SlideShare une entreprise Scribd logo

E-mail Security Protocol - 2 Pretty Good Privacy (PGP)

Vishal Kumar
Vishal Kumar

Pretty Good privacy. we will discuss in this document about the E-mail security protocol number 2 which is PGP, you will learn about the working of PGP, PGP Algorithms, PGP Key Rings, PGP Certificates and about the Web Trust in PGP.

Internet
1  sur  12
Télécharger pour lire hors ligne
1 WWW.Prohackers.in “E-mail Security Protocol-2 Pretty Good Privacy (PGP)” By: -Vishal Kumar (CEH, CHFI, CISE, MCP) info@prohackers.in
2 WWW.Prohackers.in Table of Content 1. Introduction to PGP 2. The Working of PGP a) Step 1: Digital Signature b) Step 2: Compression c) Step 3: Encryption d) Step 4: Digital Enveloping e) Step 1: Base-64 Encoding 3. PGP Algorithms 4. Key Rings 5. PGP Certificates a) Introducer Trust b) Certificate Trust c) Key Legitimacy 6. Web of Trust
3 WWW.Prohackers.in 1. Digital Signature 2. Compression 3. Encryption 5. Base-64 Encoding Fig: PGP operation 4. Enveloping Introduction Phil Zimmerman is the father of the Pretty Good Privacy (PGP) protocol. The most significant aspects of PGP are that it supports the basic requirements of cryptography, is quite simple to use, and is completely free. Including its source code and documentation. Moreover, for those organizations that require support, a low-cost commercial version of PGP is available from an organization called Viacrypt (now Network Associates). PGP has become extremely popular and is far more widely used, as compare to PEM. The E-mail cryptographic support offered by PGP is shown below: 1 The Working of PGP In PGP, the sender of the message needs to include the identifiers of the algorithm used in the message, along with the value of the keys. The broad-level steps of PGP are illustrated in the fig. as shown, PGP starts with a digital signature, which is followed by compression, then by encryption, then by digital enveloping and finally, by Base-64 encoding. PGP allows for three security options when sending an email message. These options are.  Signature (steps 1 and 2) Pretty Good Privacy (PGP) Encryption Non-repudiation Message Integrity Fig: - Security Features offered by PGP
4 WWW.Prohackers.in  Signature and Base-64 encoding (Steps 1, 2 and 3)  Signature, Encryption, Enveloping, and Base064 encoding (Steps 1 to 5) Let us discuss these five steps in PGP, Step 1: Digital Signature We had earlier discussed about the digital signature in the Step 1 of Privacy Enhance Mail protocol. Step 2: Compression This is additional step in PGP. Here, the input message as well as the digital signature are compressed together to reduce the size of final message that will be transmitted. For this, the famous ZIP program is used. ZIP is based on Lempel-Ziv-algorithm. The Lempel-Ziv-algorithm looks for repeated strings or words, and stores them in a variable. It then replaces the actual occurrence of the repeated word or string with a pointer to the crossponding variable. Since a pointer requires only a few bits of memory as compare to original string, this this method reduces in the data being compressed. For instance, consider the following string: What is your name? My name is vishal Using the Lempel-Ziv-algorithm, we would create two variables, say A and B and replace the word is and name by pointer to A and B, respectively. This is shown in below image. What is your name? My name is vishal 1. A = is 2. B = name What 1 your 2? My 2 1 Vishal Original String Variable creation and assignment Compressed String Fig: - Lempel-Ziv-Algorithm, as used by the ZIP program
5 WWW.Prohackers.in As we can see, the resulting string What 1 your 2? My 2 1 vishal, is smaller then compare to original string what is your name? My name is vishal. Step 3: Encryption In this step the compressed output of stem 2 (the compression from of the original email and digital signature together) are encrypted with a symmetric key. For this, generally the IDEA algorithm in CFB mode is used. We have already discussed this process in PEM (Privacy Enhance Mail) protocol. Step 4: Digital Enveloping In this case symmetric key used for encryption in step 3 is now encrypted with receiver public key. The output of stem 3 and step 4 together forms a digital envelope. This is shown in below figure: Step 5: Base-64 encoding The output of step 4 is Base-64 encoded; we have already discussed the process of this encoding in PEM (Privacy Enhance Mail) protocol. Output of Step 3 Sender Symmetric key encrypted with the receiver’s public key Digital Envelope Fig: - Formation of Digital Envelope
6 WWW.Prohackers.in 2.2 PGP Algorithms PGP supports a number of algorithms. The most common of them are listed below: Algorithm type Description Asymmetric Key RSA (Encryption and signing, Encryption only, Signing only) DSS (Signing only) Message Digest MD5, SHA-1, RIPE-MD Encryption IDEA, DES-3, AES 2.3 Key Rings When a sender wants to send an email message to a single recipient, there is no too much of problem. Complexities are introduced when a message has to be sent to multiple recipients. If Alice needs to correspond with 10 people, Alice needs the public key of all the 10 people. Hence, Alice is said to need a key ring of 10 public key. PGP specific a ring of public-private keys. This is because Alice may want to change her public-private key pair, or may want to use a different key pair for different groups or users. In other words, every PGP user need to have two sets of key rings: (a) A ring of her own public- private key pair, (b) A ring of public key of other users. The concept of key rings is shown in the below figure. Note that in one of the key rings, Alice maintain a set of key pair; while in other she just maintain the public keys of other users. Obliviously, she cannot have the private key of other users. Table: - PGP Algorithms Alice’s key ring, where she holds her own public-private key pairs Alice’s key ring, where she holds only the public key of PGP users in the system Fig: Key rings maintain by a user in PGP
7 WWW.Prohackers.in 2.4 PGP Certificates In order to trust the public key of a user, we need to have that user’s digital certificate. PGP can use certificate issued by a CA, or can use its own certificate system. The originally, certificate issued by the root CA to the second-level CAs. The second level CA can issue certificate to third-level CA and so on this can continue up-to the require number of levels. At the lowest level, the last CA issues certificate to end user. In PGP, there is no CA, anyone can sign a certificate to anyone else in the ring. Vishal can sign the certificate to Deepak, Juhi, Harish and so on. There is no hierarchy of trust. This creates a situation where a user can have certificates issued by different users. For example; Juhi may have a certificate signed by Vishal and another one by Anita, this is shown in the below figure. Hence, if Harish wants to verify Juhi’s certificate, he has two paths: Juhi to Vishal and Juhi to Anita. Harish may fully trust Vishal, but not Anita, hence there can be a multiple path in the line of trust from a fully or partially trusted authority to a certificate. The equivalent of CA (a user who issue certificate) in PGP is called introducer. Vishal Anita Digital Certificate User: Juhi Issued by: Vishal Digital Certificate User: Juhi Issued by: Anita Juhi Fig: Anyone can issue certificate to anyone else
8 WWW.Prohackers.in The whole concept can be understood better with the help of three ideas:  Introducer trust  Certificate trust  Key legitimacy Let us discuss these three concepts now: (a) Introducer trust We know that there is no hierarchical CA structure in PGP. Hence it is natural that the ring of trust in PGP cannot be very large, if every user has to trust every other user in the system. Think about this, in real life, we do not fully trust everyone. To resolve this issue PGP provides for multiple level of trust. The number of level depends on the decision of implementing PGP. However, for simplicity, let us say that we have decided to implement three level of trust to an introducer. These three levels are none, partial, and complete. The introducer trust then specifies what level of trust the introducer wants to allocate to other user in the system. For example, Vishal may now say that he fully trust Juhi, where Anita says she only partial trust Juhi. Juhi says that she does not trust Harish, Harish suggest that he partially trust Anita in turn, and so on. This scenario is shown in the below figure. Vishal Anita Digital Certificate User: Juhi Trust: Full Digital Certificate User: Juhi Trust: Partial Juhi Fig: Introducer Trust Digital Certificate User: Anita Trust: Partial Digital Certificate User: Harish Trust: None Harish
9 WWW.Prohackers.in (b) Certificate trust When a user A receives a certificate of another user B issued by this ruder C, depending on the level of trust that A has in C, A assign a certificate trust level to that certificate while storing it. It is normally the same as the introducer trust level that issued the certificate this is shown in the below figure. Background Information: Vishal and Anita have issued certificate to Juhi, Juhi send these certificates to Harish, so that Harish can extract Juhi’s public key out of any of those certificates and use it in communication with Juhi. However, Harish does not trust Vishal at all, but trust Anita fully. Fig: certificate Trust Result: when Juhi sends the two certificates (issued by Vishal and Anita) to Harish, Harish adds them to his database of certificate. It is actually the ring of public key of other users. Apart from adding them there, Harish record the fact that it does not want to trust Juhi’s certificate issued by Vishal (because he does not trust Vishal), but want to trust Juhi’s certificate issued by Anita (because he trust Anita)
10 WWW.Prohackers.in This concept is explained in the diagram. Let us take another example to ensure that there is no confusion. Imagine that there is a set of users in the system. Assume that Mahesh fully trust Naren, partially trust Ravi and Anmol, and has no trust in Amit. i. Naren issue two certificates: one to Amrita (with public key K1) and another to Pallavi (with public key K2). Mahesh stores the public key and certificates or Amrita and Pallavi in his key ring of public keys with certificate trust level equal to fully. ii. Ravi issues a certificate to Uday (with public key K3). Mahesh stores the public key and certificate of Uday in his ring of public key with certificate trust level equal to partial. iii. Anmol Issue Two Certificates: one to Uday (with public key K3), and another to Parag (with public Key K4). Mahesh stores the public keys and certificates of Uday and Parag in his ring of public key with certificate trust level equal to partial. Note that Mahesh has now two certificates for Uday, one issued by Ravi, and the other issued by Anmol, both with partial level of certificate trust. iv. Amit issue a certificate to Parag (with public key K4). Mahesh stores the public key and certificate of Parag in his ring or public keys with certificate trust level equal to none. Mahesh can also discard this certificate. (c) Key legitimacy The objective behind the introducer trust and certificate trust is to decide whether to trust the public key of a user. In PGP terms, this is called Key Legitimacy. Mahesh needs to know how legitimate are the public keys of Amrita, Pallavi, Uday, and Parag and so on. PGP define the following the simple rule to decide the key legitimacy: the level of key legitimacy for a user is the weighted trust level for that user. For example, suppose we have assigned certain weights to certificate trust level, as shown in the below figure: Weight Meaning 0 No trust ½ Partial trust 1 Complete or Full trust
11 WWW.Prohackers.in In this situation in order to trust a public key (i.e. certificate) of any other user, Mahesh needs one fully trusted certificate or two partial trusted certificates. Thus Mahesh can fully trust Amrita and Pallavi based on the certificates they had received from Naren. Mahesh can also trust Uday, based on tow partial trusted certificates that Uday had received from Ravi and Anmol. 2.5 Web Trust The earlier discussion leads to a potential problem. What happens if nobody creates certificate for fully or partially trusted entity? In our example, on what basis would we trust Naren’s public key, if no one has created a certificate for Naren? To resolve this problem, several schemes are possible in PGP, as outlined below. (a) Mahesh can physically obtain the public key of Naren by meeting in person and getting the key on a piece of paper or as a disk file. (b) This can be done telephonic as well. (c) Naren can email his public key to Mahesh. Both Naren and Mahesh compute the message digest of this key. If MD5 is used, the result is a 16-byte digest. If SHA-1 is used, the result is 20-byte digest. In hexadecimal, the digest become a 32-digit value in MD5, and a 40-digit value in SHA-1. This is displayed as 8 groups of 4-digit value in MD5, and 10 groups of 4-digit values in SHA-1, and is called fingerprint. Before Mahesh adds this public key of Naren to his ring, he can call up Naren to tell him what fingerprint value he has obtained to cross-check with the fingerprint value that is separately obtained by Naren. This ensures that the public key value is not changed in the email transit. To make matters better, PGP assign a unique English word to a 4-digit hexadecimal number group, so that instead of speaking out the hexadecimal string of numbers, users can speak out normal English words as define by PGP. For example PGP may assign a word India to a hexadecimal pattern of 4AOB, etc. (d) Mahesh can obtain Naren’s public key from CA. Regardless of the mechanism, eventually this process of obtaining key of other users and sending our own to others creates which is called web of trust between groups of people.
12 WWW.Prohackers.in This keeps the public key ring getting bigger and bigger, and helps secure the email communication Whenever a user needs to revoke his/her public key (because of loss of private key, etc) he/she needs to send a key revocation certificate to the other users. This certificate is self-signed by the user with his/her private key. Thanks for reading this presentation Please give us your feedback at info@prohackers.in Your feedback is most valuable for us for improving the presentation You can also suggest the topic on which you want the presentation Website: www.prohackers.in FB page: www.facebook.com/theprohackers2017 Join FB Group: www.facebook.com/groups/group.prohackers/ Watch us on: www.youtube.com//channel/UCcyYSi1sh1SmyMlGfB-Vq6A ***Thanks***

