slide1 l.
Download
Skip this Video
Loading SlideShow in 5 Seconds..
ECE-8843 ece.gatech/~copeland/jac/8843-03/ Prof. John A. Copeland john.copeland@ece.gatech 404 894-5177 fax 404 894-003 PowerPoint Presentation
Download Presentation
ECE-8843 ece.gatech/~copeland/jac/8843-03/ Prof. John A. Copeland john.copeland@ece.gatech 404 894-5177 fax 404 894-003

Loading in 2 Seconds...

play fullscreen
1 / 22

ECE-8843 ece.gatech/~copeland/jac/8843-03/ Prof. John A. Copeland john.copeland@ece.gatech 404 894-5177 fax 404 894-003 - PowerPoint PPT Presentation


  • 280 Views
  • Uploaded on

ECE-8843 http://www.ece.gatech.edu/~copeland/jac/8843-03/ Prof. John A. Copeland john.copeland@ece.gatech.edu 404 894-5177 fax 404 894-0035 Office: GCATT Bldg 579 email or call for office visit, or call Kathy Cheek, 404 894-5696 Chapter 5a - Pretty Good Privacy (PGP) Email.

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about 'ECE-8843 ece.gatech/~copeland/jac/8843-03/ Prof. John A. Copeland john.copeland@ece.gatech 404 894-5177 fax 404 894-003' - Mia_John


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
slide1

ECE-8843

http://www.ece.gatech.edu/~copeland/jac/8843-03/

Prof. John A. Copeland

john.copeland@ece.gatech.edu

404 894-5177

fax 404 894-0035

Office: GCATT Bldg 579

email or call for office visit, or call Kathy Cheek, 404 894-5696

Chapter 5a - Pretty Good Privacy (PGP) Email

slide2

Electronic Mail

In 1982, ARPANET email proposals were published as RFC

821 (www.ietf.org/rfc/rfc0821.txt) and RFC 822

Email services since are based on these RFC's

CCITT X.400 & ISO MOTIS grew and waned as competitors

"User Agents" UA, and "Message Transfer Agents" MTA

Three parts to an email message:

Envelope - information used to forward the contents

Header - standard strings, some added in route.

>

To: Cc: Bcc: From: Sender:

>

Received: (added in route), Return-Path: (by final MTA)

>

MIME headers added by RFC 1341 and 1521

>

A. S. Tanenbaum, "Computer Networks," (3rd ed.) p.651

2

slide3

MIME Headers

Multipurpose Internet Mail Extensions (MIME)

RFC 1341 and RFC 1521

MIME -Version:

version number

Content-Description:

human-readable string

Content-ID:

unique identifier

Content-Transfer-Encoding:

body encoding

>

ASCII (Plain, quoted-printable, or Richtext)

>

Binary (base64)

Content-Type:

nature of the message

>

Image (gif, jpeg), Video (mpeg),

>

Application (Postscript, octet-stream)

>

A.S.Tanenbaum, "Computer Networks," (3rd ed.) p.653

3

slide4

Received: from didier.ee.gatech.edu (didier.ee.gatech.edu

[130.207.230.10]) by eagle.gcatt.gatech.edu (8.8.8+Sun/8.7.1) with

ESMTP id UAA00818 for <copeland@eagle.gcatt.gatech.edu>; Fri, 30 Jul

1999 20:00:35 -0400 (EDT)

Received: from bwnewsletter.com (gw2.mcgraw-hill.com [198.45.19.20])

by didier.ee.gatech.edu (8.9.0/8.9.0) with ESMTP id UAA16500

for <jcopeland@

ece.gatech.edu

>; Fri, 30 Jul 1999 20:00:33 -0400 (EDT)

Received: from NOP (152.159.60.175) by bwnewsletter.com with SMTP

(Eudora Internet Mail Server 2.1); Fri, 30 Jul 1999 16:24:21 -0400

Message-Id: <1.5.4.32.19990730202137.00672900@businessweek.com>

X-Sender: mustread@businessweek.com (Unverified)

X-Mailer: Windows Eudora Light Version 1.5.4 (32)

Mime-Version: 1.0

Date: Fri, 30 Jul 1999 16:21:37 -0400

To: bwnewsletter@bwnewsletter.com (note: I was on a Bcc: list)

From: BW Online <insider@businessweek.com>

Subject: BUSINESS WEEK ONLINE INSIDER -- July 30

Content-Type: text/plain; charset="us-ascii"

