1 / 16

Encrypted E-mail Web Application

Encrypted E-mail Web Application. Presented by: Aqila Dissanayake & Tarik EL-amsy. Motivations. When you send an email, do you realize that it can easily be read: By anyone who works for your Internet Service Provider By anyone who works for the recipient's internet service provider

clovis
Download Presentation

Encrypted E-mail Web Application

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Encrypted E-mail Web Application Presented by: Aqila Dissanayake & Tarik EL-amsy 569 Semantic Web . Dr. J. Lu University of windsor , Project Presentation Encrypted Web service application

  2. Motivations • When you send an email, do you realize that it can easily be read: • By anyone who works for your Internet Service Provider • By anyone who works for the recipient's internet service provider • By anyone who operates any of the perhaps dozens of Internet routers that your data packets will pass through • By anyone with physical access to the telephone switching equipment in the phone company's office 569 Semantic Web . Dr. J. Lu University of windsor , Project Presentation Encrypted Web service application

  3. 569 Semantic Web . Dr. J. Lu University of windsor , Project Presentation Encrypted Web service application

  4. Services Used • neuroFuzz Cryptographic Web Service http://www.neurofuzz.com/modules/cryptoService/cryptoSOAP.php?wsdl • SendEmail E-mail Service http://www.abysal.com/soap/AbysalEmail.wsdl 569 Semantic Web . Dr. J. Lu University of windsor , Project Presentation Encrypted Web service application

  5. neuroFuzz Crypto Service • This is a cryptographic web service that allows a user encrypt/decrypt a text using a key. • The encryption algorithm implemented is the block-cipher AES Rijndael with a 256-bit block size and 32-bit key size. • In June 2003, the US Government announced that AES (Advanced Encryption Standard) may be used for classified information: • “The design and strength of all key lengths of the AES algorithm (i.e., 128, 192 and 256) are sufficient to protect classified information up to the SECRET level. TOP SECRET information will require use of either the 192 or 256 key lengths”. • This marks the first time that the public has had access to a cipher approved by NSA for TOP SECRET information. • The service is provided free of charge. 569 Semantic Web . Dr. J. Lu University of windsor , Project Presentation Encrypted Web service application

  6. Symmetric key • AES algorithm uses a symmetric key; which means it utilizes the same key to encrypt and decrypt a message. • In other words both the sender and the receiver should utilize the same key to encrypt and decrypt a message. 569 Semantic Web . Dr. J. Lu University of windsor , Project Presentation Encrypted Web service application

  7. SendEmail • This is a web service that lets a user send an E-mail to any e-mail address from any e-mail address. • It uses the SMTP (Simple Mail Transfer Protocol) Abysal-WebDTP server for this purpose. • This service is executed on one of the Abysal Systems webDTP application servers, through a simple C language program. This program uses the denoted Abysal-SOAP API (Application Programming Interface). 569 Semantic Web . Dr. J. Lu University of windsor , Project Presentation Encrypted Web service application

  8. New Application Generated • The new application constructed is a web application that lets a user send an encrypted e-mail message to a user. • The receiving user can use the web application to decrypt the message using the symmetric key. • The application provides a user friendly interface which even a novice to the concept of cryptography can use • The only thing the user needs to be aware of is that the receiving user needs to utilize the same key to decrypt the message. 569 Semantic Web . Dr. J. Lu University of windsor , Project Presentation Encrypted Web service application

  9. Integrating the services • The user would write down his e-mail in normal text. • Then, the user would choose to encrypt the text. • A key needs to be used for encryption. • The program provides the user with the option of automatically generating a key or entering his or her own key. 569 Semantic Web . Dr. J. Lu University of windsor , Project Presentation Encrypted Web service application

  10. Integrating the services • It is assumed the user exchanges the key data with the communicating party with some non-Internet based method (snail-mail, sneaker net, POTS (plain old telephone service)) • Utilizing this key, the user needs to send the text to the Neurofuzz web service to be encrypted. • The Neurofuzz crypto service will return the encrypted text to the e-mail program • Then the user will fill out all the required info such as the receivers e-mail address and the senders e-mail address and send the e-mail. 569 Semantic Web . Dr. J. Lu University of windsor , Project Presentation Encrypted Web service application

  11. Integrating the services • At this step to send the e-mail the SendEmail web service will be called and the encrypted text will be sent to this service. This web service will send the e-mail on behalf of the user. • Once the receiver receives the e-mail, to read it he or she needs to decrypt the message, for this the same key that was used to encrypt the message should be used. • Once the ciphertext is sent to the Neurofuzz crypto service along with the correct key, it will be decrypted and the plaintext message will be returned to the user. The user can read the message after this step is completed. 569 Semantic Web . Dr. J. Lu University of windsor , Project Presentation Encrypted Web service application

  12. Limitations of the application • The application is only capable of sending one e-mail at a time. • In a way it makes sense, because if more than two users utilize the same key it can be considered as a security risk. • Still, if one needs to send a message to two e-mail addresses of the same user (at the same instance), the application won’t achieve the task. • The limitation is inherited from the SendEmail web service. The service limits the number of target e-mail addresses to one. 569 Semantic Web . Dr. J. Lu University of windsor , Project Presentation Encrypted Web service application

  13. Difficulties • Difficulty in locating web services was one of the major problems in this project. • The Neurofuzz crypto service was the only web service that was found to contain any encryption/decryption technique. Even though there are many encryption standards available today there weren’t any other cryptographic web services available. • When it came to finding an e-mail web service, it seemed as though there were a fair number of e-mail services. • Most of them were not working because of the WSDL file being unavailable or they required authentication. 569 Semantic Web . Dr. J. Lu University of windsor , Project Presentation Encrypted Web service application

  14. Difficulties (cont’) • It was difficult to find a web service to integrate with the cryptographic web service. • One of cryptography's primary purposes is hiding the meaning of messages, but not usually their existence. In other words cryptography is about communicating in the presence of adversaries. • For this purpose we had to find a web service that involves communication. • There were many choices such as SMS (Short Message Service) which is widely available for mobile devices, IM (Instant messaging) and E-mail. • Encryption service can be implemented on top of any of those services, but for it to be practical we chose E-mail as our other web service. 569 Semantic Web . Dr. J. Lu University of windsor , Project Presentation Encrypted Web service application

  15. This application is available at http://137.207.234.251/CryptEmail/Email.aspx 569 Semantic Web . Dr. J. Lu University of windsor , Project Presentation Encrypted Web service application

  16. References • Hans Delfs and Helmut Knebl, Introduction to Cryptography, Principles and Applications • Why you should use Encryption http://www.goingware.com/encryption/ • Advanced Encryption Standard http://en.wikipedia.org/wiki/Advanced_Encryption_Standard • http://www.xmethods.com • SendEmail Web Service http://www.xmethods.net/ve2/ViewListing.po?key=uuid:E9CC365B-B3B0-339C-0D3F-71D033ACB0CC • neuroFuzz Crypt Service http://xmethods.org/ve2/ViewListing.po;jsessionid=vdcuYX5Qcszs6KTCZhhSW_wX(2MgVnSRM)?key=uuid:D6E52F11-C2B7-58DD-699B-36646ABD7F28 569 Semantic Web . Dr. J. Lu University of windsor , Project Presentation Encrypted Web service application

More Related