Recommandé

Electronic mail security
Electronic mail securityElectronic mail security
Electronic mail securityDr.Florence Dayana
 
Email Security Presentation
Email Security PresentationEmail Security Presentation
Email Security PresentationYosef Gamble
 
Pgp
PgpPgp
PgpReham Maher El-Safarini
 
Email security
Email securityEmail security
Email securityIndrajit Sreemany
 
Celebrity Cricket League 2016 - http://ccl5.com/
Celebrity Cricket League 2016 - http://ccl5.com/ Celebrity Cricket League 2016 - http://ccl5.com/
Celebrity Cricket League 2016 - http://ccl5.com/ Tania Agni
 
Pretty good privacy
Pretty good privacyPretty good privacy
Pretty good privacyPushkar Dutt
 
Lecture 8 mail security
Lecture 8 mail securityLecture 8 mail security
Lecture 8 mail securityrajakhurram
 
Network security cs8
Network security cs8Network security cs8
Network security cs8Infinity Tech Solutions
 

Recommandé

Electronic mail security
Electronic mail securityElectronic mail security
Electronic mail securityDr.Florence Dayana
 
Email Security Presentation
Email Security PresentationEmail Security Presentation
Email Security PresentationYosef Gamble
 
Pgp
PgpPgp
PgpReham Maher El-Safarini
 
Email security
Email securityEmail security
Email securityIndrajit Sreemany
 
Celebrity Cricket League 2016 - http://ccl5.com/
Celebrity Cricket League 2016 - http://ccl5.com/ Celebrity Cricket League 2016 - http://ccl5.com/
Celebrity Cricket League 2016 - http://ccl5.com/ Tania Agni
 
Pretty good privacy
Pretty good privacyPretty good privacy
Pretty good privacyPushkar Dutt
 
Lecture 8 mail security
Lecture 8 mail securityLecture 8 mail security
Lecture 8 mail securityrajakhurram
 
Network security cs8
Network security cs8Network security cs8
Network security cs8Infinity Tech Solutions
 
Using PGP for securing the email
Using PGP for securing the emailUsing PGP for securing the email
Using PGP for securing the emailGianni Fiore
 
The Fundamental of Secure Socket Layer (SSL)
The Fundamental of Secure Socket Layer (SSL)The Fundamental of Secure Socket Layer (SSL)
The Fundamental of Secure Socket Layer (SSL)Vishal Kumar
 
E-mail Security in Network Security NS5
E-mail Security in Network Security NS5E-mail Security in Network Security NS5
E-mail Security in Network Security NS5koolkampus
 