Content-Length: 7694

4

slide5

$ nslookup -q=MX ee.gatech.edu

(nslookup -> host)

ee.gatech.edu preference = 10,

mail exchanger = mail.ee.gatech.edu

ee.gatech.edu nameserver = eeserv.ee.gatech.edu

ee.gatech.edu nameserver = duchess.ee.gatech.edu

ee.gatech.edu nameserver = didier.ee.gatech.edu

mail.ee.gatech.edu internet address = 130.207.230.10

eeserv.ee.gatech.edu internet address = 130.207.230.5

duchess.ee.gatech.edu internet address = 130.207.230.13

didier.ee.gatech.edu internet address = 130.207.230.10

5

slide6

$ nslookup -q=mx mcgraw-hill.com

Non-authoritative answer:

mcgraw-hill.com preference = 20, mail exchanger =

interlock.mgh.com

Authoritative answers can be found from:

mcgraw-hill.com nameserver = NS-01A.ANS.NET

mcgraw-hill.com nameserver = NS-01B.ANS.NET

mcgraw-hill.com nameserver = NS-02A.ANS.NET

mcgraw-hill.com nameserver = NS-02B.ANS.NET

NS-01A.ANS.NET internet address = 199.221.47.7

NS-01B.ANS.NET internet address = 199.221.47.8

NS-02A.ANS.NET internet address = 207.24.245.179

NS-02B.ANS.NET internet address = 207.24.245.178

6

slide7

$ nslookup 198.45.19.20

Name: gw2.mcgraw-hill.com

Address: 198.45.19.20

$ nslookup 152.159.60.175

*** can't find 152.159.60.175: Non-existent host/domain

$ traceroute 152.159.60.175

1 24.88.12.129 (24.88.12.129 ): 17ms

2 stn-mtn-rtrb.atl.mediaone.net. (24.88.0.254 ): 18ms

3 24.93.64.69 (24.93.64.69 ): 20ms

4 24.93.64.61 (24.93.64.61 ): 17ms

5 24.93.64.57 (24.93.64.57 ): 25ms

6 sgarden-sa-gsr.carolina.rr.com. (24.93.64.30 ): 26ms

7 roc-gsr-greensboro-gsr.carolina. (24.93.64.17 ): 29ms

8 24.93.64.45 (24.93.64.45 ): 38ms

9 sjbrt01-vnbrt01.rr.com. (24.128.6.6 ): 41ms

10 pnbrt01-vnbrt01.rr.com. (24.128.6.85 ): 42ms

11 p217.t3.ans.net. (192.157.69.52 ): 51ms

12 h13-1.t32-0.new-york.t3.ans.net. (140.223.33.21 ): 49ms

13 f0-0.cnss33.new-york.t3.ans.net. (140.222.32.193 ): 53ms

14 s0.enss3339.t3.ans.net. (199.222.77.70 ): 61ms

15 * * *

16 * * *

7

slide8

Security Services for Email

Privacy - only for intended recipient

Authentication - confidence in ID of sender

Integrity - assurance of no data alteration

Non-repudiation - proof that sender sent it

Proof of submission - was sent to email server

Proof of delivery - was received by addressee

Message flow confidentiality - no one can know

a message was sent (anti-traffic analysis)

8

slide9

Anonymity - sender's ID hidden

Containment - message forwards to limited area

Audit - events recorded

Accounting - user statistics for allocating costs

Self-destruct - can not forward or store

Message sequence integrity - all messages

arrived in correct order

9

slide10

Privacy

Establishing Keys

Public Key Certification

Exchange Public Keys

Multiple Recipients

Encrypt message m with session key, S

Encrypt S with each recipient's key

Send: {S; Kbob}, {S; Kann}, ... , {m; S}

Authentication of Source

Hash (MD4, MD5, SHA1) of message, encrypt with

private key (provides ciphertext/plaintext pair)

Secret Key K: MIC is hash of K+m, or CBC residue

with K (assuming message not encrypted with K).

10

slide11

Message Integrity

The source authentication methods that

include a hash of the message provide MIC

Non-repudiation

Public-key signing provides non-repudiation.

Secret-key method requires a "Notary" to

"Sign" a time-stamp + hash of the message

Proof of Delivery

Acknowledge before reading - can't prove m was read.

Acknowledge after - may have read without signing.

11

slide12

Proof of Submission

CC yourself (unfortunately headers easily

modified) - CC Notary (if recipient not in Bcc)

Flow Confidentiality

Encrypt message and headers, to third party.

Send from the corner Cyber Cafe, fake HotMail

account

Anonymity

Several Web site services available

Containment

Network Admin can set up filter tables on

routers.

12

slide13

Names and Addresses

X.500 Name (ISO standard)

?/C=US/O=CIA/OU=drugs/PN='Manny Norriega'

Internet Name

m_noriega@mail.drugpc.cia.gov or manny@cia.gov

<user account name> @ <DNS host name or alias>

using the alias "mail" lets mail server program be

moved from one host to another

in ece.gatech.edu domain, "mail" is an alias for

"didier", also any email to "ece.gatech.edu"is ok.

Old message - later Non-reputiation

Need Notary to sign hash of message, Certificate

used to authenticate Public Key, and current CRL

13

slide14

Compress Text

Compress Image

14

From "PGP Freeware for MacOS, User's Guide" Version 6.5, Network Associates, Inc., www.pgp.com

slide15

with signature

attached if

there is one

From "PGP Freeware for MacOS, User's Guide" Version 6.5, Network Associates, Inc., www.pgp.com

15

slide19

Radix-64 encoding of a binary (all possible 8-bit bytes) message 6-bits at a time into 64 printable ASCII characters (A-Z, a-z , 0-9, +, / bytes 65-90, 97-122, 48-57, 47, 43) pad with =.

