ECE-8843 copeland/jac/8843-03/ Prof. John A. Copeland [email protected] 404 894-5177 fax...
-
Upload
thomasina-goodwin -
Category
Documents
-
view
218 -
download
0
Transcript of ECE-8843 copeland/jac/8843-03/ Prof. John A. Copeland [email protected] 404 894-5177 fax...
![Page 1: ECE-8843 copeland/jac/8843-03/ Prof. John A. Copeland john.copeland@ece.gatech.edu 404 894-5177 fax 404 894-0035 Office: GCATT.](https://reader033.fdocuments.us/reader033/viewer/2022051215/56649db95503460f94aa9ea4/html5/thumbnails/1.jpg)
ECE-8843http://www.ece.gatech.edu/~copeland/jac/8843-03/
Prof. John A. [email protected]
404 894-5177fax 404 894-0035
Office: GCATT Bldg 579email or call for office visit, or call Kathy Cheek, 404 894-5696
Chapter 5a - Pretty Good Privacy (PGP) Email
![Page 2: ECE-8843 copeland/jac/8843-03/ Prof. John A. Copeland john.copeland@ece.gatech.edu 404 894-5177 fax 404 894-0035 Office: GCATT.](https://reader033.fdocuments.us/reader033/viewer/2022051215/56649db95503460f94aa9ea4/html5/thumbnails/2.jpg)
Electronic Mail
In 1982, ARPANET email proposals were published as RFC
821 (www.ietf.org/rfc/rfc0821.txt) and RFC 822
• Email services since are based on these RFC's
• CCITT X.400 & ISO MOTIS grew and waned as competitors
• "User Agents" UA, and "Message Transfer Agents" MTA
Three parts to an email message:
• Envelope - information used to forward the contents
• Header - standard strings, some added in route.
> To: Cc: Bcc: From: Sender:
> Received: (added in route), Return-Path: (by final MTA)
> MIME headers added by RFC 1341 and 1521
> A. S. Tanenbaum, "Computer Networks," (3rd ed.) p.651 2
![Page 3: ECE-8843 copeland/jac/8843-03/ Prof. John A. Copeland john.copeland@ece.gatech.edu 404 894-5177 fax 404 894-0035 Office: GCATT.](https://reader033.fdocuments.us/reader033/viewer/2022051215/56649db95503460f94aa9ea4/html5/thumbnails/3.jpg)
MIME HeadersMultipurpose Internet Mail Extensions (MIME)
RFC 1341 and RFC 1521
• MIME -Version: version number
• Content-Description: human-readable string
• Content-ID: unique identifier
• Content-Transfer-Encoding: body encoding
> ASCII (Plain, quoted-printable, or Richtext)> Binary (base64)
• Content-Type: nature of the message
> Image (gif, jpeg), Video (mpeg), > Application (Postscript, octet-stream)
> A.S.Tanenbaum, "Computer Networks," (3rd ed.) p.653
3
![Page 4: ECE-8843 copeland/jac/8843-03/ Prof. John A. Copeland john.copeland@ece.gatech.edu 404 894-5177 fax 404 894-0035 Office: GCATT.](https://reader033.fdocuments.us/reader033/viewer/2022051215/56649db95503460f94aa9ea4/html5/thumbnails/4.jpg)
Received: from didier.ee.gatech.edu (didier.ee.gatech.edu[130.207.230.10]) by eagle.gcatt.gatech.edu (8.8.8+Sun/8.7.1) with
ESMTP id UAA00818 for <[email protected]>; Fri, 30 Jul1999 20:00:35 -0400 (EDT)
Received: from bwnewsletter.com (gw2.mcgraw-hill.com [198.45.19.20])by didier.ee.gatech.edu (8.9.0/8.9.0) with ESMTP id UAA16500
for <[email protected]>; Fri, 30 Jul 1999 20:00:33 -0400 (EDT)
Received: from NOP (152.159.60.175) by bwnewsletter.com with SMTP(Eudora Internet Mail Server 2.1); Fri, 30 Jul 1999 16:24:21 -0400
Message-Id: <[email protected]>X-Sender: [email protected] (Unverified)X-Mailer: Windows Eudora Light Version 1.5.4 (32)
Mime-Version: 1.0Date: Fri, 30 Jul 1999 16:21:37 -0400