S/MIME & E-mail Security (Network Security)
S/MIME & E-mail Security (Network Security)S/MIME & E-mail Security (Network Security)
S/MIME & E-mail Security (Network Security)Prafull Johri
 
Email Security
Email SecurityEmail Security
Email Securityselvakumar_b1985
 
E mail security
E mail securityE mail security
E mail securitySoumya Vijoy
 
Pgp
PgpPgp
PgpAbhishek Kesharwani
 
Ch15
Ch15Ch15
Ch15Joe Christensen
 
Email Security : PGP & SMIME
Email Security : PGP & SMIMEEmail Security : PGP & SMIME
Email Security : PGP & SMIMERohit Soni
 
Network Security Primer
Network Security PrimerNetwork Security Primer
Network Security PrimerVenkatesh Iyer
 
Pretty good privacy
Pretty good privacyPretty good privacy
Pretty good privacyPunnya Babu
 
E mail security using Certified Electronic Mail (CEM)
E mail security using Certified Electronic Mail (CEM)E mail security using Certified Electronic Mail (CEM)
E mail security using Certified Electronic Mail (CEM)Pankaj Bhambhani
 
Pgp
PgpPgp
Pgpprecy02
 
Pgp pretty good privacy
Pgp pretty good privacyPgp pretty good privacy
Pgp pretty good privacyPawan Arya
 
Key management and distribution
Key management and distributionKey management and distribution
Key management and distributionRiya Choudhary
 
Network security unit 4,5,6
Network security unit 4,5,6 Network security unit 4,5,6
Network security unit 4,5,6 WE-IT TUTORIALS
 
What is SSL ? The Secure Sockets Layer (SSL) Protocol
What is SSL ? The Secure Sockets Layer (SSL) ProtocolWhat is SSL ? The Secure Sockets Layer (SSL) Protocol
What is SSL ? The Secure Sockets Layer (SSL) ProtocolMohammed Adam
 
Transport Layer Security (TLS)
Transport Layer Security (TLS)Transport Layer Security (TLS)
Transport Layer Security (TLS)Arun Shukla
 
Security
SecuritySecurity
Securitymajstors
 
Information and data security email security
Information and data security email securityInformation and data security email security
Information and data security email securityMazin Alwaaly
 
Public private key
Public private keyPublic private key
Public private keyStudsPlanet.com
 
Cgi whpr 35_pki_e
Cgi whpr 35_pki_eCgi whpr 35_pki_e
Cgi whpr 35_pki_emadunix
 

Contenu connexe

Tendances

Using PGP for securing the email
Using PGP for securing the emailUsing PGP for securing the email
Using PGP for securing the emailGianni Fiore
 
The Fundamental of Secure Socket Layer (SSL)
The Fundamental of Secure Socket Layer (SSL)The Fundamental of Secure Socket Layer (SSL)
The Fundamental of Secure Socket Layer (SSL)Vishal Kumar
 
E-mail Security in Network Security NS5
E-mail Security in Network Security NS5E-mail Security in Network Security NS5
E-mail Security in Network Security NS5koolkampus
 
S/MIME & E-mail Security (Network Security)
S/MIME & E-mail Security (Network Security)S/MIME & E-mail Security (Network Security)
S/MIME & E-mail Security (Network Security)Prafull Johri
 
Email Security : PGP & SMIME
Email Security : PGP & SMIMEEmail Security : PGP & SMIME
Email Security : PGP & SMIMERohit Soni
 
Network Security Primer
Network Security PrimerNetwork Security Primer
Network Security PrimerVenkatesh Iyer
 
Pretty good privacy
Pretty good privacyPretty good privacy
Pretty good privacyPunnya Babu
 
E mail security using Certified Electronic Mail (CEM)
E mail security using Certified Electronic Mail (CEM)E mail security using Certified Electronic Mail (CEM)
E mail security using Certified Electronic Mail (CEM)Pankaj Bhambhani
 
Pgp pretty good privacy
Pgp pretty good privacyPgp pretty good privacy
Pgp pretty good privacyPawan Arya
 
Key management and distribution
Key management and distributionKey management and distribution
Key management and distributionRiya Choudhary
 
Network security unit 4,5,6
Network security unit 4,5,6 Network security unit 4,5,6
Network security unit 4,5,6 WE-IT TUTORIALS
 
What is SSL ? The Secure Sockets Layer (SSL) Protocol
What is SSL ? The Secure Sockets Layer (SSL) ProtocolWhat is SSL ? The Secure Sockets Layer (SSL) Protocol
What is SSL ? The Secure Sockets Layer (SSL) ProtocolMohammed Adam
 
Transport Layer Security (TLS)
Transport Layer Security (TLS)Transport Layer Security (TLS)
Transport Layer Security (TLS)Arun Shukla
 
Information and data security email security
Information and data security email securityInformation and data security email security
Information and data security email securityMazin Alwaaly
 

Tendances (20)

Using PGP for securing the email
Using PGP for securing the emailUsing PGP for securing the email
Using PGP for securing the email
 
The Fundamental of Secure Socket Layer (SSL)
The Fundamental of Secure Socket Layer (SSL)The Fundamental of Secure Socket Layer (SSL)
The Fundamental of Secure Socket Layer (SSL)
 
E-mail Security in Network Security NS5
E-mail Security in Network Security NS5E-mail Security in Network Security NS5
E-mail Security in Network Security NS5
 
S/MIME & E-mail Security (Network Security)
S/MIME & E-mail Security (Network Security)S/MIME & E-mail Security (Network Security)
S/MIME & E-mail Security (Network Security)
 
Email Security
Email SecurityEmail Security
Email Security
 
E mail security
E mail securityE mail security
E mail security
 
Pgp
PgpPgp
Pgp
 
Ch15
Ch15Ch15
Ch15
 
Email Security : PGP & SMIME
Email Security : PGP & SMIMEEmail Security : PGP & SMIME
Email Security : PGP & SMIME
 
Network Security Primer
Network Security PrimerNetwork Security Primer
Network Security Primer
 
Pretty good privacy
Pretty good privacyPretty good privacy
Pretty good privacy
 
E mail security using Certified Electronic Mail (CEM)
E mail security using Certified Electronic Mail (CEM)E mail security using Certified Electronic Mail (CEM)
E mail security using Certified Electronic Mail (CEM)
 
Pgp
PgpPgp
Pgp
 
Pgp pretty good privacy
Pgp pretty good privacyPgp pretty good privacy
Pgp pretty good privacy
 
Key management and distribution
Key management and distributionKey management and distribution
Key management and distribution
 
Network security unit 4,5,6
Network security unit 4,5,6 Network security unit 4,5,6
Network security unit 4,5,6
 
What is SSL ? The Secure Sockets Layer (SSL) Protocol
What is SSL ? The Secure Sockets Layer (SSL) ProtocolWhat is SSL ? The Secure Sockets Layer (SSL) Protocol
What is SSL ? The Secure Sockets Layer (SSL) Protocol
 
Transport Layer Security (TLS)
Transport Layer Security (TLS)Transport Layer Security (TLS)
Transport Layer Security (TLS)
 
Security
SecuritySecurity
Security
 
Information and data security email security
Information and data security email securityInformation and data security email security
Information and data security email security
 

Similaire à E-mail Security Protocol - 2 Pretty Good Privacy (PGP)

Cgi whpr 35_pki_e
Cgi whpr 35_pki_eCgi whpr 35_pki_e
Cgi whpr 35_pki_emadunix
 
PBU-Intro_to_PGP
PBU-Intro_to_PGPPBU-Intro_to_PGP
PBU-Intro_to_PGPauremoser
 
CryptoGraphy Module in Mulesoft
CryptoGraphy Module in MulesoftCryptoGraphy Module in Mulesoft
CryptoGraphy Module in Mulesoftshyamraj55
 
