ECE8843 - PowerPoint PPT Presentation

About This Presentation

Title:

ECE8843

Description:

Authentication - confidence in ID of sender. Integrity - assurance of ... Cyber Cafe, fake HotMail. account. Anonymity ... Notary to sign hash of message, ... – PowerPoint PPT presentation

Number of Views:84

Avg rating:3.0/5.0

Slides: 23

Provided by: JohnCo66

Learn more at: https://copeland.ece.gatech.edu

Category:

more less

Transcript and Presenter's Notes

Title: ECE8843

1
ECE-8843 http//www.ece.gatech.edu/copeland/jac/8
843-03/ Prof. John A. Copeland john.copeland_at_ece
.gatech.edu 404 894-5177 fax 404
894-0035 Office GCATT Bldg 579 email or call
for office visit, or call Kathy Cheek, 404
894-5696 Chapter 5a - Pretty Good Privacy (PGP)
Email
2
Electronic Mail
In 1982, ARPANET email proposals were published
as RFC
821 (www.ietf.org/rfc/rfc0821.txt) and RFC 822

Email services since are based on these RFC's

CCITT X.400 ISO MOTIS grew and waned as
competitors

"User Agents" UA, and "Message Transfer Agents"
MTA
Three parts to an email message

Envelope - information used to forward the
contents

Header - standard strings, some added in route.

To Cc Bcc From Sender

Received (added in route), Return-Path (by
final MTA)

MIME headers added by RFC 1341 and 1521

A. S. Tanenbaum, "Computer Networks," (3rd ed.)
p.651
2
3
MIME Headers
Multipurpose Internet Mail Extensions (MIME)
RFC 1341 and RFC 1521

MIME -Version
version number

Content-Description
human-readable string

Content-ID
unique identifier

Content-Transfer-Encoding
body encoding

ASCII (Plain, quoted-printable, or Richtext)

Binary (base64)

Content-Type
nature of the message

Image (gif, jpeg), Video (mpeg),

Application (Postscript, octet-stream)

A.S.Tanenbaum, "Computer Networks," (3rd ed.)
p.653
3

4
Received from didier.ee.gatech.edu
(didier.ee.gatech.edu
130.207.230.10) by eagle.gcatt.gatech.edu
(8.8.8Sun/8.7.1) with
ESMTP id UAA00818 for .edu Fri, 30 Jul
1999 200035 -0400 (EDT)
Received from bwnewsletter.com
(gw2.mcgraw-hill.com 198.45.19.20)
by didier.ee.gatech.edu (8.9.0/8.9.0) with ESMTP
id UAA16500
for ece.gatech.edu
Fri, 30 Jul 1999 200033 -0400 (EDT)
Received from NOP (152.159.60.175) by
bwnewsletter.com with SMTP
(Eudora Internet Mail Server 2.1) Fri, 30 Jul
1999 162421 -0400
Message-Id nessweek.com
X-Sender mustread_at_businessweek.com (Unverified)
X-Mailer Windows Eudora Light Version 1.5.4 (32)
Mime-Version 1.0
Date Fri, 30 Jul 1999 162137 -0400
To bwnewsletter_at_bwnewsletter.com (note I
was on a Bcc list)
From BW Online
Subject BUSINESS WEEK ONLINE INSIDER -- July 30
Content-Type text/plain charset"us-ascii"
Content-Length 7694
4
5
nslookup -qMX ee.gatech.edu
(nslookup - host)
ee.gatech.edu preference 10,
mail exchanger mail.ee.gatech.edu
ee.gatech.edu nameserver eeserv.ee.gatech.edu
ee.gatech.edu nameserver duchess.ee.gatech.edu
ee.gatech.edu nameserver didier.ee.gatech.edu
mail.ee.gatech.edu internet address
130.207.230.10
eeserv.ee.gatech.edu internet address
130.207.230.5
duchess.ee.gatech.edu internet address
130.207.230.13
didier.ee.gatech.edu internet address
130.207.230.10
5
6
nslookup -qmx mcgraw-hill.com
Non-authoritative answer
mcgraw-hill.com preference 20, mail exchanger
interlock.mgh.com
Authoritative answers can be found from
mcgraw-hill.com nameserver NS-01A.ANS.NET
mcgraw-hill.com nameserver NS-01B.ANS.NET
mcgraw-hill.com nameserver NS-02A.ANS.NET
mcgraw-hill.com nameserver NS-02B.ANS.NET
NS-01A.ANS.NET internet address 199.221.47.7
NS-01B.ANS.NET internet address 199.221.47.8
NS-02A.ANS.NET internet address 207.24.245.179
NS-02B.ANS.NET internet address 207.24.245.178
6
7
nslookup 198.45.19.20
Name gw2.mcgraw-hill.com
Address 198.45.19.20
nslookup 152.159.60.175
can't find 152.159.60.175 Non-existent
host/domain
traceroute 152.159.60.175
1 24.88.12.129 (24.88.12.129
) 17ms
2 stn-mtn-rtrb.atl.mediaone.net. (24.88.0.254
) 18ms
3 24.93.64.69 (24.93.64.69
) 20ms
4 24.93.64.61 (24.93.64.61
) 17ms
5 24.93.64.57 (24.93.64.57
) 25ms
6 sgarden-sa-gsr.carolina.rr.com. (24.93.64.30
) 26ms
7 roc-gsr-greensboro-gsr.carolina. (24.93.64.17
) 29ms
8 24.93.64.45 (24.93.64.45
) 38ms
9 sjbrt01-vnbrt01.rr.com. (24.128.6.6
) 41ms
10 pnbrt01-vnbrt01.rr.com. (24.128.6.85
) 42ms
11 p217.t3.ans.net.
(192.157.69.52 ) 51ms
12 h13-1.t32-0.new-york.t3.ans.net.
(140.223.33.21 ) 49ms
13 f0-0.cnss33.new-york.t3.ans.net.
(140.222.32.193 ) 53ms
14 s0.enss3339.t3.ans.net.
(199.222.77.70 ) 61ms
15
16
7
8
Security Services for Email
Privacy - only for intended recipient
Authentication - confidence in ID of sender
Integrity - assurance of no data alteration
Non-repudiation - proof that sender sent it
Proof of submission - was sent to email server
Proof of delivery - was received by addressee
Message flow confidentiality - no one can know
a message was sent (anti-traffic analysis)
8
9
Anonymity - sender's ID hidden
Containment - message forwards to limited area
Audit - events recorded
Accounting - user statistics for allocating costs
Self-destruct - can not forward or store
Message sequence integrity - all messages
arrived in correct order
9
10
Privacy
Establishing Keys