To: [email protected] (note: I was on a Bcc: list)From: BW Online <[email protected]>Subject: BUSINESS WEEK ONLINE INSIDER -- July 30Content-Type: text/plain; charset="us-ascii"
Content-Length: 7694 4
![Page 5: ECE-8843 copeland/jac/8843-03/ Prof. John A. Copeland john.copeland@ece.gatech.edu 404 894-5177 fax 404 894-0035 Office: GCATT.](https://reader033.fdocuments.us/reader033/viewer/2022051215/56649db95503460f94aa9ea4/html5/thumbnails/5.jpg)
$ nslookup -q=MX ee.gatech.edu (nslookup -> host)
ee.gatech.edu preference = 10,
mail exchanger = mail.ee.gatech.edu
ee.gatech.edu nameserver = eeserv.ee.gatech.edu
ee.gatech.edu nameserver = duchess.ee.gatech.edu
ee.gatech.edu nameserver = didier.ee.gatech.edu
mail.ee.gatech.edu internet address = 130.207.230.10
eeserv.ee.gatech.edu internet address = 130.207.230.5
duchess.ee.gatech.edu internet address = 130.207.230.13
didier.ee.gatech.edu internet address = 130.207.230.10 5
![Page 6: ECE-8843 copeland/jac/8843-03/ Prof. John A. Copeland john.copeland@ece.gatech.edu 404 894-5177 fax 404 894-0035 Office: GCATT.](https://reader033.fdocuments.us/reader033/viewer/2022051215/56649db95503460f94aa9ea4/html5/thumbnails/6.jpg)
$ nslookup -q=mx mcgraw-hill.com
Non-authoritative answer:mcgraw-hill.com preference = 20, mail exchanger =
interlock.mgh.com
Authoritative answers can be found from:mcgraw-hill.com nameserver = NS-01A.ANS.NETmcgraw-hill.com nameserver = NS-01B.ANS.NETmcgraw-hill.com nameserver = NS-02A.ANS.NETmcgraw-hill.com nameserver = NS-02B.ANS.NET
NS-01A.ANS.NET internet address = 199.221.47.7NS-01B.ANS.NET internet address = 199.221.47.8NS-02A.ANS.NET internet address = 207.24.245.179NS-02B.ANS.NET internet address = 207.24.245.178
6
![Page 7: ECE-8843 copeland/jac/8843-03/ Prof. John A. Copeland john.copeland@ece.gatech.edu 404 894-5177 fax 404 894-0035 Office: GCATT.](https://reader033.fdocuments.us/reader033/viewer/2022051215/56649db95503460f94aa9ea4/html5/thumbnails/7.jpg)
$ nslookup 198.45.19.20Name: gw2.mcgraw-hill.comAddress: 198.45.19.20
$ nslookup 152.159.60.175
*** can't find 152.159.60.175: Non-existent host/domain
$ traceroute 152.159.60.175
1 24.88.12.129 (24.88.12.129 ): 17ms 2 stn-mtn-rtrb.atl.mediaone.net. (24.88.0.254 ): 18ms
3 24.93.64.69 (24.93.64.69 ): 20ms 4 24.93.64.61 (24.93.64.61 ): 17ms 5 24.93.64.57 (24.93.64.57 ): 25ms
6 sgarden-sa-gsr.carolina.rr.com. (24.93.64.30 ): 26ms 7 roc-gsr-greensboro-gsr.carolina. (24.93.64.17 ): 29ms
8 24.93.64.45 (24.93.64.45 ): 38ms 9 sjbrt01-vnbrt01.rr.com. (24.128.6.6 ): 41ms10 pnbrt01-vnbrt01.rr.com. (24.128.6.85 ): 42ms
11 p217.t3.ans.net. (192.157.69.52 ): 51ms12 h13-1.t32-0.new-york.t3.ans.net. (140.223.33.21 ): 49ms13 f0-0.cnss33.new-york.t3.ans.net. (140.222.32.193 ): 53ms
14 s0.enss3339.t3.ans.net. (199.222.77.70 ): 61ms15 * * * 16 * * *
7
![Page 8: ECE-8843 copeland/jac/8843-03/ Prof. John A. Copeland john.copeland@ece.gatech.edu 404 894-5177 fax 404 894-0035 Office: GCATT.](https://reader033.fdocuments.us/reader033/viewer/2022051215/56649db95503460f94aa9ea4/html5/thumbnails/8.jpg)
Security Services for Email
Privacy - only for intended recipient
Authentication - confidence in ID of sender
Integrity - assurance of no data alteration
Non-repudiation - proof that sender sent it
