2011 International Conference on Intelligence Science and Information Engineering

PGP e-mail protocol security analysis and improvement program

Dai Kuobin
College of Mathematical and Computer Sciences
Huanggang normal University
Hubei 438000,China
E-mail:654729702@qq.com

Abstract: Analysis of PGP content of the protocol, the
protocol there is a public key distribution protocol system
loopholes, through analysis, the protocol could not resist
the middle attack. In this paper proposed a method that
security of cryptographic algorithms in the original basis
of the above, from the protocol itself to strengthen
security. Improved PGP cryptosystem from the point of
view is difficult to break.
Keywords: PGP protocol, middle attacks
I INTRODUCTION
E-mail security include: First, Secret, ensuring that
information is not exposed to unauthorized entities or
processes, that is the message content can not be
identified by third parties (even if the network
administrator), because it may involve businesses trade
secrets. Confidentiality can be achieved through data
encryption; the second is the integrity of the people who
can only be allowed to modify data, and can determine
whether the data has been tampered with, mainly to avoid
third party e-mail communication between two or
deliberate modification caused commercial disputes, it
can be a digital signature and other measures to solve;
third certification, which means that both the
communication and the recipient of the message is sent to
confirm the identity of the sender of the responsibility for
the contents of letters sent, the recipient can not deny
received the message, so identification can prevent denial
to avoid liability disputes, it can be through data
encryption and digital signatures, etc. to achieve.
kept confidential to prevent unauthorized messages were
read, it can digitally sign the message so the recipient can
confirm the sender of the message, and can be sure that
the message has not been tampered with. It provides a
secure means of communication, but does not require any
prior confidentiality channel used to pass key. It uses a
RSA and a hybrid of traditional encryption algorithms,
message digest for digital signature algorithms,
encryption before compression, there is a good ergonomic
design. It's powerful, with very fast speed. And its source
code is free.
In [2] from the composition of email encryption software
PGP algorithms start with the core algorithm, the various
algorithms discussed security issues, and for RSA, MD5
algorithm is less than the proposed two new algorithms:
RIPEMD-160 digest algorithm based on and signature
based on elliptic curve algorithm (ECDSA). Through
theoretical analysis and testing, obtained based on elliptic
curves than the RSA signature algorithm with higher
security, based on RIPEMD-160 digest algorithm MD5 is
for more effective against brute-force attack, differential
cryptanalysis and linear cryptanalysis analysis. In this
paper is to analyze the PGP email security agreement
itself, the program analyzes the presence of a security
vulnerability, and gives a solution.

Figure1 PGP email encryption

PGP (Pretty Good Privacy), is a system based on RSA

public key encryption email encryption software. It can be II PGP E-MAIL PROTOCOLS SECURITY ANALYSIS