Public Key Certification

Exchange Public Keys
Multiple Recipients

Encrypt message m with session key, S

Encrypt S with each recipient's key

Send S Kbob, S Kann, ... , m S
Authentication of Source

Hash (MD4, MD5, SHA1) of message, encrypt with
private key (provides ciphertext/plaintext pair)

Secret Key K MIC is hash of Km, or CBC residue
with K (assuming message not encrypted with K).
10
11
Message Integrity
The source authentication methods that
include a hash of the message provide MIC
Non-repudiation
Public-key signing provides non-repudiation.
Secret-key method requires a "Notary" to
"Sign" a time-stamp hash of the message
Proof of Delivery
Acknowledge before reading - can't prove m was
read.
Acknowledge after - may have read without
signing.
11
12
Proof of Submission

CC yourself (unfortunately headers easily
modified) - CC Notary (if recipient not in Bcc)
Flow Confidentiality

Encrypt message and headers, to third party.

Send from the corner Cyber Cafe, fake HotMail
account
Anonymity

Several Web site services available
Containment

Network Admin can set up filter tables on
routers.
12
13
Names and Addresses
X.500 Name (ISO standard)

?/CUS/OCIA/OUdrugs/PN'Manny Norriega'
Internet Name

m_noriega_at_mail.drugpc.cia.gov or manny_at_cia.gov

_at_

using the alias "mail" lets mail server program be
moved from one host to another

in ece.gatech.edu domain, "mail" is an alias for
"didier", also any email to "ece.gatech.edu"is ok.
Old message - later Non-reputiation

