1 / 17

Pretty Good Privacy

Pretty Good Privacy. Application Presentation by J. Chu. 4/17/2001. SC700 A2 Internet Information Protocols. Background. Pretty Good Privacy – J. Chu. Pretty Good Privacy (PGP) The first version of PGP was programmed in 1991 by Phil R. Zimmerman, who later founded PGP Security Consulting.

atara
Download Presentation

Pretty Good Privacy

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Pretty Good Privacy Application Presentation by J. Chu 4/17/2001 SC700 A2 Internet Information Protocols

  2. Background Pretty Good Privacy – J. Chu Pretty Good Privacy (PGP) The first version of PGP was programmed in 1991 by Phil R. Zimmerman, who later founded PGP Security Consulting. PGP is one of the most popular encryptionand authentication algorithm world-wide. PGP is more widely used in electronic mailsecurity than any other areas. Phil R. Zimmerman 4/17/2001 SC700 A2 Internet Information Protocols

  3. Background (continues) Pretty Good Privacy – J. Chu Pretty Good Privacy (PGP) PGP is a hybrid cryptosystem; it is a combination of some of the best known encryption algorithms in existence. While PGP has the speediness of a symmetric-key encryption algorithm, it maintains the high level of security of a public-key encryption algorithm. 4/17/2001 SC700 A2 Internet Information Protocols

  4. Background (continues) Pretty Good Privacy – J. Chu Pretty Good Privacy (PGP) "If all the personal computers in the world - 260 million - were put to work on a single PGP-encrypted message, it would still take an estimated 12 million times the age of the universe, on average, to break a single message.” - Deputy Director William CrowellNational Security Agency3/20/1997 4/17/2001 SC700 A2 Internet Information Protocols

  5. Introduction Pretty Good Privacy – J. Chu Why choose PGP over RSA? RSA is very secured given a large enough key. However, it is definitely no fun having to compute 567^2128 for every single letter in order to encrypt or decrypt a message. During the 80’s and early 90’s, not too many computer in the world can handle such complex computations in a short period of time. This is when PGP comes in…It is fast, secured, and best of all, everyone** can use! (**note: by publishing the source code of PGP on the Internet, Phil Zimmerman actually got prosecuted by the United States Government for exporting a weapon.) 4/17/2001 SC700 A2 Internet Information Protocols

  6. Introduction (continues) Pretty Good Privacy – J. Chu • The following algorithms are employed by PGP: • IDEA Cipher • - developed by James Massey & Xuejia Lai in 1990 • RSA Public Key Encryption • - developed by Rivest, Shamir, and Adelman in 1977 • GZIP • - A combination of Lempel-Ziv and Huffman Encoding 4/17/2001 SC700 A2 Internet Information Protocols

  7. Algorithm Pretty Good Privacy – J. Chu • About the IDEA cipher: • IDEA: International Data Encryption Algorithm • Message is encrypted with a 128-bit IDEA key via different combinations of operations:a. Additions (mod 216)b. Multiplication (mod 216 + 1)c. Additions (mod 2) (i.e. XOR) • There are currently no known effective attacks against the IDEA cipher. 4/17/2001 SC700 A2 Internet Information Protocols

  8. Algorithm (continues) Pretty Good Privacy – J. Chu • The IDEA cipher algorithm: • Original text is divided into 64-bit blocks. • Each 64-bit block is further divided into four 16-bit sub-blocks: X1, X2, X3, X4. • The 128-bit IDEA session key is divided into eight 16-bit key-blocks: Ki,1, Ki,2, Ki,3, Ki,4, Ki,5, Ki,6, Ki,7, Ki,8. • Addition and Multiplication are perform on each block of Xn and Ki,j. • The combination of operations are performed eight times to get the final encryption. 4/17/2001 SC700 A2 Internet Information Protocols

  9. Algorithm (continues) Pretty Good Privacy – J. Chu IDEA Algorithm: 4/17/2001 SC700 A2 Internet Information Protocols

  10. Algorithm (continues) Pretty Good Privacy – J. Chu • Problems with IDEA cipher: • IDEA is a symmetric-key cryptosystem. In order to decrypt a cipher, one must know the very same key that is used to encrypt the message. • Since the IDEA key is 128-bit long, it is not easy to memorize and therefore it must be recorded. 4/17/2001 SC700 A2 Internet Information Protocols

  11. Algorithm (continues) Pretty Good Privacy – J. Chu • PGP Improvements: • Instead of using the the same key each time, PGP randomly generated a new IDEA key for every session. The same message sent at different times will be totally different and remembering the key will be useless and unnecessary. • The IDEA key is encrypted via RSA public key encryption algorithm. Decryption can be achieved only by those who knows the complementary key. • PGP compresses packages with GZIP. 4/17/2001 SC700 A2 Internet Information Protocols

  12. Algorithm (continues) Pretty Good Privacy – J. Chu • How PGP Encrypts: • Original text is encrypted into IDEA cipher text with a 128-bit random key via IDEA encryption. • The IDEA session key is encrypted with a large public key via RSA encryption. • The encrypted IDEA session key is appended to the IDEA cipher text. • GZIP is used to compress the data into a PGP package. 4/17/2001 SC700 A2 Internet Information Protocols

  13. Algorithm (continues) Pretty Good Privacy – J. Chu How PGP Encrypts: 4/17/2001 SC700 A2 Internet Information Protocols

  14. Algorithm (continues) Pretty Good Privacy – J. Chu • How PGP Decrypts: • PGP package is decompressed and is separated into the encrypted IDEA session key and the encrypted IDEA cipher text. • IDEA session key is decrypted with RSA private key. • IDEA session key decrypts the IDEA cipher text into the original plain text. 4/17/2001 SC700 A2 Internet Information Protocols

  15. Algorithm (continues) Pretty Good Privacy – J. Chu How PGP Decrypts: 4/17/2001 SC700 A2 Internet Information Protocols

  16. Conclusion Pretty Good Privacy – J. Chu PGP over IDEA & RSA: Although IDEA and RSA are very strong encrypting algorithms, they do have their weaknesses: IDEA uses a single and lengthy key while RSA employs complex and lengthy computations. By combining both IDEA and RSA, PGP uses the strengths of one algorithm to compensate for the weaknesses of the other. As the result, PGP is one of the strongest and fastest encrypting algorithm in existence. 4/17/2001 SC700 A2 Internet Information Protocols

  17. References Pretty Good Privacy – J. Chu Back, Adam, “PGP Timeline.” “http://www.cypherspace.org/~adam/timeline/”, 1998. Brown, Lawrie, “Cryptography and Computer Security.”“http://www.cs.adfa.oz.au/teaching/studinfo/csc/lectures/”, 2001. Davie and Peterson, Larry L., Computer Networks. 2nd ed. Boston: Morgan Kaufmann, 2000. Page 599-601. Feisthammel, Patrick, “PGP – Pretty Good Privacy.”“http://www.rubin.ch/pgp/pgp.en.html”, 2000. Gimon, Charles A., “The Phil Zimmerman Case.”“http://www.skypoint.com/members/gimonca/philzima.html”, 1996. “PGP International Homepage.”“http://www.pgpi.org”, 2001. “PGP Security BIND vulnerability COVERT CyberCop Gauntlet.”“www.pgp.com”, 2001. 4/17/2001 SC700 A2 Internet Information Protocols

More Related