To: "Khawar Azad" <khawar_azad@hotmail.com>

From: John Copeland <john.copeland@ece.gatech.edu>

Subject: ECE8813 : PGP Endeavor...

Cc:

Bcc:

X-Attachments:

-----BEGIN PGP MESSAGE-----

Version: PGPfreeware 6.5.2 for non-commercial use <http://www.pgp.com>

qANQR1DBwU4D6cjDU+QAxCwQB/9IZFOIuDSIIQbwa28SQ63DDioFb4bH4bmKfopX

cvdDVQ1X53fSJzyLt12RslfQToje8YxRNidYMNg1zDTT7CR9q7LRFoAwBFVtQhWJ

jFNXn1+aE8oePReMi6vS0DXSSDfgDuUb1R+c8htHoeik6Oebe9R90J3d51yyCojV

P2zJ2C2DyZexiudHPuDF1NIeMX582ib70PNzZhigXZcZgCbzs7ppidhHoZaoFttK

goqLBFithU4ca0Xbh/11LDsUC7sY7DnAcjndFQA/7kduOATSlTYaltdaplJl7yAV

OIaO+aOuXwpLfcPe9gcuVE43hAgiuy2Vxk1luc1w2MhsnaI2CACU45XGjirbKViV

sQ/PJwoTI7Fwgc+Y8Swa0mqgLAeoU1gRpRnouXHrb4IKMzEKGVr6lhAxZ3oXu0h1

zUST5p7EQn/hhGHWusEeUs8m4Q7pT39uIjYDfQTfeNxfEYnI+058QZDuovunzhx7

xtT+CVz9H164uMIl4kTzjcrBqPAFN/MTAX/mJ9aAIEnaOAtO+WF/AteGda7pOhRS

feBsX0/4yMH0sv+Q2xrt1AzWOjCfb6vY8nZKeafr7UTfM3P0HpvTnjsIzeehtnRp

SW/pKPCTD336unzHVASqdvkC4qlxHb3By8lp6LKD2e25PSWBB+9gJrjfeI2/AGIO

sxFHdOU5ycGatX4tvNNZ0aGEJsZSUCirgcjp+ChqiuTGHTAOQsU5d5z/NeuAXHBT

4WJteIrPo10vIbosI88vw5Nf5/MzCSMsIM9TfScwyGTP4B4t4laq4kywBkRXTX6Y

FAW34lHwGMxSNqwrST58QVr8j9SiQ9hA2PjRzuM62edMaFOAuMvm3h2Uc6MyDKJx

kUk9jmPpuNOYqguruFdngmQatL00GTBr6jk5nzphoJQxUEJA0tTZOGAy8MsK4K+z

/X2P1Wgx6M3eNpSoeNF6yqPAW93rl3Bpj27T39BWKjDT2Q5rXXztq6y07oolggh6

nNTkBP17TmMXNhyeBNsUsw/bM0mZt8OrlEp6bB4hflmGC9sAP64KvnkTSK6F+QHT

AHT01kWlpvJIZGKyT3PdCh9wlr1hQsUGto10t32fBGsJCXew/EClb554AnyYSzP8

KAjuw1NdKOBlze0DCiO6Z5z+DAxAwlqTxcm42tthF5zFbTk4UKV6ORzIuHmRO7xR

5Io5nlM7T11PDaWqsjLr2ttrSySzARt5fAJ9l1mOH+hSl1YebRjZPaxWw+bsYuqN

a0GYr2UdwgE1u5HQuhZ+bOIbSliShfKiNuDGHe6VJrchROHnC9Po2JWAOD7wMFq6

STZ/MPGzViaCUaaWPLSKleiURUh4Ly5/LaNYkaumO9vh+241FPqtZKqRVmHRg6dY

UdgoI3yfc3JrvepFQT1yeRjEVrLQiUtyhcwdVoLjofgerGAfe3YuDCxM6wLIuCf7

Ro9edu01qTiXJj25cXHxeNMdA1txLxR3ontbExow+ML5kxs=

=68Hd

-----END PGP MESSAGE-----

19

slide21

PGP Certificates

Anyone can issue a Certificate to anyone else

Certificates can be revoked by the issuer

Privacy Enhanced Mail,

another standard

Where PEM expands data into canonical form,

(+33% for text, +78% after encryption)

PGP compresses data using ZIP(-50%),

encrypts, then (optionally) converts to

base64 (+33%)

21

slide22

Things of which to be aware

Neither PEM or PGP encode mail headers

Subject can give away useful info

To and From give an intruder traffic analysis info

PGP gives recipient the original file name and

modification date

PEM may be used in a local system with

unknown trustworthyness of certificates

Certificates often verify that sender is "John

Smith" but he may not be the "John Smith"

you think (PGP allows pictures in certificates)

22