No Slide Title

download report

Transcript No Slide Title

ECE-8843 Prof. John A. Copeland [email protected]

404 894-5177 fax 404 894-0035 Office: GCATT Bldg 579 email or call for office visit, or call Kathy Cheek, 404 894-5696 Chapter 5a - Pretty Good Privacy (PGP) Email

Electronic Mail In 1982, ARPANET email proposals were published as RFC 821 (

/rfc/rfc0821.txt) and RFC 822

Email services since are based on these RFC's

CCITT X.400 & ISO MOTIS grew and waned as competitors

"User Agents" UA, and "Message Transfer Agents" MTA Three parts to an email message:

Envelope - information used to forward the contents

Header - standard strings, some added in route.


To: Cc: Bcc: From: Sender:


Received: (added in route), Return-Path: (by final MTA)


MIME headers added by RFC 1341 and 1521


A. S. Tanenbaum, "Computer Networks," (3rd ed.) p.651


MIME Headers

Multipurpose Internet Mail Extensions (MIME) RFC 1341 and RFC 1521

MIME -Version:


• > >

Content-ID: version number human-readable string unique identifier

Content-Transfer-Encoding: body encoding

> >

ASCII (Plain, quoted-printable, or Richtext) Binary (base64)

Content-Type: nature of the message Image (gif, jpeg), Video (mpeg), Application (Postscript, octet-stream)


A.S.Tanenbaum, "Computer Networks," (3rd ed.) p.653


Received: from (

[]) by (8.8.8+Sun/8.7.1) with ESMTP id UAA00818 for ; Fri, 30 Jul 1999 20:00:35 -0400 (EDT) Received: from ( []) by (8.9.0/8.9.0) with ESMTP id UAA16500 for

>; Fri, 30 Jul 1999 20:00:33 -0400 (EDT) Received: from NOP ( by with SMTP (Eudora Internet Mail Server 2.1); Fri, 30 Jul 1999 16:24:21 -0400 Message-Id: <[email protected]> X-Sender: [email protected] (Unverified) X-Mailer: Windows Eudora Light Version 1.5.4 (32) Mime-Version: 1.0

Date: Fri, 30 Jul 1999 16:21:37 -0400 To: [email protected] (note: I was on a Bcc: list) From: BW Online Subject: BUSINESS WEEK ONLINE INSIDER -- July 30 Content-Type: text/plain; charset="us-ascii" Content-Length: 7694


$ nslookup -q=MX (nslookup -> host) preference = 10, mail exchanger = nameserver = nameserver = nameserver = internet address = internet address = internet address = internet address =


$ nslookup -q=mx

Non-authoritative answer: preference = 20, mail exchanger =

Authoritative answers can be found from: nameserver = NS-01A.ANS.NET nameserver = NS-01B.ANS.NET nameserver = NS-02A.ANS.NET nameserver = NS-02B.ANS.NET

NS-01A.ANS.NET internet address =

NS-01B.ANS.NET internet address =

NS-02A.ANS.NET internet address =

NS-02B.ANS.NET internet address =


$ nslookup



$ nslookup

*** can't find Non-existent host/domain

$ traceroute

1 ( ): 17ms 2 ( ): 18ms 3 ( ): 20ms 4 ( ): 17ms 5 ( ): 25ms 6 ( ): 26ms 7 roc-gsr-greensboro-gsr.carolina. ( ): 29ms 8 ( ): 38ms 9 ( ): 41ms 10 ( ): 42ms 11 ( ): 51ms 12 ( ): 49ms 13 ( ): 53ms 14 ( ): 61ms 15 * * * 16 * * * 7

Security Services for Email

Privacy - only for intended recipient Authentication - confidence in ID of sender Integrity - assurance of no data alteration Non-repudiation - proof that sender sent it Proof of submission - was sent to email server Proof of delivery - was received by addressee Message flow confidentiality - no one can know a message was sent (anti-traffic analysis)


Security Services for Email - 2

Anonymity - sender's ID hidden Containment - message forwards to limited area Audit - events recorded Accounting - user statistics for allocating costs Self-destruct - can not forward or store Message sequence integrity - all messages arrived in correct order 9

Establishing Keys • Public Key Certification • Exchange Public Keys


Multiple Recipients • Encrypt message m with session key, S • Encrypt S with each recipient's key • Send: {S; Kbob}, {S; Kann}, ... , {m; S} Authentication of Source • Hash (MD4, MD5, SHA1) of message, encrypt with private key (provides ciphertext/plaintext pair) • Secret Key K: MIC is hash of K+m, or CBC residue with K (assuming message not encrypted with K).


Message Integrity

The source authentication methods that include a hash of the message provide MIC


Public-key signing provides non-repudiation.

Secret-key method requires a "Notary" to "Sign" a time-stamp + hash of the message

Proof of Delivery

Acknowledge before reading - can't prove m was read.

Acknowledge after - may have read without signing.


Proof of Submission

CC yourself (unfortunately headers easily modified) - CC Notary (if recipient not in Bcc) Flow Confidentiality

Encrypt message and headers, to third party.

Send from the corner Cyber Cafe, fake HotMail account Anonymity

Several Web site services available Containment

Network Admin can set up filter tables on routers.


