Email%20Security%20Using%20PGP - PowerPoint PPT Presentation

About This Presentation
Title:

Email%20Security%20Using%20PGP

Description:

Email is one of the most widely used network service on Computer. Currently email message ... Garfinkel S. PGP: Pretty Good Privacy OReilly;1994. 430 p. ... – PowerPoint PPT presentation

Number of Views:101
Avg rating:3.0/5.0
Slides: 12
Provided by: Praj5
Category:

less

Transcript and Presenter's Notes

Title: Email%20Security%20Using%20PGP


1
Email Security Using PGP
  • - Prajakta Bahekar

2
Importance of Email Security
  • Email is one of the most widely used network
    service on Computer
  • Currently email message contents are not secure.
    Emails without encryption is similar to send mail
    by postcard.

3
Goal of Email Security
  • Confidentiality
  • A message is concealed by encoding it.
  • Authentication
  • Ensuring that information is accessible only to
    authorized person.
  • Message integrity
  • Ensures that the message received is the same as
    the message that was sent

4
One possible solution PGP
  • Pretty Good Privacy developed by Phil Zimmermann
  • PGP is a key encryption program mainly intended
    for email privacy and authentication.
  • PGP email encryption uses asymmetric key
    encryption algorithms.
  • A PGP key is a piece of data used to crypt and/or
    sign the messageĀ  it has a keyid and contains
    the name and email address of the owner.

5
Why PGP ?
  • Its building blocks are made of the best
    available cryptographic algorithms RSA, DSS,
    Diffie-Hellman. 2
  • It is independent of operating system and
    processor.
  • A Web of Trust - A web of trust is a bunch of PGP
    keys plus the connections between them, formed by
    key signings.

6
PGP a Trust Model
7
PGP Operation Authentication
  • Sender creates a message
  • SHA-1 used to generate 160-bit hash code
  • The hash code is encrypted with RSA using the
    senders private key, and result is attached to
    message
  • Receiver uses RSA or DSS with senders public key
    to decrypt and recover hash code
  • Receiver generates new hash code for message and
    compares with decrypted hash code, if match,
    message is accepted as authentic

8
PGP Operation Confidentiality
  • Sender generates message and random 128-bit
    number to be used as session key for this message
    only
  • Message is encrypted, using CAST-128 / IDEA/3DES
    with session key
  • Session key is encrypted using RSA with
    recipient's public key, then attached to message
  • Receiver uses RSA with its private key to decrypt
    and recover the session key
  • Session key is used to decrypt message

9
PGP Operation Summary
10
Conclusion
  • PGP is a remarkable phenomenon that provides
    confidentiality, authentication, and compression
    for email. 1
  • It is platform independent.
  • Web of Trust makes it really easy to use.
  • It is not controlled by any government.

11
References
  1. Zimmerman P. Pretty Good Privacy a digital data
    encryption program. Available from
    http//users.ox.ac.uk/aesb/pgp.ppt
  2. Garfinkel S. PGP Pretty Good Privacy
    OReilly1994. 430 p.
Write a Comment
User Comments (0)
About PowerShow.com