Digital Certified Mail
Digital Certified MailDigital Certified Mail
Digital Certified MailMatthew Chang
 
What is digital signature or DSC
What is digital signature or DSCWhat is digital signature or DSC
What is digital signature or DSCAdv Prashant Mali
 
Generation of Anonymous Signature and Message using Identity Based Group Blin...
Generation of Anonymous Signature and Message using Identity Based Group Blin...Generation of Anonymous Signature and Message using Identity Based Group Blin...
Generation of Anonymous Signature and Message using Identity Based Group Blin...IDES Editor
 
International Journal of Engineering Research and Development (IJERD)
International Journal of Engineering Research and Development (IJERD)International Journal of Engineering Research and Development (IJERD)
International Journal of Engineering Research and Development (IJERD)IJERD Editor
 
Cryptograpy Exam
Cryptograpy ExamCryptograpy Exam
Cryptograpy ExamLisa Olive
 
Principles of public key cryptography and its Uses
Principles of public key cryptography and its UsesPrinciples of public key cryptography and its Uses
Principles of public key cryptography and its UsesMohsin Ali
 
Secure 3 kany-vanda
Secure 3 kany-vandaSecure 3 kany-vanda
Secure 3 kany-vandaVanda KANY
 
Symmetric-Key Based Privacy-Preserving Scheme For Mining Support Counts
Symmetric-Key Based Privacy-Preserving Scheme For Mining Support CountsSymmetric-Key Based Privacy-Preserving Scheme For Mining Support Counts
Symmetric-Key Based Privacy-Preserving Scheme For Mining Support Countsacijjournal
 
3 public key cryptography
3 public key cryptography3 public key cryptography
3 public key cryptographyRutvik Mehta
 
Secure Mail Application's by Ashok Panwar
Secure Mail Application's by Ashok PanwarSecure Mail Application's by Ashok Panwar
Secure Mail Application's by Ashok PanwarAshok Panwar
 
SYMMETRIC-KEY BASED PRIVACYPRESERVING SCHEME FOR MINING SUPPORT COUNTS
SYMMETRIC-KEY BASED PRIVACYPRESERVING SCHEME FOR MINING SUPPORT COUNTSSYMMETRIC-KEY BASED PRIVACYPRESERVING SCHEME FOR MINING SUPPORT COUNTS
SYMMETRIC-KEY BASED PRIVACYPRESERVING SCHEME FOR MINING SUPPORT COUNTSacijjournal
 
Jerad Bates - Public Key Infrastructure (1).ppt
Jerad Bates - Public Key Infrastructure (1).pptJerad Bates - Public Key Infrastructure (1).ppt
Jerad Bates - Public Key Infrastructure (1).pptMehediHasanShaon1
 

Similaire à E-mail Security Protocol - 2 Pretty Good Privacy (PGP) (20)

Public private key
Public private keyPublic private key
Public private key
 
Cgi whpr 35_pki_e
Cgi whpr 35_pki_eCgi whpr 35_pki_e
Cgi whpr 35_pki_e
 
PBU-Intro_to_PGP
PBU-Intro_to_PGPPBU-Intro_to_PGP
PBU-Intro_to_PGP
 
CryptoGraphy Module in Mulesoft
CryptoGraphy Module in MulesoftCryptoGraphy Module in Mulesoft
CryptoGraphy Module in Mulesoft
 
Digital Certified Mail
Digital Certified MailDigital Certified Mail
Digital Certified Mail
 
P01813101103
P01813101103P01813101103
P01813101103
 
What is digital signature or DSC
What is digital signature or DSCWhat is digital signature or DSC
What is digital signature or DSC
 
Generation of Anonymous Signature and Message using Identity Based Group Blin...
Generation of Anonymous Signature and Message using Identity Based Group Blin...Generation of Anonymous Signature and Message using Identity Based Group Blin...
Generation of Anonymous Signature and Message using Identity Based Group Blin...
 
International Journal of Engineering Research and Development (IJERD)
International Journal of Engineering Research and Development (IJERD)International Journal of Engineering Research and Development (IJERD)
International Journal of Engineering Research and Development (IJERD)
 
Cryptograpy Exam
Cryptograpy ExamCryptograpy Exam
Cryptograpy Exam
 
PGP.ppt
PGP.pptPGP.ppt
PGP.ppt
 
Principles of public key cryptography and its Uses
Principles of public key cryptography and its UsesPrinciples of public key cryptography and its Uses
Principles of public key cryptography and its Uses
 
Secure 3 kany-vanda
Secure 3 kany-vandaSecure 3 kany-vanda
Secure 3 kany-vanda
 
Symmetric-Key Based Privacy-Preserving Scheme For Mining Support Counts
Symmetric-Key Based Privacy-Preserving Scheme For Mining Support CountsSymmetric-Key Based Privacy-Preserving Scheme For Mining Support Counts
Symmetric-Key Based Privacy-Preserving Scheme For Mining Support Counts
 
Digital signature
Digital signatureDigital signature
Digital signature
 
3 public key cryptography
3 public key cryptography3 public key cryptography
3 public key cryptography
 
Secure Mail Application's by Ashok Panwar
Secure Mail Application's by Ashok PanwarSecure Mail Application's by Ashok Panwar
Secure Mail Application's by Ashok Panwar
 
SYMMETRIC-KEY BASED PRIVACYPRESERVING SCHEME FOR MINING SUPPORT COUNTS
SYMMETRIC-KEY BASED PRIVACYPRESERVING SCHEME FOR MINING SUPPORT COUNTSSYMMETRIC-KEY BASED PRIVACYPRESERVING SCHEME FOR MINING SUPPORT COUNTS
SYMMETRIC-KEY BASED PRIVACYPRESERVING SCHEME FOR MINING SUPPORT COUNTS
 
Jerad Bates - Public Key Infrastructure (1).ppt
Jerad Bates - Public Key Infrastructure (1).pptJerad Bates - Public Key Infrastructure (1).ppt
Jerad Bates - Public Key Infrastructure (1).ppt
 
Public Vs. Private Keys
Public Vs. Private KeysPublic Vs. Private Keys
Public Vs. Private Keys
 

Plus de Vishal Kumar

Threat Hunting Procedures and Measurement Matrice
Threat Hunting Procedures and Measurement MatriceThreat Hunting Procedures and Measurement Matrice
Threat Hunting Procedures and Measurement MatriceVishal Kumar
 
The Complete Questionnaires About Firewall
The Complete Questionnaires About FirewallThe Complete Questionnaires About Firewall
The Complete Questionnaires About FirewallVishal Kumar
 
E-Mail Security Protocol - 1 Privacy Enhanced Mail (PEM) Protocol
E-Mail Security Protocol - 1 Privacy Enhanced Mail (PEM) ProtocolE-Mail Security Protocol - 1 Privacy Enhanced Mail (PEM) Protocol
E-Mail Security Protocol - 1 Privacy Enhanced Mail (PEM) ProtocolVishal Kumar
 
Privileges Escalation by Exploiting Client-Side Vulnerabilities Using Metasploit
Privileges Escalation by Exploiting Client-Side Vulnerabilities Using MetasploitPrivileges Escalation by Exploiting Client-Side Vulnerabilities Using Metasploit
Privileges Escalation by Exploiting Client-Side Vulnerabilities Using MetasploitVishal Kumar
 
Exploiting Client-Side Vulnerabilities and Establishing a VNC Session
Exploiting Client-Side Vulnerabilities and Establishing a VNC SessionExploiting Client-Side Vulnerabilities and Establishing a VNC Session
Exploiting Client-Side Vulnerabilities and Establishing a VNC SessionVishal Kumar
 
