cryptography tool
DESCRIPTION
Cryptography Tool. PGP. Introduction. Why PGP? History of PGP First version released by Philip Zimmermann in 1991 Politics issue (Senate Bill 266) Anti-crime bill: enable government to read encrypted messages. Philip under criminal investigation Violation of export restrictions. - PowerPoint PPT PresentationTRANSCRIPT
2
Introduction
• Why PGP?• History of PGP
– First version released by Philip Zimmermann in 1991
• Politics issue (Senate Bill 266)– Anti-crime bill: enable government to read encrypted
messages.
• Philip under criminal investigation– Violation of export restrictions
3
Introduction Cont.
• Patent issue with PGP– Old version with RSA and IDEA(expires
2007)– Another patent free, but incompatible version
uses: Triple-DES, with DSS/Diffie-Hellman.
• A typical commercial PGP, such as ViaCrypt PGP offers many features– Encrypt, sign, encrypt and sign, verify
signature, key management, and so on.
4
How PGP works
• Compress data• Create a session key randomly• Encrypt message using a block cipher algorithm• Use public key cryptography encrypt the session
key• Transmit the ciphertext and encrypted session
key.
6
How PGP Works Cont.
• Decryption works in the reverse order.• If a PGP server receives a message, it
decrypts the encrypted session key using your private key.
• Use this decrypted session key to decrypt the ciphertext.
• Then it decompresses the deciphered text to produce the original plaintext.
8
PGP Keys
• The larger the key, the more secure the encryption
• You decide the size of the key• Public keyring and private keyring
– Keyrings are files with a specific data structure
• Passphrase used to generate your private key• Question: How to choose a passphrase?• Answer: easy to remember, difficult to guess. (no
famous quotes)
9
Message Digest
• Fingerprint of your message or file• MD5 in PGP
– 128-bit MD5 has serious weakness– In 1996, Hans Dobbertin, a German cryptographer,
partially broke MD5
• SHA-1 in PGP– 160-bit SHA-1 developed by NSA– Extremely well designed
• For compatibility reason, MD5 still used for RSA signatures
10
Certificates• Make sure the public key belongs to the person
associated with that signature• PGP certificates consist of
– Public key– User id or name– Email address or ICQ.– One or more signatures– validity period – Preferred algorithm(CAST, AES, IDEA, Triple-DES,
and Twofish )
• Pitfall: Not attest the authenticity as a whole, only vouches the public key is bound to the appeared identity on the certificate.
11
Certificate Revocation
• Validity period• If a certificate expired, it becomes invalid• Why a certificate need to be revoked?
– Private key is comprised
• Does not mean anything bad about the public key owner, only saying the users can no longer authenticate you by your public key.
• Communicating that a certificate has been revoked– Post your revoked certificate on a server– In PKI environment, Certificate Revocation List
12
Protect Public key
• Problem– If Trudy substituted his public key for Alice’s
public key, she would be able to decrypt the messages that sent to Alice and encrypt it using Alice’s public key and send it to Alice again. No one suspects anything wrong.
– Forge the signature using her private key.
13
Protect Public Key Cont.
• Solution– Get Alice’s key in person– Have your friend David signs Alice’s public
key if he knows Alice’s public key and can be trusted.
– Any certificates from Certificate Authority can be trusted
– Store your own public keyring on your PC
14
Validating Keys
• Check trust level, computer the result.– Example: two marginally
trusted signatures is as credible as one fully trusted signature
– PGP trust level: complete trust, marginal trust, no trust
• PGP let you decide who you can trust
• standard public key management schemes – Internet Privacy
Enhance Mail (PEM)
• Requires mandatory trust
• Relay on CA tells you who you can trust
15
Vulnerabilities
• Passphrase attack– Easy to remember, difficult to guess
• Public key tampering– Make sure the public key is directly from that
person or signed by a trusted third party. – Access control of your own public and private
keyrings– Make a copy of both keyrings
16
Vulnerabilities Cont.• Not quite deleted files
– Marked that deleted location for reusability – Overwrite that marked location on the disk– PGP’s Secure Wipe and Freespace features to clear any
fragments left by your word processor
• Viruses or Trojan horses– Attacks on passphrass, private key, and deciphered text.
PGP offers no solution. Helpfully, you can be notified as soon as possible.
– Imitation of PGP has malfunctions: not check signature.– Solution: directly download PGP from PGP Corporation
17
Vulnerabilities Cont.
• Virtual memory or swap files– Fairly low risk because PGP does not keep sensitive
data long in memory– Write sensitive data to the disk using LRU memory
replacement algorithm. (data: passphrase, private key, or deciphered text )
– Solution: overwrite your swap files or simply turn off your virtual memory feature.
• Physical security breach– Burglary, trash-picking, bribery, or blackmail
18
Vulnerabilities Cont.• Tempest attacks
– detect the electromagnetic signals emitted from video screen– “Secure Viewer” feature (PGP 6.0 or later)
• using a special font that may reduce the levels of radio frequency emissions
– LCD has no such emissions
• Bogus timestamp– Create a signature certificate of a signature certificate with a
trustworthy timestamp.
• Multi-user system– PGP is designed for a single user system– Be aware of the risk on a multi-user system
19
Vulnerabilities Cont.
• Traffic analysis– Observing the size of the message, source and
destination, the time it is sent. – PGP alone has no solution for this problem– Requires a special communication protocol that can
reduce the traffic information
• Cryptanalysis– PGP uses the best block cipher algorithms in the world– No successfully attacks on public key cryptography
since 1978
20
References
• www.pgp.com
• http://web.mit.edu/network/pgp.html
• http://www.mit.edu/~prz/EN/background/index.html