email security using pgp - prajakta bahekar. importance of email security email is one of the most...
TRANSCRIPT
![Page 1: Email Security Using PGP - Prajakta Bahekar. Importance of Email Security Email is one of the most widely used network service on Computer Currently email](https://reader036.vdocument.in/reader036/viewer/2022082713/5697bf861a28abf838c87bf0/html5/thumbnails/1.jpg)
Email Security Using PGP
- Prajakta Bahekar
![Page 2: Email Security Using PGP - Prajakta Bahekar. Importance of Email Security Email is one of the most widely used network service on Computer Currently email](https://reader036.vdocument.in/reader036/viewer/2022082713/5697bf861a28abf838c87bf0/html5/thumbnails/2.jpg)
Importance of Email Security
Email is one of the most widely used network service on Computer
Currently email message contents are not secure. Emails without encryption is similar to send mail by postcard.
![Page 3: Email Security Using PGP - Prajakta Bahekar. Importance of Email Security Email is one of the most widely used network service on Computer Currently email](https://reader036.vdocument.in/reader036/viewer/2022082713/5697bf861a28abf838c87bf0/html5/thumbnails/3.jpg)
Goal of Email Security
Confidentiality A message is concealed by
encoding it. Authentication
Ensuring that information is accessible only to authorized person.
Message integrity Ensures that the message
received is the same as the message that was sent
![Page 4: Email Security Using PGP - Prajakta Bahekar. Importance of Email Security Email is one of the most widely used network service on Computer Currently email](https://reader036.vdocument.in/reader036/viewer/2022082713/5697bf861a28abf838c87bf0/html5/thumbnails/4.jpg)
One possible solution : PGP
Pretty Good Privacy developed by Phil Zimmermann
PGP is a key encryption program mainly intended for email privacy and authentication.
PGP email encryption uses asymmetric key encryption algorithms.
A PGP key is a piece of data used to crypt and/or sign the message ; it has a keyid and contains the name and email address of the owner.
![Page 5: Email Security Using PGP - Prajakta Bahekar. Importance of Email Security Email is one of the most widely used network service on Computer Currently email](https://reader036.vdocument.in/reader036/viewer/2022082713/5697bf861a28abf838c87bf0/html5/thumbnails/5.jpg)
Why PGP ?
Its building blocks are made of the best available cryptographic algorithms: RSA, DSS, Diffie-Hellman. [2]
It is independent of operating system and processor.
A Web of Trust - A web of trust is a bunch of PGP keys plus the connections between them, formed by key signings.
![Page 6: Email Security Using PGP - Prajakta Bahekar. Importance of Email Security Email is one of the most widely used network service on Computer Currently email](https://reader036.vdocument.in/reader036/viewer/2022082713/5697bf861a28abf838c87bf0/html5/thumbnails/6.jpg)
PGP a Trust Model
![Page 7: Email Security Using PGP - Prajakta Bahekar. Importance of Email Security Email is one of the most widely used network service on Computer Currently email](https://reader036.vdocument.in/reader036/viewer/2022082713/5697bf861a28abf838c87bf0/html5/thumbnails/7.jpg)
PGP Operation – Authentication1. Sender creates a message2. SHA-1 used to generate 160-bit hash code 3. The hash code is encrypted with RSA using
the sender’s private key, and result is attached to message
4. Receiver uses RSA or DSS with sender’s public key to decrypt and recover hash code
5. Receiver generates new hash code for message and compares with decrypted hash code, if match, message is accepted as authentic
![Page 8: Email Security Using PGP - Prajakta Bahekar. Importance of Email Security Email is one of the most widely used network service on Computer Currently email](https://reader036.vdocument.in/reader036/viewer/2022082713/5697bf861a28abf838c87bf0/html5/thumbnails/8.jpg)
PGP Operation – Confidentiality1. Sender generates message and random 128-
bit number to be used as session key for this message only
2. Message is encrypted, using CAST-128 / IDEA/3DES with session key
3. Session key is encrypted using RSA with recipient's public key, then attached to message
4. Receiver uses RSA with its private key to decrypt and recover the session key
5. Session key is used to decrypt message
![Page 9: Email Security Using PGP - Prajakta Bahekar. Importance of Email Security Email is one of the most widely used network service on Computer Currently email](https://reader036.vdocument.in/reader036/viewer/2022082713/5697bf861a28abf838c87bf0/html5/thumbnails/9.jpg)
PGP Operation Summary
Signature Required?
Generate Signature
Compress the Message
Confidentiality required?
Encrypt the Message
Message Ready to send
Yes
Yes
No
No
Received Message
Signature Required?
Confidentiality required?
Decrypt the Message
Yes
Decompress the Message
Verify Signature
Message Ready to use
Yes
No
No
Plain text Message
![Page 10: Email Security Using PGP - Prajakta Bahekar. Importance of Email Security Email is one of the most widely used network service on Computer Currently email](https://reader036.vdocument.in/reader036/viewer/2022082713/5697bf861a28abf838c87bf0/html5/thumbnails/10.jpg)
Conclusion
PGP is a remarkable phenomenon that provides confidentiality, authentication, and compression for email. [1]
It is platform independent. Web of Trust makes it really easy to
use. It is not controlled by any government.
![Page 11: Email Security Using PGP - Prajakta Bahekar. Importance of Email Security Email is one of the most widely used network service on Computer Currently email](https://reader036.vdocument.in/reader036/viewer/2022082713/5697bf861a28abf838c87bf0/html5/thumbnails/11.jpg)
References
1. Zimmerman P. Pretty Good Privacy: a digital data encryption program. Available from : http://users.ox.ac.uk/~aesb/pgp.ppt
2. Garfinkel S. PGP: Pretty Good Privacy OReilly;1994. 430 p.