Names and Addresses

X.500 Name (ISO standard) • ?/C=US/O=CIA/OU=drugs/PN='Manny Norriega' Internet Name • [email protected] or [email protected]

@ • using the alias "mail" lets mail server program be moved from one host to another • in domain, "mail" is an alias for "didier", also any email to ""is ok.

Old message - later Non-reputiation

• Need Notary to sign hash of message, Certificate used to authenticate Public Key, and current CRL 13

Compress Image Compress Text

From "PGP Freeware for MacOS, User's Guide" Version 6.5, Network Associates, Inc.,


with signature attached if there is one

From "PGP Freeware for MacOS, User's Guide" Version 6.5, Network Associates, Inc.,


compressed, 16



To: "Khawar Azad" From: John Copeland Subject: ECE8813 : PGP Endeavor...

Cc: Bcc: X-Attachments: Radix-64 encoding of a binary (all possible 8-bit bytes) message 6-bits at a time into 64 printable ASCII characters (A-Z, a-z , 0-9, +, / bytes 65-90, 97 122, 48-57, 47, 43) pad with =.

-----BEGIN PGP MESSAGE---- Version: PGPfreeware 6.5.2 for non-commercial use qANQR1DBwU4D6cjDU+QAxCwQB/9IZFOIuDSIIQbwa28SQ63DDioFb4bH4bmKfopX cvdDVQ1X53fSJzyLt12RslfQToje8YxRNidYMNg1zDTT7CR9q7LRFoAwBFVtQhWJ jFNXn1+aE8oePReMi6vS0DXSSDfgDuUb1R+c8htHoeik6Oebe9R90J3d51yyCojV P2zJ2C2DyZexiudHPuDF1NIeMX582ib70PNzZhigXZcZgCbzs7ppidhHoZaoFttK goqLBFithU4ca0Xbh/11LDsUC7sY7DnAcjndFQA/7kduOATSlTYaltdaplJl7yAV OIaO+aOuXwpLfcPe9gcuVE43hAgiuy2Vxk1luc1w2MhsnaI2CACU45XGjirbKViV sQ/PJwoTI7Fwgc+Y8Swa0mqgLAeoU1gRpRnouXHrb4IKMzEKGVr6lhAxZ3oXu0h1 zUST5p7EQn/hhGHWusEeUs8m4Q7pT39uIjYDfQTfeNxfEYnI+058QZDuovunzhx7 xtT+CVz9H164uMIl4kTzjcrBqPAFN/MTAX/mJ9aAIEnaOAtO+WF/AteGda7pOhRS feBsX0/4yMH0sv+Q2xrt1AzWOjCfb6vY8nZKeafr7UTfM3P0HpvTnjsIzeehtnRp SW/pKPCTD336unzHVASqdvkC4qlxHb3By8lp6LKD2e25PSWBB+9gJrjfeI2/AGIO sxFHdOU5ycGatX4tvNNZ0aGEJsZSUCirgcjp+ChqiuTGHTAOQsU5d5z/NeuAXHBT 4WJteIrPo10vIbosI88vw5Nf5/MzCSMsIM9TfScwyGTP4B4t4laq4kywBkRXTX6Y FAW34lHwGMxSNqwrST58QVr8j9SiQ9hA2PjRzuM62edMaFOAuMvm3h2Uc6MyDKJx kUk9jmPpuNOYqguruFdngmQatL00GTBr6jk5nzphoJQxUEJA0tTZOGAy8MsK4K+z /X2P1Wgx6M3eNpSoeNF6yqPAW93rl3Bpj27T39BWKjDT2Q5rXXztq6y07oolggh6 nNTkBP17TmMXNhyeBNsUsw/bM0mZt8OrlEp6bB4hflmGC9sAP64KvnkTSK6F+QHT AHT01kWlpvJIZGKyT3PdCh9wlr1hQsUGto10t32fBGsJCXew/EClb554AnyYSzP8 KAjuw1NdKOBlze0DCiO6Z5z+DAxAwlqTxcm42tthF5zFbTk4UKV6ORzIuHmRO7xR 5Io5nlM7T11PDaWqsjLr2ttrSySzARt5fAJ9l1mOH+hSl1YebRjZPaxWw+bsYuqN a0GYr2UdwgE1u5HQuhZ+bOIbSliShfKiNuDGHe6VJrchROHnC9Po2JWAOD7wMFq6 STZ/MPGzViaCUaaWPLSKleiURUh4Ly5/LaNYkaumO9vh+241FPqtZKqRVmHRg6dY UdgoI3yfc3JrvepFQT1yeRjEVrLQiUtyhcwdVoLjofgerGAfe3YuDCxM6wLIuCf7 Ro9edu01qTiXJj25cXHxeNMdA1txLxR3ontbExow+ML5kxs= =68Hd -----END PGP MESSAGE---- 19


PGP Certificates

Anyone can issue a Certificate to anyone else Certificates can be revoked by the issuer

Privacy Enhanced Mail, another standard

Where PEM expands data into canonical form, • (+33% for text, +78% after encryption) PGP compresses data using ZIP(-50%), encrypts, then (optionally) converts to base64 (+33%) 21

Things of which to be aware

Neither PEM or PGP encode mail headers • Subject can give away useful info • To and From give an intruder traffic analysis info PGP gives recipient the original file name and modification date PEM may be used in a local system with unknown trustworthyness of certificates Certificates often verify that sender is "John Smith" but he may not be the "John Smith" you think (PGP allows pictures in certificates) 22