Security at the Application Layer:

PGP and S/MIME

BKM/SIT

E-mail Architecture

BKM/SIT

E-mail Security
Cryptographic Algorithms Note In e-mail security, the sender of the message needs to include the name or identifiers of the algorithms used in the message.

Certificates It is obvious that some public-key algorithms must be used for e-mail security.
BKM/SIT

Cryptographic Secrets

Note In e-mail security, the encryption/decryption is done using a symmetric-key algorithm, but the secret key to decrypt the message is encrypted with the public key of the receiver and is sent with the message.

BKM/SIT

PGP
Pretty Good Privacy (PGP) can be used to create a secure e-mail message or to store a file securely for future retrieval. Invented by Phil Zimmermann.

BKM/SIT

Message Integrity
An authenticated message

BKM/SIT

Confidentiality with One-Time Session Key

BKM/SIT

Continued
Code Conversion Another service provided by PGP is code conversion. PGP uses Radix-64 conversion for non-ASCII data.

Segmentation PGP allows segmentation to get uniform size unit of the message after applying Radix-64 .

BKM/SIT

Key Rings in PGP

Assuming that a person may send message to many persons, PGP defines the concept of key rings.

BKM/SIT

Key Rings in PGP-Contd

Note that Alice has several pair of public/private keys belonging to other people. Alice sending a message She uses her private key to sign the digest. She uses the receivers public key to encrypt a newly created session key. She encrypts the message and signed digest with the session key created.
Alice receiving a message She uses her private key to decrypt the session key. She uses the session key to decrypt the message & digest. She uses her public key to verify the digest.

BKM/SIT

PGP Algorithms

BKM/SIT

Continued

BKM/SIT

Continued

BKM/SIT

Continued

BKM/SIT

PGP vs X.509 Certificates

PGP uses certificates to authenticate public keys. Unlike X.509, there is no need of CAs. Anyone in the ring can sign a certificate for anyone else in the ring. Protocols that use X.509 certificates depend on the hierarchical structure of the trust. That means a single path from the fully trusted authority to any certificate. But, in PGP there can be multiple paths from fully or partially trusted authorities to any certificate.

BKM/SIT

Private key ring table maintained by each entity

BKM/SIT

Used ID is usually the email-id of the user Key ID is the first(LSB) 64 bits of the public key. Public Key column lists the public key belonging to a particular private key/public key pair. Encrypted private key column keeps the private keys of the key ring in encrypted form. Timestamp holds the date and time of the key pair creation.

Public key ring table maintained by each entity

Used ID Here also the user-id is usually the e-mail id of the entity. Key ID Here also the key id is first 64 bits of the public key. Public Key This the public key of the entity. Producer Trust defines the trust level of the producer: full, partial or none. Certificate(s) It holds the certificates signed by other entities for this entity. Certificate Trust(s) It represents the certificate trust value of an entity, which is taken from Producer Trust value after receiving a certificate from another entity. Key Legitimacy This value is calculated by PGP based on the value of the certificate trust and the weight for each certificate trust.

BKM/SIT

Example

A series of steps will show how a public key ring table is formed for Alice.

BKM/SIT

Continued

BKM/SIT

Continued

BKM/SIT

Trust Model in PGP

Following shows a model of trust for Alice at some point in time. The diagram may change with changes in the public key ring

BKM/SIT

Key Revocation
It may become necessary for an entity to revoke(withdraw) his or her public key from the ring. This may happen if the owner of the key feels that the key is compromised (stolen, for example) or just too old to be safe.

BKM/SIT

Extracting Information from Rings

Extracting information at the Sender site

Assume that Alice is sending an Email to Bob. For that, she needs 5 pieces of information from PGP as follows: The key id of the public key she wants to use Her own private key The session key Bob s public key ID Bobs public key To get these, she has to input 4 pieces of information to PGP as follows: Her user ID Her password Key strokes BKM/SIT Bobs user ID

Extracting Information from Rings

Extracting information at the Sender site

BKM/SIT

Continued
Extracting information at the Receiver site

BKM/SIT

PGP Packets
Format of packet header

BKM/SIT

PGP Messages A PGP message is a combination of sequenced and/or nested packets. Some examples are: Encrypted Message Signed Message Certificate Message

BKM/SIT

Literal data packet

It is the packet that carries the actual data to be transmitted.

BKM/SIT

Compressed data packet

This packet carries compressed data. The compression method used are ZIP(code:1) and ZLIP(code:2)

BKM/SIT

Encrypted data packet

This packet carries data from one/many packet that have been encrypted using symmetric key algorithm. But, a session packet carrying one time session key must be sent before this.

BKM/SIT

Signature packet
It protects the integrity of the data.

BKM/SIT

Continued

BKM/SIT

Session-key packet
This packet is used to send the session key encrypted with the receivers public key

BKM/SIT

Public-key packet
This packet contains the public key of the sender.

BKM/SIT

User ID packet
This packet identifies a user and associate the used ID contents with a public key of the sender.

BKM/SIT

PGP Message Formats

Encrypted message

BKM/SIT

Signed message

BKM/SIT

Certificate message

BKM/SIT

S/MIME
Secure/Multipurpose Internet Mail Extension (S/MIME). This is an enhancement of the supplementary protocol called MIME which has been integrated to the email system. MIME helps to transmit non-ASCII data(which were not allowed earlier) to be sent over the same email. MIME transforms non-ASCII data at the sender site to NVT ASCII data and delivers it to the client MTA to be sent through the Internet. At the receiving site, it is again transformed back to original data.

BKM/SIT

MIME

BKM/SIT

Continued

BKM/SIT

Continued

Text

BKM/SIT

Continued

BKM/SIT

Radix-64 conversion
This is a solution for sending data bytes when the highest bit is not necessarily zero. It divides the binary data into 24-bit blocks. Each block is then divided into four sections, 6bits each.

BKM/SIT

Continued

BKM/SIT

Quoted-printable
This encoding can be suitable if the data consists of mostly of ASCII characters with a small non-ASCII portions. If a character is ASCII, it is sent as it is, but if it is non-ASCII, it is sent as three characters. First character is a =sign , then next two are the hexadecimal representations of the byte.

BKM/SIT

S/MIME
S/MIME adds some new content types to include security services to the MIME. All of these new types include the parameter application/pkcs7-mime, in which pkcs defines Public Key Cryptography Specification.

Cryptographic Message Syntax (CMS) To define how security services, such as confidentiality or integrity, can be added to MIME content types, S/MIME has defined Cryptographic Message Syntax (CMS). The syntax in each case defines the exact encoding scheme for each content type.
BKM/SIT

Example

The following shows an example of an enveloped-data in which a small message is encrypted using triple DES.

BKM/SIT

Signed-data content type

This type provides only integrity of data. It contains any type and zero or more signature values.

BKM/SIT

Enveloped-data content type

This type is used to provide privacy for the message. It contains any type and zero or more encrypted keys and certificates.

BKM/SIT

Digest-data content type

This type is also used to provide integrity for the message

BKM/SIT

Authenticated-data content type

This type is used to provide authentication of the data

BKM/SIT

Key Management
The key management in S/MIME is a combination of key management used by X.509 and PGP.

BKM/SIT

Cryptographic Algorithms
S/MIME defines several cryptographic algorithms. The term must means an absolute requirement; the term should means recommendation.

BKM/SIT