Auditing System Password Using L0phtcrack
Auditing System Password Using L0phtcrackAuditing System Password Using L0phtcrack
Auditing System Password Using L0phtcrackVishal Kumar
 
Dumping and Cracking SAM Hashes to Extract Plaintext Passwords
Dumping and Cracking SAM Hashes to Extract Plaintext PasswordsDumping and Cracking SAM Hashes to Extract Plaintext Passwords
Dumping and Cracking SAM Hashes to Extract Plaintext PasswordsVishal Kumar
 
Fundamental of Secure Socket Layer (SSL) | Part - 2
Fundamental of Secure Socket Layer (SSL) | Part - 2 Fundamental of Secure Socket Layer (SSL) | Part - 2
Fundamental of Secure Socket Layer (SSL) | Part - 2 Vishal Kumar
 
The Fundamental of Electronic Mail (E-mail)
The Fundamental of Electronic Mail (E-mail)The Fundamental of Electronic Mail (E-mail)
The Fundamental of Electronic Mail (E-mail)Vishal Kumar
 
Fundamental of Secure Socket Layer (SSl) | Part - 1
Fundamental of Secure Socket Layer (SSl) | Part - 1Fundamental of Secure Socket Layer (SSl) | Part - 1
Fundamental of Secure Socket Layer (SSl) | Part - 1Vishal Kumar
 
Hawkeye the Credential Theft Maalware
Hawkeye the Credential Theft MaalwareHawkeye the Credential Theft Maalware
Hawkeye the Credential Theft MaalwareVishal Kumar
 
Deep understanding on Cross-Site Scripting and SQL Injection
Deep understanding on Cross-Site Scripting and SQL InjectionDeep understanding on Cross-Site Scripting and SQL Injection
Deep understanding on Cross-Site Scripting and SQL InjectionVishal Kumar
 
Owasp top 10 security threats
Owasp top 10 security threatsOwasp top 10 security threats
Owasp top 10 security threatsVishal Kumar
 
Exploiting parameter tempering attack in web application
Exploiting parameter tempering attack in web applicationExploiting parameter tempering attack in web application
Exploiting parameter tempering attack in web applicationVishal Kumar
 
Mirroring web site using ht track
Mirroring web site using ht trackMirroring web site using ht track
Mirroring web site using ht trackVishal Kumar
 
Collecting email from the target domain using the harvester
Collecting email from the target domain using the harvesterCollecting email from the target domain using the harvester
Collecting email from the target domain using the harvesterVishal Kumar
 
Information gathering using windows command line utility
Information gathering using windows command line utilityInformation gathering using windows command line utility
Information gathering using windows command line utilityVishal Kumar
 
Introduction ethical hacking
Introduction ethical hackingIntroduction ethical hacking
Introduction ethical hackingVishal Kumar
 
Social engineering
Social engineeringSocial engineering
Social engineeringVishal Kumar
 
Social engineering
Social engineeringSocial engineering
Social engineeringVishal Kumar
 

Plus de Vishal Kumar (20)

Threat Hunting Procedures and Measurement Matrice
Threat Hunting Procedures and Measurement MatriceThreat Hunting Procedures and Measurement Matrice
Threat Hunting Procedures and Measurement Matrice
 
The Complete Questionnaires About Firewall
The Complete Questionnaires About FirewallThe Complete Questionnaires About Firewall
The Complete Questionnaires About Firewall
 
E-Mail Security Protocol - 1 Privacy Enhanced Mail (PEM) Protocol
E-Mail Security Protocol - 1 Privacy Enhanced Mail (PEM) ProtocolE-Mail Security Protocol - 1 Privacy Enhanced Mail (PEM) Protocol
E-Mail Security Protocol - 1 Privacy Enhanced Mail (PEM) Protocol
 
Privileges Escalation by Exploiting Client-Side Vulnerabilities Using Metasploit
Privileges Escalation by Exploiting Client-Side Vulnerabilities Using MetasploitPrivileges Escalation by Exploiting Client-Side Vulnerabilities Using Metasploit
Privileges Escalation by Exploiting Client-Side Vulnerabilities Using Metasploit
 
Exploiting Client-Side Vulnerabilities and Establishing a VNC Session
Exploiting Client-Side Vulnerabilities and Establishing a VNC SessionExploiting Client-Side Vulnerabilities and Establishing a VNC Session
Exploiting Client-Side Vulnerabilities and Establishing a VNC Session
 
Auditing System Password Using L0phtcrack
Auditing System Password Using L0phtcrackAuditing System Password Using L0phtcrack
Auditing System Password Using L0phtcrack
 
Dumping and Cracking SAM Hashes to Extract Plaintext Passwords
Dumping and Cracking SAM Hashes to Extract Plaintext PasswordsDumping and Cracking SAM Hashes to Extract Plaintext Passwords
Dumping and Cracking SAM Hashes to Extract Plaintext Passwords
 
Fundamental of Secure Socket Layer (SSL) | Part - 2
Fundamental of Secure Socket Layer (SSL) | Part - 2 Fundamental of Secure Socket Layer (SSL) | Part - 2
Fundamental of Secure Socket Layer (SSL) | Part - 2
 
The Fundamental of Electronic Mail (E-mail)
The Fundamental of Electronic Mail (E-mail)The Fundamental of Electronic Mail (E-mail)
The Fundamental of Electronic Mail (E-mail)
 
Fundamental of Secure Socket Layer (SSl) | Part - 1
Fundamental of Secure Socket Layer (SSl) | Part - 1Fundamental of Secure Socket Layer (SSl) | Part - 1
Fundamental of Secure Socket Layer (SSl) | Part - 1
 
Hawkeye the Credential Theft Maalware
Hawkeye the Credential Theft MaalwareHawkeye the Credential Theft Maalware
Hawkeye the Credential Theft Maalware
 
Deep understanding on Cross-Site Scripting and SQL Injection
Deep understanding on Cross-Site Scripting and SQL InjectionDeep understanding on Cross-Site Scripting and SQL Injection
Deep understanding on Cross-Site Scripting and SQL Injection
 
Owasp top 10 security threats
Owasp top 10 security threatsOwasp top 10 security threats
Owasp top 10 security threats
 
Exploiting parameter tempering attack in web application
Exploiting parameter tempering attack in web applicationExploiting parameter tempering attack in web application
Exploiting parameter tempering attack in web application
 
Mirroring web site using ht track
Mirroring web site using ht trackMirroring web site using ht track
Mirroring web site using ht track
 
Collecting email from the target domain using the harvester
Collecting email from the target domain using the harvesterCollecting email from the target domain using the harvester
Collecting email from the target domain using the harvester
 
Information gathering using windows command line utility
Information gathering using windows command line utilityInformation gathering using windows command line utility
Information gathering using windows command line utility
 
Introduction ethical hacking
Introduction ethical hackingIntroduction ethical hacking
Introduction ethical hacking
 
Social engineering
Social engineeringSocial engineering
Social engineering
 
Social engineering
Social engineeringSocial engineering
Social engineering
 

Dernier

Elevate Your Business with Our IT Expertise in New Orleans
Elevate Your Business with Our IT Expertise in New OrleansElevate Your Business with Our IT Expertise in New Orleans
Elevate Your Business with Our IT Expertise in New Orleanscorenetworkseo
 
PHP-based rendering of TYPO3 Documentation
PHP-based rendering of TYPO3 DocumentationPHP-based rendering of TYPO3 Documentation
PHP-based rendering of TYPO3 DocumentationLinaWolf1
 
Magic exist by Marta Loveguard - presentation.pptx
Magic exist by Marta Loveguard - presentation.pptxMagic exist by Marta Loveguard - presentation.pptx
Magic exist by Marta Loveguard - presentation.pptxMartaLoveguard
 