978-0-7695-4480-9/11 $26.00 © 2011 IEEE 45

DOI 10.1109/ISIE.2011.144
 PGP is a complete email security package, including
encryption, authentication, electronic signatures,
andcompression. PGP does not use any new concept, it is
just some of the existing algorithms such as MD5, RSA,
and IDEA so integrated with it. Although PGP has been
widely used, but PGP is not an official Internet standard.
2.1 PGP e-mail content of the protocol
PGP works is not complicated. He provides email
security, sender authentication and message integrity.
Assume that A to B to send an e-mail expressly X, now
with PGP encryption. A There are three keys: his private
key, B's public key and generate their own one-time key.
B has two keys: its own private key and A's public key.
A process of sending e-mail as follows:
(1) using the MD5 algorithm computing the message
digest of the plaintext X , computing message digest H. H
with their private key to digitally sign the message digest
obtained after signed to D (H), stitching it back in the
express X, obtained packet (X + (H)).
(2) use their own private one-time key encryption
message (X + D (H)).
(3) with B's public key to generate their own one-time key
encryption.
Figure 2 attack on its public key distribution process the-middle attack
Attack on its public key distribution process is as follows:
1) A send "I'm A" of the message to B , and gives his own
identity. This message is a "middleman" C intercept, C to
this message forwarded to the intact B. B does not re-
select a number of RB sent to A, but also was intercepted
after C still forwarded to the A.
(2) an intermediary C SKC with their own private key
encryption of RB back to B, so B is A mistaken sent. A RB
after receiving their own encrypted private key SKA of RB
back to B, the middle intercepted by C and discarded. B
to A to obtain the public key, the message is intercepted
forwarded to CA.
(3) C PKC posing as his own public key is sent to the A, B,
and C are intercepted to A to B's public key to send PKA.
(4) with A's public key on the D (H) the signature
verification, message digest derived H.
(5) calculation of X's message digest, obtained message
digest, and H to see if, if, as the e-mail sender
46
identification on the passed, the message integrity has
also been affirmed.
B receives the e-mail as follows:
(1) Separation of encrypted one-time keys and encrypted
messages (X + D (H)).
(2) with their own private key to decrypt the A's one-time
key.
(3) solve one-time key for the message (X + D (H)) to
decrypt, and then isolate the explicit X and D (H).
(4) with A's public key on the D (H) the signature
verification, message digest derived H.
(5) calculation of X's message digest, message digest
obtained, and H to see if, if, as the e-mail sender
identification on the passed, the message integrity has
also been affirmed.
2.2 PGP E-MAILPROTOCOLSECURITY ANALYSISPGPE-MAIL
But the existence of a protocol agreement public key
distribution system gaps, through analysis, the agreement
could not resist the middle attack. Attack of the process as
shown:
(4) B public key received with PKC (that is A) to encrypt
the data sent to the A. C intercepted SKC with their own
private key to decrypt, copy left, then A's public key PKA
encrypt the data sent to the A. A receives the data, with
their own private key to decrypt SKA, and B that had
confidential communications. In fact, B sends the
encrypted data to the A middleman has been intercepted
and decrypted a C. But A and B but do not know.
III IMPROVEDPGP E-MAILPROTOCOL
Needed to improve on the original e-mail protocol, which
improved after the procedure in two steps, the first step to
obtain the correct public key, the second step, send e-
mail. The following figure 3:
Figure 3.1 The process to obtain the correct public key
Figure 3.2 Improved mail sending process
(1) computing MD5 message digest of X + RB, derived
message digest of H. H with their private key to digitally
sign the message digest obtained after signed to D (H),
stitching it back in the express X, obtained packet (X + D
(H)).
(2) encrypted messages of (X + D (H)) use to generate
their one-time own key.
(3) with B's public key to generate their own one-time
encryption key KM + RB.
(4) encrypted the one-time encryption keys and messages
(X + D (H)) and sent to the B. Please note that the above
two projects is not the same encryption key. A one-time
key is encrypted with B's public key, and the message (X
+ D (H)) A one-time key is encrypted.
B receives the e-mail as follows:
(1) separated the one-time key and the encrypted
message (X + D (H)).
(2) with their own private key to decrypt the A's one-time
key KM + RB, isolated and compared to the RB, if the right
is saved KM.
(3) solve one-time key for the message (X + D (H)) to
decrypt, and then isolate the explicit X and D (H).
(4) with A's public key on the D (H) the signature
verification, and ratio of RB, if correct, have come to the
message digest H.
47
(5) X to the message digest operation, obtained the
message digest, and H to see if, if as the e-mail sender
identification on the passed, the message integrity has
also been affirmed.
3.2 Improved protocol security analysis of PGP e-mail
The method of cryptographic algorithms in the original
basis of the above security from the agreement itself to
strengthen security. Improved PGP cryptosystem from the
point of view is difficult to break. PGP key management
is a key factor. The end of each user to maintain in their
two data structures: the key ring and key ring. Key ring
includes one or more user's own key - public key pair.
This is done to better the user often change their keys.
Each pair has its own key identifier. Notify the recipient
this sender identifier, so the recipient know that a public
key to decrypt with. The user's key ring includes a
number of regular communication object's public key.
IV CONCLUSION
Analysis of PGP content of the agreement, the agreement
there is a public key distribution protocol system
loopholes, through analysis, the agreement can not resist
the middle attack. In this paper proposed a method that
security of cryptographic algorithms in the original basis
of the above, from the agreement itself to strengthen
security. Improved PGP cryptosystem from the point of
view is difficult to break.

REFERENCE

[1] Xie Xiren Computer Network [M], Electronics

Industry Press, 2008, 10 months.
[2] Cui Jian, double, Li grams. PGP secure e-mail
encryption works [J]. Computer Engineering and Science,
2003,1 (6): 25 - 28.
[3] Yangxue Tao, Li Tao, Liu Xiaojie, etc. Design and
implementation of secure e-mail [J]. Computer
Engineering and Design, 2003, 5 (6): 42-45.
[4] Li Xianxian based on PGP security systems and
applications [J]. Guangxi Normal University, 2000, 9 (3):
35-41.
[5] Bruce Schneier. Applied cryptography protocols,
algorithms, and source code in C[M]. Beijing: China
Machine Press, 2000.
[6] Wade Trappe. Introduction to cryptography with
coding theory[M]. Beijing: Post and Telecom Press,
2004.126-134.
[7] David Salomon. Data privacy and security[M].
Beijing: Publishing House of Tsinghua University,
2005.142-173.

48