Embed Size (px)
Citation preview
PGP Overview
2004/11/30
Information-Center meeting
peterkim
Email servers
POP3: Post Office Protocol, port #110 IMAP: Internet Mail Access Protocol, port #143SMTP: Simple Main Transfer Protocol, port #25
Pretty good privacy (PGP)
Internet e-mail encryption scheme, de-facto standard.
uses symmetric key cryptography, public key cryptography, hash function, and digital signature as described.
provides secrecy, sender authentication, integrity.
inventor, Phil Zimmerman, a undergraduate from FAU in 1991.
---BEGIN PGP SIGNED MESSAGE---
Hash: SHA1
Bob:My husband is out of town tonight.Passionately yours, Alice
---BEGIN PGP SIGNATURE---Version: PGP 5.0Charset: noconvyhHJRHhGJGhgg/
12EpJ+lo8gE4vB3mqJhFEvZP9t6n7G6m5Gw2
---END PGP SIGNATURE---
A PGP signed message:
PGP overview — mechanism Anybody creates his/her RSA public key and private key (512,
768, or 1024 bits) (automatically generated by PGP) Anybody (e.g., Alice) can send encrypted (as well as signed)
email to anybody else (e.g., Bob). Generate a one-time random key to encrypt the email using
a secret key system (e.g., IDEA) Encrypt the random key with Bob’s public key May sign the email with her own private key May compress the email before encryption
Bob can use his private key to decrypt the encrypted email. Moreover, “pass phrase” is required for decryption The “pass phrase” is typed by Bob when PGP generates
RSA keys for him
PGP overview—key distribution
Public key system (RSA), key distribution PEM: rigid hierarchy of CAs. S/MIME: (being agnostic), assume that a number of
parallel independent hierarchies. PGP: anarchy, each user decides which keys to
trust. You contact Alice in person to get Alice’s public key, and
trust it You find the public key of Alice on her web page or from
email, you can copy it to your PGP system to trust it if you want.
Public key server (e.g., http://math-www.uni-paderborn.de/pgp/).
PGP--certificates
Certificates are an optional in PGP• anyone can issue a certificate to anyone else• If you trust Alice and get Carol’s public key certificate
signed by Alice, you will trust Carol’s public key• If you get Carol’s two public key certificates, one
signed by Alice, and the other signed by Bob, both Alice and Bob are trusted by you, then you can trust both Carol’s certificates.
Therefore PGP is very flexible and easy to use
Security services for Email Privacy/confidentiality Authentication Integrity Non-repudiation Proof of submission (same as certified mail) Proof of delivery (same as post mail request return receipt) Anonymity Message flow confidentiality Containment Audit Accounting Self destruct Message sequence integrity
Secure e-mail (Encode and check sign)
Alice: generates random symmetric private key, KS. encrypts message with KS (for efficiency) also encrypts KS with Bob’s public key. sends both KS(m) and KB(KS) to Bob.
Alice wants to send confidential e-mail, m, to Bob.
KS( ).
KB( ).+
+ -
KS(m
)
KB(KS )+
m
KS
KS
KB+
Internet
KS( ).
KB( ).-
KB-
KS
mKS(m
)
KB(KS )+
Secure e-mail (Encode and check sign)
Bob: uses his private key to decrypt and recover KS
uses KS to decrypt KS(m) to recover m
Alice wants to send confidential e-mail, m, to Bob.
KS( ).
KB( ).+
+ -
KS(m
)
KB(KS )+
m
KS
KS
KB+
Internet
KS( ).
KB( ).-
KB-
KS
mKS(m
)
KB(KS )+
Secure e-mail (Sign)
• Alice wants to provide sender authentication message integrity.
• Alice digitally signs message.• sends both message (in the clear) and digital signature.
H( ). KA( ).-
+ -
H(m )KA(H(m))-
m
KA-
Internet
m
KA( ).+
KA+
KA(H(m))-
mH( ). H(m )
compare
Secure e-mail (Another Application)
• Alice wants to provide secrecy, sender authentication, message integrity.
Alice uses three keys: her private key, Bob’s public key, newly created symmetric key
H( ). KA( ).-
+
KA(H(m))-
m
KA-
m
KS( ).
KB( ).+
+
KB(KS )+
KS
KB+
Internet
KS
PGP overview Not just for email, it performs encryption and
integrity protection on files Your email is treated as a file Encrypt the file Send the encrypted file by regular e-mailer. The receiver saves the email to a file and then,
decrypt the file by PGP Directly embedded in email for convenience. Visit:
http://www.pitt.edu/~poole/PGP.htm
Certificate and key revocation You can revoke (delete) any public key anytime A public key of a person can be revoked by the
corresponding private key The issuer of a certificate can revoke the
certificate Does not mean that the holder of revoked certificate is
a bad person, but the issuers does not want to vouch for its authenticity.
Validity period of a key and a certificate
PGP—key ring A data structure containing key materials
pubring.pgp: containing your public keys, other people’s public keys, information about people, and certificates.
secring.pgp: containing your private keys.
Three trust levels currently in PGP: none, partial, complete.
A trust level of a person may determine the trust level of the certificates signed by the person.
Final Demo Show
WinPT - Windows Privacy ToolsWindows Privacy Tools (WinPT) is a
collection of multilingual applications for digital encryption and signing of content. WinPT is GnuPG-based, compatible with OpenPGP compliant software (like PGP) and free for commercial and personal use under the GPL.
http://winpt.sourceforge.net/en/