Proof of submission - was sent to email server
Proof of delivery - was received by addressee
Message flow confidentiality - no one can knowa message was sent (anti-traffic analysis)
8
![Page 9: ECE-8843 copeland/jac/8843-03/ Prof. John A. Copeland john.copeland@ece.gatech.edu 404 894-5177 fax 404 894-0035 Office: GCATT.](https://reader033.fdocuments.us/reader033/viewer/2022051215/56649db95503460f94aa9ea4/html5/thumbnails/9.jpg)
Anonymity - sender's ID hidden
Containment - message forwards to limited area
Audit - events recorded
Accounting - user statistics for allocating costs
Self-destruct - can not forward or store
Message sequence integrity - all messages
arrived in correct order
Security Services for Email - 2
9
![Page 10: ECE-8843 copeland/jac/8843-03/ Prof. John A. Copeland john.copeland@ece.gatech.edu 404 894-5177 fax 404 894-0035 Office: GCATT.](https://reader033.fdocuments.us/reader033/viewer/2022051215/56649db95503460f94aa9ea4/html5/thumbnails/10.jpg)
PrivacyEstablishing Keys
• Public Key Certification
• Exchange Public Keys
Multiple Recipients • Encrypt message m with session key, S
• Encrypt S with each recipient's key
• Send: {S; Kbob}, {S; Kann}, ... , {m; S}
Authentication of Source
• Hash (MD4, MD5, SHA1) of message, encrypt withprivate key (provides ciphertext/plaintext pair)
• Secret Key K: MIC is hash of K+m, or CBC residuewith K (assuming message not encrypted with K). 10
![Page 11: ECE-8843 copeland/jac/8843-03/ Prof. John A. Copeland john.copeland@ece.gatech.edu 404 894-5177 fax 404 894-0035 Office: GCATT.](https://reader033.fdocuments.us/reader033/viewer/2022051215/56649db95503460f94aa9ea4/html5/thumbnails/11.jpg)
Message IntegrityThe source authentication methods thatinclude a hash of the message provide MIC
Non-repudiation
Public-key signing provides non-repudiation.
Secret-key method requires a "Notary" to"Sign" a time-stamp + hash of the message
Proof of DeliveryAcknowledge before reading - can't prove m was read.
Acknowledge after - may have read without signing.11
![Page 12: ECE-8843 copeland/jac/8843-03/ Prof. John A. Copeland john.copeland@ece.gatech.edu 404 894-5177 fax 404 894-0035 Office: GCATT.](https://reader033.fdocuments.us/reader033/viewer/2022051215/56649db95503460f94aa9ea4/html5/thumbnails/12.jpg)
Proof of Submission
• CC yourself (unfortunately headers easilymodified) - CC Notary (if recipient not in Bcc)
Flow Confidentiality
• Encrypt message and headers, to third party.
• Send from the corner Cyber Cafe, fake HotMailaccount
Anonymity
• Several Web site services available
Containment
• Network Admin can set up filter tables onrouters.
12
![Page 13: ECE-8843 copeland/jac/8843-03/ Prof. John A. Copeland john.copeland@ece.gatech.edu 404 894-5177 fax 404 894-0035 Office: GCATT.](https://reader033.fdocuments.us/reader033/viewer/2022051215/56649db95503460f94aa9ea4/html5/thumbnails/13.jpg)
Names and AddressesX.500 Name (ISO standard)
• ?/C=US/O=CIA/OU=drugs/PN='Manny Norriega'
Internet Name
• [email protected] or [email protected]
• <user account name> @ <DNS host name or alias>
• using the alias "mail" lets mail server program bemoved from one host to another
• in ece.gatech.edu domain, "mail" is an alias for"didier", also any email to "ece.gatech.edu"is ok.
