Overview of EMail

1
Overview of E-Mail

• From (sender) Alice, To (recipient) Bob
• Email list
• To Bob, Carol, David
• CC Ted, Ulman, Vigenere
• BCC John, Karl
• Implementation of Email list
• Remote explorer
• Sender sends an email to the server who keeps the
  email list and distribute the email to the
  members in the list
• Local explorer
• Sender gets the list from the server and
  distributes an email to the members in the list
• Multiple email list email list with loop
• Cryptographer list Cryptanalyst list

2
Overview of Email (cont.)

• Local explorer
• Prevent loop
• Prevent duplicate copies
• Easy to deal with billing if needed
• Remote explorer
• to recipients you do not know or are not allowed
  to know
• One copy to geographically organized lists
• More efficient if email list is longer than email
  itself
• Parallelism can be exploited. (do not need to
  track down the entire tree of multiple email
  lists)

3
Security services for Email

• Privacy/confidentiality
• Authentication
• Integrity
• Non-repudiation
• Proof of submission (same as certified mail)
• Proof of delivery (same as post mail request
  return receipt)
• Anonymity
• Message flow confidentiality
• Containment
• Audit
• Accounting
• Self destruct
• Message sequence integrity

4
Email servers
POP3 Post Office Protocol, port 110 IMAP
Internet Mail Access Protocol, port 143 SMTP
Simple Main Transfer Protocol, port 25
The picture copied from http//www.howstuffworks.c
om/email.htm
5
Access email via telnet

• USER - enter your user ID
• PASS - enter your password
• QUIT - quit the POP3 server
• LIST - list the messages and their size
• RETR - retrieve a message, pass it a message
  number
• DELE - delete a message, pass it a message number
  
• TOP - show the top x lines of a message, pass it
  a message number and the number of lines

6
Secure e-mail

• Alice wants to send confidential e-mail, m, to
  Bob.

• Alice
• generates random symmetric private key, KS.
• encrypts message with KS (for efficiency)
• also encrypts KS with Bobs public key.
• sends both KS(m) and KB(KS) to Bob.

(Copied from Dr. Changs lecture.)
7
Secure e-mail

• Alice wants to send confidential e-mail, m, to
  Bob.

• Bob
• uses his private key to decrypt and recover KS
• uses KS to decrypt KS(m) to recover m

(Copied from Dr. Changs lecture.)
8
Secure e-mail (continued)

• Alice wants to provide sender authentication
  message integrity.

• Alice digitally signs message.
• sends both message (in the clear) and digital
  signature.

(Copied from Dr. Changs lecture.)
9
Secure e-mail (continued)

• Alice wants to provide secrecy, sender
  authentication, message integrity.

Alice uses three keys her private key, Bobs
public key, newly created symmetric key
(Copied from Dr. Changs lecture.)
10
Pretty good privacy (PGP)

• Internet e-mail encryption scheme, de-facto
  standard.
• uses symmetric key cryptography, public key
  cryptography, hash function, and digital
  signature as described.
• provides secrecy, sender authentication,
  integrity.
• inventor, Phil Zimmerman, a undergraduate from
  FAU in 1991.

A PGP signed message

• ---BEGIN PGP SIGNED MESSAGE---
• Hash SHA1
• BobMy husband is out of town tonight.Passionately
  yours, Alice
• ---BEGIN PGP SIGNATURE---
• Version PGP 5.0
• Charset noconv
• yhHJRHhGJGhgg/12EpJlo8gE4vB3mqJhFEvZP9t6n7G6m5Gw2
  
• ---END PGP SIGNATURE---

(Copied from Dr. Changs lecture.)
11
Pretty Good Privacy (PGP)

• Freeware
• He was the target of a three-year criminal
  investigation because of so-call violation of US
  export law.
• Although we honest people dont really think we
  need to encrypt our emailwere not hiding
  anything we should all start encrypting our
  email so that in case someone needs privacy, the
  poor soul wont arouse suspicion by being the
  only one encrypting email.
• if privacy is outlawed, only outlaws will have
  privacy

12
PGP overview

• Not just for email, it performs encryption and
  integrity protection on files
• Your email is treated as a file
• Encrypt the file
• Send the encrypted file by regular e-mailer.
• The receiver saves the email to a file and then,
  decrypt the file by PGP
• Directly embedded in email for convenience.
• Visit http//www.pitt.edu/poole/PGP.htm

13
PGP overview mechanism

• Anybody creates his/her RSA public key and
  private key (512, 768, or 1024 bits)
  (automatically generated by PGP)
• Anybody (e.g., Alice) can send encrypted (as well
  as signed) email to anybody else (e.g., Bob).
• Generate a one-time random key to encrypt the
  email using a secret key system (e.g., IDEA)
• Encrypt the random key with Bobs public key
• May sign the email with her own private key
• May compress the email before encryption
• Bob can use his private key to decrypt the
  encrypted email.
• Moreover, pass phrase is required for
  decryption
• The pass phrase is typed by Bob when PGP
  generates RSA keys for him

14
PGP overviewkey distribution

• Public key system (RSA), key distribution
• PEM rigid hierarchy of CAs.
• S/MIME (being agnostic), assume that a number of
  parallel independent hierarchies.
• PGP anarchy, each user decides which keys to
  trust.
• You contact Alice in person to get Alices public
  key, and trust it
• You find the public key of Alice on her web page
  or from email, you can copy it to your PGP system
  to trust it if you want.
• Public key server (e.g., http//math-www.uni-pader
  born.de/pgp/).

15
PGP--certificates

• Certificates are an optional in PGP
• anyone can issue a certificate to anyone else
• If you trust Alice and get Carols public key
  certificate signed by Alice, you will trust
  Carols public key
• If you get Carols two public key certificates,
  one signed by Alice, and the other signed by Bob,
  both Alice and Bob are trusted by you, then you
  can trust both Carols certificates.
• Therefore PGP is very flexible and easy to use

16
PGP trust levels

• Problem with PGP anarchistic structure
• Alice was bribed to issue certificate for Carol
• Alice was sloppy about checking (key,identity)
  and sign the certificate.
• Suppose Ted is honest and never sloppy, could you
  trust Teds signature for Carols public key,
  from whom he had a bitter divorce?
• Solutions
• All are determined by yourself
• Give a trust level for a public key
• Given a trust level for the certificates signed
  by the key

17
Certificate and key revocation

• You can revoke (delete) any public key anytime
• A public key of a person can be revoked by the
  corresponding private key
• The issuer of a certificate can revoke the
  certificate
• Does not mean that the holder of revoked
  certificate is a bad person, but the issuers does
  not want to vouch for its authenticity.
• Validity period of a key and a certificate

18
PGPkey ring

• A data structure containing key materials
• pubring.pgp containing your public keys, other
  peoples public keys, information about people,
  and certificates.
• secring.pgp containing your private keys.
• Three trust levels currently in PGP none,
  partial, complete.
• A trust level of a person may determine the trust
  level of the certificates signed by the person.

19
PGP--fingerprint

• A short, fixed-seize string intended to be a
  unique representation of a string of arbitrary
  length and obtained by a one-way hash function.
• For PGP, the fingerprint is a 256 bit string for
  a public key (which may be 1024 bits) by MD5
• Purpose of a fingerprint for a public key is for
  people to easily remember and verify the public
  key