Need Notary to sign hash of message, Certificate
used to authenticate Public Key, and current CRL
13
14
Compress Text
Compress Image
14
From "PGP Freeware for MacOS, User's Guide"
Version 6.5, Network Associates, Inc., www.pgp.com
15
with signature attached if there is one
From "PGP Freeware for MacOS, User's Guide"
Version 6.5, Network Associates, Inc., www.pgp.com
15
16
compressed,
16
17
17
18
18
19
Radix-64 encoding of a binary (all possible 8-bit
bytes) message 6-bits at a time into 64 printable
ASCII characters (A-Z, a-z , 0-9, , / bytes
65-90, 97-122, 48-57, 47, 43) pad with .
To "Khawar Azad" From
John Copeland Subje
ct ECE8813 PGP Endeavor... Cc Bcc
X-Attachments -----BEGIN PGP
MESSAGE----- Version PGPfreeware 6.5.2 for
non-commercial use qANQR1DBw
U4D6cjDUQAxCwQB/9IZFOIuDSIIQbwa28SQ63DDioFb4bH4bm
KfopX cvdDVQ1X53fSJzyLt12RslfQToje8YxRNidYMNg1zDTT
7CR9q7LRFoAwBFVtQhWJ jFNXn1aE8oePReMi6vS0DXSSDfgD
uUb1Rc8htHoeik6Oebe9R90J3d51yyCojV P2zJ2C2DyZexiu
dHPuDF1NIeMX582ib70PNzZhigXZcZgCbzs7ppidhHoZaoFttK
goqLBFithU4ca0Xbh/11LDsUC7sY7DnAcjndFQA/7kduOATSl
TYaltdaplJl7yAV OIaOaOuXwpLfcPe9gcuVE43hAgiuy2Vxk
1luc1w2MhsnaI2CACU45XGjirbKViV sQ/PJwoTI7FwgcY8Sw
a0mqgLAeoU1gRpRnouXHrb4IKMzEKGVr6lhAxZ3oXu0h1 zUST
5p7EQn/hhGHWusEeUs8m4Q7pT39uIjYDfQTfeNxfEYnI058QZ
Duovunzhx7 xtTCVz9H164uMIl4kTzjcrBqPAFN/MTAX/mJ9a
AIEnaOAtOWF/AteGda7pOhRS feBsX0/4yMH0svQ2xrt1AzW
OjCfb6vY8nZKeafr7UTfM3P0HpvTnjsIzeehtnRp SW/pKPCTD
336unzHVASqdvkC4qlxHb3By8lp6LKD2e25PSWBB9gJrjfeI2
/AGIO sxFHdOU5ycGatX4tvNNZ0aGEJsZSUCirgcjpChqiuTG
HTAOQsU5d5z/NeuAXHBT 4WJteIrPo10vIbosI88vw5Nf5/MzC
SMsIM9TfScwyGTP4B4t4laq4kywBkRXTX6Y FAW34lHwGMxSNq
wrST58QVr8j9SiQ9hA2PjRzuM62edMaFOAuMvm3h2Uc6MyDKJx
kUk9jmPpuNOYqguruFdngmQatL00GTBr6jk5nzphoJQxUEJA0
tTZOGAy8MsK4Kz /X2P1Wgx6M3eNpSoeNF6yqPAW93rl3Bpj2
7T39BWKjDT2Q5rXXztq6y07oolggh6 nNTkBP17TmMXNhyeBNs
Usw/bM0mZt8OrlEp6bB4hflmGC9sAP64KvnkTSK6FQHT AHT0
1kWlpvJIZGKyT3PdCh9wlr1hQsUGto10t32fBGsJCXew/EClb5
54AnyYSzP8 KAjuw1NdKOBlze0DCiO6Z5zDAxAwlqTxcm42tt
hF5zFbTk4UKV6ORzIuHmRO7xR 5Io5nlM7T11PDaWqsjLr2ttr
SySzARt5fAJ9l1mOHhSl1YebRjZPaxWwbsYuqN a0GYr2Udw
gE1u5HQuhZbOIbSliShfKiNuDGHe6VJrchROHnC9Po2JWAOD7
wMFq6 STZ/MPGzViaCUaaWPLSKleiURUh4Ly5/LaNYkaumO9vh
241FPqtZKqRVmHRg6dY UdgoI3yfc3JrvepFQT1yeRjEVrLQi
UtyhcwdVoLjofgerGAfe3YuDCxM6wLIuCf7 Ro9edu01qTiXJj
25cXHxeNMdA1txLxR3ontbExowML5kxs 68Hd -----END
PGP MESSAGE-----
19
20
20
21
PGP Certificates
Anyone can issue a Certificate to anyone else
Certificates can be revoked by the issuer
Privacy Enhanced Mail, another standard
Where PEM expands data into canonical form,

(33 for text, 78 after encryption)
PGP compresses data using ZIP(-50),
encrypts, then (optionally) converts to
base64 (33)
21
22
Things of which to be aware
Neither PEM or PGP encode mail headers

Subject can give away useful info

To and From give an intruder traffic analysis info
PGP gives recipient the original file name and
modification date
PEM may be used in a local system with
unknown trustworthyness of certificates
Certificates often verify that sender is "John
Smith" but he may not be the "John Smith"
you think (PGP allows pictures in certificates)
22

Write a Comment

User Comments (0)