Old message - later Non-reputiation• Need Notary to sign hash of message, Certificate
used to authenticate Public Key, and current CRL13
![Page 14: ECE-8843 copeland/jac/8843-03/ Prof. John A. Copeland john.copeland@ece.gatech.edu 404 894-5177 fax 404 894-0035 Office: GCATT.](https://reader033.fdocuments.us/reader033/viewer/2022051215/56649db95503460f94aa9ea4/html5/thumbnails/14.jpg)
From "PGP Freeware for MacOS, User's Guide" Version 6.5, Network Associates, Inc., www.pgp.com
14
Compress Image Compress Text
![Page 15: ECE-8843 copeland/jac/8843-03/ Prof. John A. Copeland john.copeland@ece.gatech.edu 404 894-5177 fax 404 894-0035 Office: GCATT.](https://reader033.fdocuments.us/reader033/viewer/2022051215/56649db95503460f94aa9ea4/html5/thumbnails/15.jpg)
From "PGP Freeware for MacOS, User's Guide" Version 6.5, Network Associates, Inc., www.pgp.com
15
with signatureattached ifthere is one
![Page 16: ECE-8843 copeland/jac/8843-03/ Prof. John A. Copeland john.copeland@ece.gatech.edu 404 894-5177 fax 404 894-0035 Office: GCATT.](https://reader033.fdocuments.us/reader033/viewer/2022051215/56649db95503460f94aa9ea4/html5/thumbnails/16.jpg)
16
compressed,
![Page 17: ECE-8843 copeland/jac/8843-03/ Prof. John A. Copeland john.copeland@ece.gatech.edu 404 894-5177 fax 404 894-0035 Office: GCATT.](https://reader033.fdocuments.us/reader033/viewer/2022051215/56649db95503460f94aa9ea4/html5/thumbnails/17.jpg)
17
![Page 18: ECE-8843 copeland/jac/8843-03/ Prof. John A. Copeland john.copeland@ece.gatech.edu 404 894-5177 fax 404 894-0035 Office: GCATT.](https://reader033.fdocuments.us/reader033/viewer/2022051215/56649db95503460f94aa9ea4/html5/thumbnails/18.jpg)
18
![Page 19: ECE-8843 copeland/jac/8843-03/ Prof. John A. Copeland john.copeland@ece.gatech.edu 404 894-5177 fax 404 894-0035 Office: GCATT.](https://reader033.fdocuments.us/reader033/viewer/2022051215/56649db95503460f94aa9ea4/html5/thumbnails/19.jpg)
To: "Khawar Azad" <[email protected]>From: John Copeland <[email protected]>Subject: ECE8813 : PGP Endeavor...Cc: Bcc: X-Attachments:
-----BEGIN PGP MESSAGE-----Version: PGPfreeware 6.5.2 for non-commercial use <http://www.pgp.com>
qANQR1DBwU4D6cjDU+QAxCwQB/9IZFOIuDSIIQbwa28SQ63DDioFb4bH4bmKfopXcvdDVQ1X53fSJzyLt12RslfQToje8YxRNidYMNg1zDTT7CR9q7LRFoAwBFVtQhWJjFNXn1+aE8oePReMi6vS0DXSSDfgDuUb1R+c8htHoeik6Oebe9R90J3d51yyCojVP2zJ2C2DyZexiudHPuDF1NIeMX582ib70PNzZhigXZcZgCbzs7ppidhHoZaoFttKgoqLBFithU4ca0Xbh/11LDsUC7sY7DnAcjndFQA/7kduOATSlTYaltdaplJl7yAVOIaO+aOuXwpLfcPe9gcuVE43hAgiuy2Vxk1luc1w2MhsnaI2CACU45XGjirbKViVsQ/PJwoTI7Fwgc+Y8Swa0mqgLAeoU1gRpRnouXHrb4IKMzEKGVr6lhAxZ3oXu0h1zUST5p7EQn/hhGHWusEeUs8m4Q7pT39uIjYDfQTfeNxfEYnI+058QZDuovunzhx7xtT+CVz9H164uMIl4kTzjcrBqPAFN/MTAX/mJ9aAIEnaOAtO+WF/AteGda7pOhRSfeBsX0/4yMH0sv+Q2xrt1AzWOjCfb6vY8nZKeafr7UTfM3P0HpvTnjsIzeehtnRpSW/pKPCTD336unzHVASqdvkC4qlxHb3By8lp6LKD2e25PSWBB+9gJrjfeI2/AGIOsxFHdOU5ycGatX4tvNNZ0aGEJsZSUCirgcjp+ChqiuTGHTAOQsU5d5z/NeuAXHBT4WJteIrPo10vIbosI88vw5Nf5/MzCSMsIM9TfScwyGTP4B4t4laq4kywBkRXTX6YFAW34lHwGMxSNqwrST58QVr8j9SiQ9hA2PjRzuM62edMaFOAuMvm3h2Uc6MyDKJxkUk9jmPpuNOYqguruFdngmQatL00GTBr6jk5nzphoJQxUEJA0tTZOGAy8MsK4K+z/X2P1Wgx6M3eNpSoeNF6yqPAW93rl3Bpj27T39BWKjDT2Q5rXXztq6y07oolggh6nNTkBP17TmMXNhyeBNsUsw/bM0mZt8OrlEp6bB4hflmGC9sAP64KvnkTSK6F+QHTAHT01kWlpvJIZGKyT3PdCh9wlr1hQsUGto10t32fBGsJCXew/EClb554AnyYSzP8KAjuw1NdKOBlze0DCiO6Z5z+DAxAwlqTxcm42tthF5zFbTk4UKV6ORzIuHmRO7xR5Io5nlM7T11PDaWqsjLr2ttrSySzARt5fAJ9l1mOH+hSl1YebRjZPaxWw+bsYuqNa0GYr2UdwgE1u5HQuhZ+bOIbSliShfKiNuDGHe6VJrchROHnC9Po2JWAOD7wMFq6STZ/MPGzViaCUaaWPLSKleiURUh4Ly5/LaNYkaumO9vh+241FPqtZKqRVmHRg6dYUdgoI3yfc3JrvepFQT1yeRjEVrLQiUtyhcwdVoLjofgerGAfe3YuDCxM6wLIuCf7Ro9edu01qTiXJj25cXHxeNMdA1txLxR3ontbExow+ML5kxs==68Hd-----END PGP MESSAGE-----
Radix-64 encoding of a binary (all possible 8-bit bytes) message 6-bits at a time into 64 printable ASCII characters (A-Z, a-z , 0-9, +, / bytes 65-90, 97-122, 48-57, 47, 43) pad with =.
19
![Page 20: ECE-8843 copeland/jac/8843-03/ Prof. John A. Copeland john.copeland@ece.gatech.edu 404 894-5177 fax 404 894-0035 Office: GCATT.](https://reader033.fdocuments.us/reader033/viewer/2022051215/56649db95503460f94aa9ea4/html5/thumbnails/20.jpg)
20
![Page 21: ECE-8843 copeland/jac/8843-03/ Prof. John A. Copeland john.copeland@ece.gatech.edu 404 894-5177 fax 404 894-0035 Office: GCATT.](https://reader033.fdocuments.us/reader033/viewer/2022051215/56649db95503460f94aa9ea4/html5/thumbnails/21.jpg)
PGP Certificates
Anyone can issue a Certificate to anyone elseCertificates can be revoked by the issuer
Where PEM expands data into canonical form,
• (+33% for text, +78% after encryption)
PGP compresses data using ZIP(-50%),encrypts, then (optionally) converts tobase64 (+33%)
Privacy Enhanced Mail,another standard
21
![Page 22: ECE-8843 copeland/jac/8843-03/ Prof. John A. Copeland john.copeland@ece.gatech.edu 404 894-5177 fax 404 894-0035 Office: GCATT.](https://reader033.fdocuments.us/reader033/viewer/2022051215/56649db95503460f94aa9ea4/html5/thumbnails/22.jpg)
Things of which to be aware
Neither PEM or PGP encode mail headers
• Subject can give away useful info
• To and From give an intruder traffic analysis info
PGP gives recipient the original file name and
modification date
PEM may be used in a local system with
unknown trustworthyness of certificates
Certificates often verify that sender is "John
Smith" but he may not be the "John Smith"
you think (PGP allows pictures in certificates)22