Professional Documents
Culture Documents
30
There are two main schemes which are especially
designed to provide confidentiality and
authentication for electronic mail systems. These
are:
PGP
(Pretty Good Privacy)
S/MIME
(Secure/Multipurpose Internet Mail Extension)
33
S/MIME
S/MIME uses public key certificates
conforming to standard X.509 and signed by a
certification agency. In other respects,
S/MIME is quite similar to PGP.
S/MIME is not studied in any detail on this
course and is not examinable.
Details of the scheme are available in Chapter
5 of Stalling if you are interested.
34
PGP
• Developed by Phil Zimmerman in 1995.
• Documentation and source code is freely
available.
• The package is independent of operating
system and processor.
• PGP does not rely on the “establishment” and
it’s popularity and use have grown extensively
since 1995.
35
• PGP combines the best available
cryptographic algorithms to achieve
secure e-mail communication.
• It is assumed that all users are using
public key cryptography and have
generated a private/public key pair.
• Either RSA (with RSA digital signatures) or
El Gamel (with DSA) can be used.
• All users also use a symmetric key system
such as triple DES or Rijndael.
36
What does PGP do?
PGP offers 5 services:
1. Authentication
2. Confidentiality
3. Compression
4. E-mail compatibility
5. Segmentation
37
PGP Authentication
This is a digital signature scheme with
hashing.
1. Alice has (private/public) key pair (Ad/Ae)
and she wants to send a digitally signed
message m to Bob.
2. Alice hashes the message using SHA-1 to
obtain SHA(m).
38
3. Alice encrypts the hash using her private
key Ad to obtain ciphertext c given by
c=pk.encryptAd(SHA(m))
39
6. He computes the hash of m using SHA-1
and if this hash value is equal to s then the
message is authenticated.
40
PGP Confidentiality
1. Alice wishes to send Bob a confidential
message m.
2. Alice generates a random session key k for a
symmetric cryptosystem.
3. Alice encrypts k using Bob’s public key Be to
get
k’ = pk.encryptBe(k)
41
4. Alice encrypts the message m with the
session key k to get ciphertext c
c=sk.encryptk(m)
42
7. Bob uses the session key k to decrypt the
ciphertext c and recover the message m
m=sk.decryptk(c)
43
PGP Authenticaton and Confidentiality (at the
same time)
44
2. Alice generates a random session key k
and encrypts the message m and the
signature c using a symmetric
cryptosystem to obtain ciphertext C
C=sk.encryptk(m,c)
4. She encrypts the session key k using Bob’s
public key
k’ = pk.encryptBe(k)
45
6. Bob recieves k’ and C and decrypts k’
using his private key Bd to obtain the
session key k
k=pk.decryptBd(k’)
46
8. Bob now has the message m. In order to
authenticate it he uses Alice’s public key
Ae to decrypt the signature c and hashes
the message m using SHA-1.
If SHA(m) = pk.decryptAe(c)
Then the message is authenticated.
47
PGP Compression
PGP can also compress the message if
desired. The compression algorithm is ZIP
and the decompression algorithm is UNZIP.
48
2. Now the original message m is
compressed to obtain
M=ZIP(m)
50
8. Now Bob has the original message m and
signature c. He verifies the signature
using SHA-1 and Alice’s public key as
before.
51
PGP E-Mail Compatibility
Many electronic mail systems can only
transmit blocks of ASCII text. This can cause a
problem when sending encrypted data since
ciphertext blocks might not correspond to
ASCII characters which can be transmitted.
PGP overcomes this problem by using radix-64
conversion.
52
Radix-64 conversion
Suppose the text to be encrypted has been
converted into binary using ASCII coding and
encrypted to give a ciphertext stream of
binary.
Radix-64 conversion maps arbitrary binary
into printable characters as follows:
53
Radix-64 conversion
1. The binary input is split into blocks of 24 bits
(3 bytes).
2. Each 24 block is then split into four sets each
of 6-bits.
3. Each 6-bit set will then have a value between
0 and 26-1 (=63).
4. This value is encoded into a printable
character.
54
6 bit Character 6 bit Character 6 bit Character 6 bit Character
value encoding value encoding value encoding value encoding
0 A 16 Q 32 g 48 w
1 B 17 R 33 h 49 x
2 C 18 S 34 i 50 y
3 D 19 T 35 j 51 z
4 E 20 U 36 k 52 0
5 F 21 V 37 l 53 1
6 G 22 W 38 m 54 2
7 H 23 X 39 n 55 3
8 I 24 Y 40 o 56 4
9 J 25 Z 41 p 57 5
10 K 26 a 42 q 58 6
11 L 27 b 43 r 59 7
12 M 28 c 44 s 60 8
13 N 29 d 45 t 61 9
14 O 30 e 46 u 62 +
15 P 31 f 47 v 63 /
(pad) =
55
PGP Segmentation
Another constraint of e-mail is that there is
usually a maximum message length.
PGP automatically blocks an encrypted
message into segments of an appropriate
length.
On receipt, the segments must be re-
assembled before the decryption process.
56
Key Issues
1. Key Generation
Recall that a new session key is required
each time a message is encrypted. How are
these keys generated?
57
2. Key Identifiers
58
• In the case of encryption, (Alice uses Bob’s
public key) Alice can send Bob the public
key with the message since this is not
secret (in fact Alice only sends the 64 least
significant bits so that Bob can identify the
key).
• In the case of digital signatures Alice uses
her private key and Bob uses Alice’s
corresponding public key. Alice cannot
send Bob her private key, but she can look
up the corresponding public key and send
the 64 least significant bits of that.
59
So a PGP message might consist of:
60