Scribd Logo
Upload

Welcome to Scribd!

  • PGP Confidentiality Service: Network Security

    Uploaded by

    Abdullah Shahid
    2 views19 pages

    Original Title

    Topic 102

    Copyright

    © © All Rights Reserved

    Available Formats

    PPTX, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document

    Copyright:

    © All Rights Reserved
    Download as PPTX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    2 views19 pages

    PGP Confidentiality Service: Network Security

    Uploaded by

    Abdullah Shahid

    Copyright:

    © All Rights Reserved
    Download as PPTX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 19

    PGP Confidentiality Service

    Network Security

    1
    PGP Confidentiality Service
    Objectives of the
    Topic
    • After completing this
    topic, a student will
    be able to
    – describe working of
    PGP confidentiality
    service.

    2
    PGP Confidentiality Service
    Figures and material
    in this topic have
    been adapted from
    • “Network Security
    Essentials:
    Applications and
    Standards”, 2014 by
    William Stallings.

    3
    PGP Confidentiality Service
    • PGP confidentiality is
    provided by
    encrypting messages
    to be transmitted or
    to be stored locally as
    files.
    • In both cases, the
    symmetric encryption
    algorithm CAST-128
    may be used.

    4
    PGP Confidentiality Service
    • Alternatively,
    International Data
    Encryption Algorithm
    (IDEA) or 3DES may be
    used.
    • The 64-bit cipher
    feedback (CFB) mode
    is used.

    5
    PGP Confidentiality Service
    • In PGP, each
    symmetric key is used
    only once.
    • A new key is
    generated as a
    random 128-bit
    number for each
    message.

    6
    PGP Confidentiality Service
    • This is referred to in
    the documentation as
    a session key, it is in
    reality a one-time key.
    • The session key is
    bound to the message
    and transmitted with
    it.
    • To protect the key, it is
    encrypted with the
    receiver’s public key.
    7
    PGP Confidentiality Service
    • The sequence for
    confidentiality is:
    • 1. The sender
    generates a message
    and a random 128-bit
    number to be used as
    a session key for this
    message only.

    8
    PGP Confidentiality Service
    • 2. The message is
    encrypted using CAST-
    128 (or IDEA or 3DES)
    with the session key.
    • 3. The session key is
    encrypted with RSA
    using the recipient’s
    public key and is
    prepended to the
    message.

    9
    PGP Confidentiality Service
    • 4. The receiver uses
    RSA with its private
    key to decrypt and
    recover the session
    key.
    • 5. The session key is
    used to decrypt the
    message.

    10
    PGP Confidentiality Service
    • As an alternative to
    the use of RSA for key
    encryption, PGP
    provides an option
    referred to as Diffie-
    Hellman.
    • PGP uses a variant of
    Diffie-Hellman that
    does provide
    encryption/decryptio,
    known as ElGamal.

    11
    PGP Confidentiality Service

    Ks = session key used in symmetric encryption scheme


    EP = public-key encryption, DP = public-key decryption ,
    EC = symmetric encryption, DC = symmetric decryption
    Z = compression using ZIP algorithm
    12
    PGP Confidentiality Service
    • Several observations
    may be made.
    • First, to reduce
    encryption time, the
    combination of
    symmetric and public-
    key encryption is used
    in preference to
    simply using RSA or
    ElGamal to encrypt
    the message directly.

    13
    PGP Confidentiality Service
    • CAST-128 and the
    other symmetric
    algorithms are
    substantially faster
    than RSA or ElGamal.

    14
    PGP Confidentiality Service
    • Second, the use of the
    public-key algorithm
    solves the session-key
    distribution problem,
    because only the
    recipient is able to
    recover the session
    key that is bound to
    the message.

    15
    PGP Confidentiality Service
    • Finally, the use of one-
    time symmetric keys
    strengthens what is
    already a strong
    symmetric encryption
    approach.

    16
    PGP Confidentiality Service
    • Confidentiality and
    Authentication:
    • Both services may be
    used for the same
    message.
    • First a signature is
    generated for the
    plaintext message and
    prepended to the
    message.

    17
    PGP Confidentiality Service
    • Then the plaintext
    message plus
    signature is encrypted
    using CAST-128 (or
    IDEA or 3DES) and the
    session key is
    encrypted using RSA
    (or ElGamal).

    18
    PGP Confidentiality Service

    Ks = session key used in symmetric encryption scheme


    EP = public-key encryption, DP = public-key decryption ,
    EC = symmetric encryption, DC = symmetric decryption
    Z = compression using ZIP algorithm
    19

    You might also like