Git and Github workshop GDSC MLRITM
Git and Github workshop GDSC MLRITMGit and Github workshop GDSC MLRITM
Git and Github workshop GDSC MLRITMgdsc13
 
Blepharitis inflammation of eyelid symptoms cause everything included along w...
Blepharitis inflammation of eyelid symptoms cause everything included along w...Blepharitis inflammation of eyelid symptoms cause everything included along w...
Blepharitis inflammation of eyelid symptoms cause everything included along w...Excelmac1
 
Call Girls Near The Suryaa Hotel New Delhi 9873777170
Call Girls Near The Suryaa Hotel New Delhi 9873777170Call Girls Near The Suryaa Hotel New Delhi 9873777170
Call Girls Near The Suryaa Hotel New Delhi 9873777170Sonam Pathan
 
定制(AUT毕业证书)新西兰奥克兰理工大学毕业证成绩单原版一比一
定制(AUT毕业证书)新西兰奥克兰理工大学毕业证成绩单原版一比一定制(AUT毕业证书)新西兰奥克兰理工大学毕业证成绩单原版一比一
定制(AUT毕业证书)新西兰奥克兰理工大学毕业证成绩单原版一比一Fs
 
SCM Symposium PPT Format Customer loyalty is predi
SCM Symposium PPT Format Customer loyalty is prediSCM Symposium PPT Format Customer loyalty is predi
SCM Symposium PPT Format Customer loyalty is predieusebiomeyer
 
NSX-T and Service Interfaces presentation
NSX-T and Service Interfaces presentationNSX-T and Service Interfaces presentation
NSX-T and Service Interfaces presentationMarko4394
 
A Good Girl's Guide to Murder (A Good Girl's Guide to Murder, #1)
A Good Girl's Guide to Murder (A Good Girl's Guide to Murder, #1)A Good Girl's Guide to Murder (A Good Girl's Guide to Murder, #1)
A Good Girl's Guide to Murder (A Good Girl's Guide to Murder, #1)Christopher H Felton
 
Call Girls In The Ocean Pearl Retreat Hotel New Delhi 9873777170
Call Girls In The Ocean Pearl Retreat Hotel New Delhi 9873777170Call Girls In The Ocean Pearl Retreat Hotel New Delhi 9873777170
Call Girls In The Ocean Pearl Retreat Hotel New Delhi 9873777170Sonam Pathan
 
办理(UofR毕业证书)罗切斯特大学毕业证成绩单原版一比一
办理(UofR毕业证书)罗切斯特大学毕业证成绩单原版一比一办理(UofR毕业证书)罗切斯特大学毕业证成绩单原版一比一
办理(UofR毕业证书)罗切斯特大学毕业证成绩单原版一比一z xss
 
定制(Management毕业证书)新加坡管理大学毕业证成绩单原版一比一
定制(Management毕业证书)新加坡管理大学毕业证成绩单原版一比一定制(Management毕业证书)新加坡管理大学毕业证成绩单原版一比一
定制(Management毕业证书)新加坡管理大学毕业证成绩单原版一比一Fs
 
办理多伦多大学毕业证成绩单|购买加拿大UTSG文凭证书
办理多伦多大学毕业证成绩单|购买加拿大UTSG文凭证书办理多伦多大学毕业证成绩单|购买加拿大UTSG文凭证书
办理多伦多大学毕业证成绩单|购买加拿大UTSG文凭证书zdzoqco
 
Contact Rya Baby for Call Girls New Delhi
Contact Rya Baby for Call Girls New DelhiContact Rya Baby for Call Girls New Delhi
Contact Rya Baby for Call Girls New Delhimiss dipika
 
Potsdam FH学位证,波茨坦应用技术大学毕业证书1:1制作
Potsdam FH学位证,波茨坦应用技术大学毕业证书1:1制作Potsdam FH学位证,波茨坦应用技术大学毕业证书1:1制作
Potsdam FH学位证,波茨坦应用技术大学毕业证书1:1制作ys8omjxb
 
Film cover research (1).pptxsdasdasdasdasdasa
Film cover research (1).pptxsdasdasdasdasdasaFilm cover research (1).pptxsdasdasdasdasdasa
Film cover research (1).pptxsdasdasdasdasdasa494f574xmv
 
『澳洲文凭』买拉筹伯大学毕业证书成绩单办理澳洲LTU文凭学位证书
『澳洲文凭』买拉筹伯大学毕业证书成绩单办理澳洲LTU文凭学位证书『澳洲文凭』买拉筹伯大学毕业证书成绩单办理澳洲LTU文凭学位证书
『澳洲文凭』买拉筹伯大学毕业证书成绩单办理澳洲LTU文凭学位证书rnrncn29
 

Dernier (20)

Elevate Your Business with Our IT Expertise in New Orleans
Elevate Your Business with Our IT Expertise in New OrleansElevate Your Business with Our IT Expertise in New Orleans
Elevate Your Business with Our IT Expertise in New Orleans
 
PHP-based rendering of TYPO3 Documentation
PHP-based rendering of TYPO3 DocumentationPHP-based rendering of TYPO3 Documentation
PHP-based rendering of TYPO3 Documentation
 
Magic exist by Marta Loveguard - presentation.pptx
Magic exist by Marta Loveguard - presentation.pptxMagic exist by Marta Loveguard - presentation.pptx
Magic exist by Marta Loveguard - presentation.pptx
 
Git and Github workshop GDSC MLRITM
Git and Github workshop GDSC MLRITMGit and Github workshop GDSC MLRITM
Git and Github workshop GDSC MLRITM
 
Blepharitis inflammation of eyelid symptoms cause everything included along w...
Blepharitis inflammation of eyelid symptoms cause everything included along w...Blepharitis inflammation of eyelid symptoms cause everything included along w...
Blepharitis inflammation of eyelid symptoms cause everything included along w...
 
young call girls in Uttam Nagar🔝 9953056974 🔝 Delhi escort Service
young call girls in Uttam Nagar🔝 9953056974 🔝 Delhi escort Serviceyoung call girls in Uttam Nagar🔝 9953056974 🔝 Delhi escort Service
young call girls in Uttam Nagar🔝 9953056974 🔝 Delhi escort Service
 
Call Girls Near The Suryaa Hotel New Delhi 9873777170
Call Girls Near The Suryaa Hotel New Delhi 9873777170Call Girls Near The Suryaa Hotel New Delhi 9873777170
Call Girls Near The Suryaa Hotel New Delhi 9873777170
 
定制(AUT毕业证书)新西兰奥克兰理工大学毕业证成绩单原版一比一
定制(AUT毕业证书)新西兰奥克兰理工大学毕业证成绩单原版一比一定制(AUT毕业证书)新西兰奥克兰理工大学毕业证成绩单原版一比一
定制(AUT毕业证书)新西兰奥克兰理工大学毕业证成绩单原版一比一
 
SCM Symposium PPT Format Customer loyalty is predi
SCM Symposium PPT Format Customer loyalty is prediSCM Symposium PPT Format Customer loyalty is predi
SCM Symposium PPT Format Customer loyalty is predi
 
Hot Sexy call girls in Rk Puram 🔝 9953056974 🔝 Delhi escort Service
Hot Sexy call girls in Rk Puram 🔝 9953056974 🔝 Delhi escort ServiceHot Sexy call girls in Rk Puram 🔝 9953056974 🔝 Delhi escort Service
Hot Sexy call girls in Rk Puram 🔝 9953056974 🔝 Delhi escort Service
 
NSX-T and Service Interfaces presentation
NSX-T and Service Interfaces presentationNSX-T and Service Interfaces presentation
NSX-T and Service Interfaces presentation
 
A Good Girl's Guide to Murder (A Good Girl's Guide to Murder, #1)
A Good Girl's Guide to Murder (A Good Girl's Guide to Murder, #1)A Good Girl's Guide to Murder (A Good Girl's Guide to Murder, #1)
A Good Girl's Guide to Murder (A Good Girl's Guide to Murder, #1)
 
Call Girls In The Ocean Pearl Retreat Hotel New Delhi 9873777170
Call Girls In The Ocean Pearl Retreat Hotel New Delhi 9873777170Call Girls In The Ocean Pearl Retreat Hotel New Delhi 9873777170
Call Girls In The Ocean Pearl Retreat Hotel New Delhi 9873777170
 
办理(UofR毕业证书)罗切斯特大学毕业证成绩单原版一比一
办理(UofR毕业证书)罗切斯特大学毕业证成绩单原版一比一办理(UofR毕业证书)罗切斯特大学毕业证成绩单原版一比一
办理(UofR毕业证书)罗切斯特大学毕业证成绩单原版一比一
 
定制(Management毕业证书)新加坡管理大学毕业证成绩单原版一比一
定制(Management毕业证书)新加坡管理大学毕业证成绩单原版一比一定制(Management毕业证书)新加坡管理大学毕业证成绩单原版一比一
定制(Management毕业证书)新加坡管理大学毕业证成绩单原版一比一
 
办理多伦多大学毕业证成绩单|购买加拿大UTSG文凭证书
办理多伦多大学毕业证成绩单|购买加拿大UTSG文凭证书办理多伦多大学毕业证成绩单|购买加拿大UTSG文凭证书
办理多伦多大学毕业证成绩单|购买加拿大UTSG文凭证书
 
Contact Rya Baby for Call Girls New Delhi
Contact Rya Baby for Call Girls New DelhiContact Rya Baby for Call Girls New Delhi
Contact Rya Baby for Call Girls New Delhi
 
Potsdam FH学位证,波茨坦应用技术大学毕业证书1:1制作
Potsdam FH学位证,波茨坦应用技术大学毕业证书1:1制作Potsdam FH学位证,波茨坦应用技术大学毕业证书1:1制作
Potsdam FH学位证,波茨坦应用技术大学毕业证书1:1制作
 
Film cover research (1).pptxsdasdasdasdasdasa
Film cover research (1).pptxsdasdasdasdasdasaFilm cover research (1).pptxsdasdasdasdasdasa
Film cover research (1).pptxsdasdasdasdasdasa
 
『澳洲文凭』买拉筹伯大学毕业证书成绩单办理澳洲LTU文凭学位证书
『澳洲文凭』买拉筹伯大学毕业证书成绩单办理澳洲LTU文凭学位证书『澳洲文凭』买拉筹伯大学毕业证书成绩单办理澳洲LTU文凭学位证书
『澳洲文凭』买拉筹伯大学毕业证书成绩单办理澳洲LTU文凭学位证书
 

E-mail Security Protocol - 2 Pretty Good Privacy (PGP)

