted as authentic t d th ti

Jadavpur University

Mridul S. Barik

PGP Cryptographic Functions yp g p

Jadavpur University

Mridul S. Barik

PGP Operation Confidentiality p y


Sender generates message and random 128-bit number to be used as session key for this message only Message is encrypted, using CAST-128 / IDEA/3DES with session key Session key is encrypted using RSA with recipient's public key, then attached to message Receiver uses RSA with its private key to decrypt and recover session key S i key i used t d Session k is d to decrypt message t

Jadavpur University

Mridul S. Barik

PGP Operation Confidentiality p y


PGP provides option to use Diffie-Hellman key exchange algorithm as an alternative to use of RSA for key encryption

Jadavpur University

Mridul S. Barik

PGP Operation Confidentiality and Authentication A th ti ti


Uses both services on same message
Signature for the plaintext message is generated and pre-pended to the message Both plaintext message p p g plus signature is encrypted using the g yp g session key The session key is encrypted using RSA Preferable method over encrypting the message first and then generating the signature
More convenient to store a signature with a plaintext version of a g message Third party need not know conventional key for verifying the signature

Jadavpur University

Mridul S. Barik

PGP Operation Compression p p


By default PGP compresses message after signing but before encrypting
So can store uncompressed message and signature for later verification Because compression is non deterministic
Various implementations achieve different trade offs in running speed p versus compression ratio

Uses ZIP compression algorithm Encryption after compression strengthens cryptographic security (l i (less redundancy) d d )

Jadavpur University

Mridul S. Barik

PGP Operation Email Compatibility p p y


When using PGP, part or all of the resulting block consists of a stream of arbitrary 8-bit octets (encrypted portion) However email was designed only for ASCII text H Hence PGP must encode raw bi t d binary d t i t printable data into i t bl ASCII characters Uses radix-64 algorithm g
Maps 3 bytes of binary data to 4 printable chars Also appends a CRC to detect transmission errors

PGP also segments messages if too big l t t bi

Jadavpur University

Mridul S. Barik

PGP Operation Email Compatibility p p y


Use of Radix-64 algorithm expands the message by 33%

Jadavpur University

Mridul S. Barik

Segmentation and Reassembly g y


Often restricted to a maximum message length of 50,000 octets Longer messages must be broken up into segments PGP automatically subdivides a message th t i t l t ti ll bdi id that is too large after all other processing including Radix-64 conversion The receiver strip of all e-mail headers and reassemble the p block

Jadavpur University

Mridul S. Barik

PGP Operation Summary p y

Jadavpur University

Mridul S. Barik