  • 1. 1 WWW.Prohackers.in “E-mail Security Protocol-2 Pretty Good Privacy (PGP)” By: -Vishal Kumar (CEH, CHFI, CISE, MCP) info@prohackers.in
  • 2. 2 WWW.Prohackers.in Table of Content 1. Introduction to PGP 2. The Working of PGP a) Step 1: Digital Signature b) Step 2: Compression c) Step 3: Encryption d) Step 4: Digital Enveloping e) Step 1: Base-64 Encoding 3. PGP Algorithms 4. Key Rings 5. PGP Certificates a) Introducer Trust b) Certificate Trust c) Key Legitimacy 6. Web of Trust
  • 3. 3 WWW.Prohackers.in 1. Digital Signature 2. Compression 3. Encryption 5. Base-64 Encoding Fig: PGP operation 4. Enveloping Introduction Phil Zimmerman is the father of the Pretty Good Privacy (PGP) protocol. The most significant aspects of PGP are that it supports the basic requirements of cryptography, is quite simple to use, and is completely free. Including its source code and documentation. Moreover, for those organizations that require support, a low-cost commercial version of PGP is available from an organization called Viacrypt (now Network Associates). PGP has become extremely popular and is far more widely used, as compare to PEM. The E-mail cryptographic support offered by PGP is shown below: 1 The Working of PGP In PGP, the sender of the message needs to include the identifiers of the algorithm used in the message, along with the value of the keys. The broad-level steps of PGP are illustrated in the fig. as shown, PGP starts with a digital signature, which is followed by compression, then by encryption, then by digital enveloping and finally, by Base-64 encoding. PGP allows for three security options when sending an email message. These options are.  Signature (steps 1 and 2) Pretty Good Privacy (PGP) Encryption Non-repudiation Message Integrity Fig: - Security Features offered by PGP
  • 4. 4 WWW.Prohackers.in  Signature and Base-64 encoding (Steps 1, 2 and 3)  Signature, Encryption, Enveloping, and Base064 encoding (Steps 1 to 5) Let us discuss these five steps in PGP, Step 1: Digital Signature We had earlier discussed about the digital signature in the Step 1 of Privacy Enhance Mail protocol. Step 2: Compression This is additional step in PGP. Here, the input message as well as the digital signature are compressed together to reduce the size of final message that will be transmitted. For this, the famous ZIP program is used. ZIP is based on Lempel-Ziv-algorithm. The Lempel-Ziv-algorithm looks for repeated strings or words, and stores them in a variable. It then replaces the actual occurrence of the repeated word or string with a pointer to the crossponding variable. Since a pointer requires only a few bits of memory as compare to original string, this this method reduces in the data being compressed. For instance, consider the following string: What is your name? My name is vishal Using the Lempel-Ziv-algorithm, we would create two variables, say A and B and replace the word is and name by pointer to A and B, respectively. This is shown in below image. What is your name? My name is vishal 1. A = is 2. B = name What 1 your 2? My 2 1 Vishal Original String Variable creation and assignment Compressed String Fig: - Lempel-Ziv-Algorithm, as used by the ZIP program
  • 5. 5 WWW.Prohackers.in As we can see, the resulting string What 1 your 2? My 2 1 vishal, is smaller then compare to original string what is your name? My name is vishal. Step 3: Encryption In this step the compressed output of stem 2 (the compression from of the original email and digital signature together) are encrypted with a symmetric key. For this, generally the IDEA algorithm in CFB mode is used. We have already discussed this process in PEM (Privacy Enhance Mail) protocol. Step 4: Digital Enveloping In this case symmetric key used for encryption in step 3 is now encrypted with receiver public key. The output of stem 3 and step 4 together forms a digital envelope. This is shown in below figure: Step 5: Base-64 encoding The output of step 4 is Base-64 encoded; we have already discussed the process of this encoding in PEM (Privacy Enhance Mail) protocol. Output of Step 3 Sender Symmetric key encrypted with the receiver’s public key Digital Envelope Fig: - Formation of Digital Envelope
  • 6. 6 WWW.Prohackers.in 2.2 PGP Algorithms PGP supports a number of algorithms. The most common of them are listed below: Algorithm type Description Asymmetric Key RSA (Encryption and signing, Encryption only, Signing only) DSS (Signing only) Message Digest MD5, SHA-1, RIPE-MD Encryption IDEA, DES-3, AES 2.3 Key Rings When a sender wants to send an email message to a single recipient, there is no too much of problem. Complexities are introduced when a message has to be sent to multiple recipients. If Alice needs to correspond with 10 people, Alice needs the public key of all the 10 people. Hence, Alice is said to need a key ring of 10 public key. PGP specific a ring of public-private keys. This is because Alice may want to change her public-private key pair, or may want to use a different key pair for different groups or users. In other words, every PGP user need to have two sets of key rings: (a) A ring of her own public- private key pair, (b) A ring of public key of other users. The concept of key rings is shown in the below figure. Note that in one of the key rings, Alice maintain a set of key pair; while in other she just maintain the public keys of other users. Obliviously, she cannot have the private key of other users. Table: - PGP Algorithms Alice’s key ring, where she holds her own public-private key pairs Alice’s key ring, where she holds only the public key of PGP users in the system Fig: Key rings maintain by a user in PGP
  • 7. 7 WWW.Prohackers.in 2.4 PGP Certificates In order to trust the public key of a user, we need to have that user’s digital certificate. PGP can use certificate issued by a CA, or can use its own certificate system. The originally, certificate issued by the root CA to the second-level CAs. The second level CA can issue certificate to third-level CA and so on this can continue up-to the require number of levels. At the lowest level, the last CA issues certificate to end user. In PGP, there is no CA, anyone can sign a certificate to anyone else in the ring. Vishal can sign the certificate to Deepak, Juhi, Harish and so on. There is no hierarchy of trust. This creates a situation where a user can have certificates issued by different users. For example; Juhi may have a certificate signed by Vishal and another one by Anita, this is shown in the below figure. Hence, if Harish wants to verify Juhi’s certificate, he has two paths: Juhi to Vishal and Juhi to Anita. Harish may fully trust Vishal, but not Anita, hence there can be a multiple path in the line of trust from a fully or partially trusted authority to a certificate. The equivalent of CA (a user who issue certificate) in PGP is called introducer. Vishal Anita Digital Certificate User: Juhi Issued by: Vishal Digital Certificate User: Juhi Issued by: Anita Juhi Fig: Anyone can issue certificate to anyone else
  • 8. 8 WWW.Prohackers.in The whole concept can be understood better with the help of three ideas:  Introducer trust  Certificate trust  Key legitimacy Let us discuss these three concepts now: (a) Introducer trust We know that there is no hierarchical CA structure in PGP. Hence it is natural that the ring of trust in PGP cannot be very large, if every user has to trust every other user in the system. Think about this, in real life, we do not fully trust everyone. To resolve this issue PGP provides for multiple level of trust. The number of level depends on the decision of implementing PGP. However, for simplicity, let us say that we have decided to implement three level of trust to an introducer. These three levels are none, partial, and complete. The introducer trust then specifies what level of trust the introducer wants to allocate to other user in the system. For example, Vishal may now say that he fully trust Juhi, where Anita says she only partial trust Juhi. Juhi says that she does not trust Harish, Harish suggest that he partially trust Anita in turn, and so on. This scenario is shown in the below figure. Vishal Anita Digital Certificate User: Juhi Trust: Full Digital Certificate User: Juhi Trust: Partial Juhi Fig: Introducer Trust Digital Certificate User: Anita Trust: Partial Digital Certificate User: Harish Trust: None Harish
  • 9. 9 WWW.Prohackers.in (b) Certificate trust When a user A receives a certificate of another user B issued by this ruder C, depending on the level of trust that A has in C, A assign a certificate trust level to that certificate while storing it. It is normally the same as the introducer trust level that issued the certificate this is shown in the below figure. Background Information: Vishal and Anita have issued certificate to Juhi, Juhi send these certificates to Harish, so that Harish can extract Juhi’s public key out of any of those certificates and use it in communication with Juhi. However, Harish does not trust Vishal at all, but trust Anita fully. Fig: certificate Trust Result: when Juhi sends the two certificates (issued by Vishal and Anita) to Harish, Harish adds them to his database of certificate. It is actually the ring of public key of other users. Apart from adding them there, Harish record the fact that it does not want to trust Juhi’s certificate issued by Vishal (because he does not trust Vishal), but want to trust Juhi’s certificate issued by Anita (because he trust Anita)
  • 10. 10 WWW.Prohackers.in This concept is explained in the diagram. Let us take another example to ensure that there is no confusion. Imagine that there is a set of users in the system. Assume that Mahesh fully trust Naren, partially trust Ravi and Anmol, and has no trust in Amit. i. Naren issue two certificates: one to Amrita (with public key K1) and another to Pallavi (with public key K2). Mahesh stores the public key and certificates or Amrita and Pallavi in his key ring of public keys with certificate trust level equal to fully. ii. Ravi issues a certificate to Uday (with public key K3). Mahesh stores the public key and certificate of Uday in his ring of public key with certificate trust level equal to partial. iii. Anmol Issue Two Certificates: one to Uday (with public key K3), and another to Parag (with public Key K4). Mahesh stores the public keys and certificates of Uday and Parag in his ring of public key with certificate trust level equal to partial. Note that Mahesh has now two certificates for Uday, one issued by Ravi, and the other issued by Anmol, both with partial level of certificate trust. iv. Amit issue a certificate to Parag (with public key K4). Mahesh stores the public key and certificate of Parag in his ring or public keys with certificate trust level equal to none. Mahesh can also discard this certificate. (c) Key legitimacy The objective behind the introducer trust and certificate trust is to decide whether to trust the public key of a user. In PGP terms, this is called Key Legitimacy. Mahesh needs to know how legitimate are the public keys of Amrita, Pallavi, Uday, and Parag and so on. PGP define the following the simple rule to decide the key legitimacy: the level of key legitimacy for a user is the weighted trust level for that user. For example, suppose we have assigned certain weights to certificate trust level, as shown in the below figure: Weight Meaning 0 No trust ½ Partial trust 1 Complete or Full trust
  • 11. 11 WWW.Prohackers.in In this situation in order to trust a public key (i.e. certificate) of any other user, Mahesh needs one fully trusted certificate or two partial trusted certificates. Thus Mahesh can fully trust Amrita and Pallavi based on the certificates they had received from Naren. Mahesh can also trust Uday, based on tow partial trusted certificates that Uday had received from Ravi and Anmol. 2.5 Web Trust The earlier discussion leads to a potential problem. What happens if nobody creates certificate for fully or partially trusted entity? In our example, on what basis would we trust Naren’s public key, if no one has created a certificate for Naren? To resolve this problem, several schemes are possible in PGP, as outlined below. (a) Mahesh can physically obtain the public key of Naren by meeting in person and getting the key on a piece of paper or as a disk file. (b) This can be done telephonic as well. (c) Naren can email his public key to Mahesh. Both Naren and Mahesh compute the message digest of this key. If MD5 is used, the result is a 16-byte digest. If SHA-1 is used, the result is 20-byte digest. In hexadecimal, the digest become a 32-digit value in MD5, and a 40-digit value in SHA-1. This is displayed as 8 groups of 4-digit value in MD5, and 10 groups of 4-digit values in SHA-1, and is called fingerprint. Before Mahesh adds this public key of Naren to his ring, he can call up Naren to tell him what fingerprint value he has obtained to cross-check with the fingerprint value that is separately obtained by Naren. This ensures that the public key value is not changed in the email transit. To make matters better, PGP assign a unique English word to a 4-digit hexadecimal number group, so that instead of speaking out the hexadecimal string of numbers, users can speak out normal English words as define by PGP. For example PGP may assign a word India to a hexadecimal pattern of 4AOB, etc. (d) Mahesh can obtain Naren’s public key from CA. Regardless of the mechanism, eventually this process of obtaining key of other users and sending our own to others creates which is called web of trust between groups of people.
  • 12. 12 WWW.Prohackers.in This keeps the public key ring getting bigger and bigger, and helps secure the email communication Whenever a user needs to revoke his/her public key (because of loss of private key, etc) he/she needs to send a key revocation certificate to the other users. This certificate is self-signed by the user with his/her private key. Thanks for reading this presentation Please give us your feedback at info@prohackers.in Your feedback is most valuable for us for improving the presentation You can also suggest the topic on which you want the presentation Website: www.prohackers.in FB page: www.facebook.com/theprohackers2017 Join FB Group: www.facebook.com/groups/group.prohackers/ Watch us on: www.youtube.com//channel/UCcyYSi1sh1SmyMlGfB-Vq6A ***Thanks***