Email Security and Encryption Technologies Overview

Slide Note
Embed
Share

Email security is crucial in today's digital world. This content discusses various email security measures, including PGP and S/MIME systems, and their utilization in business and personal communications. It also explores the history of PGP encryption, the role of Philip R. Zimmermann, and the characteristics of secure email transmission. The content further delves into the technical aspects of PGP, such as the algorithms used for encryption and the services it provides. Additionally, it explains authentication through digital signatures and confidentiality measures in email communication, highlighting the encryption processes involved.

cincereva
cincereva Follow

Uploaded on Sep 29, 2024 | 0 Views

Download Presentation

Please find below an Image/Link to download the presentation.

The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author. Download presentation by click this link. If you encounter any issues during the download, it is possible that the publisher has removed the file from their server.

E N D

Presentation Transcript

  1. Electronic Mail Security 1

  2. Authentication and confidentiality problems Two systems: - PGP (Pretty Good Privacy) - S/MIME (Science Multipurpose Internet Mail Extension). System utilization S/MIME Industrial Standard for business utilization PGB personal electronic mail 2

  3. Philip R. Zimmermann created the first version of PGP encryption in 1991.(freeware) Shortly after its release, PGP encryption found its way outside the United States and in February 1993 Zimmermann became the formal target of a criminal investigation by the US Government for munition export without a license". Cryptosystems using keys larger than 40 bits were then considered munitions within the definition of the US export without a license; PGP has never used keys smaller than 128 bits so it qualified at that time. Penalties for violation, if found guilty, were substantial. After several years, the investigation of Zimmermann was closed without filing criminal charges against him or anyone else. After the Federal criminal investigation ended in 1996, Zimmermann and his team started a company to produce new versions of PGP encryption. 3

  4. Caratteristiche di sicurezza Confidenzialit Autenticazione di chi spedisce Integrit del messaggio Autenticazione del ricevente 4

  5. PGP is based on: RSA, DSS, and Diffie- Helman algorithms for public key encryption and CAST-128, IDEA e TDEA algorithms for symmetric key encryption. SHA-1 for hash functions. PGP services: - Authentication - Confidentiality - Compression - E-mail compatibility - Segmentation 5

  6. Authentication (digital signature) 1. The sender creates a message 2. SHA-1 is used to generate a 160 bit hash code of the message 3. The hash code is encrypted with RSA using the sender s private key and the result is prepended to the message. 4. The receiver uses RSA with the sender s public key, to decrypt and recover the hash code. 5. The receiver generates a new hash code for the message and compares it with the decrypted hash code. If the two match, the message is accepted as authentic 6

  7. Confidentiality 1. The sender generates a message and a random 128-bit number to be used as a session key for this message only. (one time key) 2. The message is encrypted, using a symmetric algorithm (CAST-128 or IDEA or 3DES) with the session key 3. The session key is encrypted with RSA, using the recipient s public key, and is prepended to the message 4. The receiver uses RSA with its private key to decrypt and recover the session key 5. The session key is used to decrypt the message. 7

  8. Authentication and Confidentiality The sender - Signs the message with its private key -Encrypts the message with the session key -Encrypts the session key with the public key of the receiver 8

  9. Public key certification The mechanism is different from that of Certification Authority. The PGP public keys may be distributed through a public keys server.When a user submits a public key to one of these servers, the server sends a copy of the key to all the other servers and provides the key to anyone requires the key. A different and very common method of distributing its public key consists in to insert them in the personal web page. 9

  10. Compression A message may be compressed, for storage or transmission using ZIP Email compatibility An encrypted message may be converted to an ASCII string using radix-e conversion Segmentation To accomodate maximum message size limitations, PGP performs segmentation and reassembly 10

Related


Security with Functional Re-Encryption in Cryptography

Security with Functional Re-Encryption in Cryptography

persis
Homomorphic Encryption Overview

Homomorphic Encryption Overview

kol_ba
Understanding Unidirectional Updatable Encryption and Proxy Re-Encryption

Understanding Unidirectional Updatable Encryption and Proxy Re-Encryption

sbly
The Vital Role of Encryption in Safeguarding the Digital Economy

The Vital Role of Encryption in Safeguarding the Digital Economy

dsega
Understanding Encryption: Keys, Algorithms, and Applications

Understanding Encryption: Keys, Algorithms, and Applications

yoha_481
Understanding AES Encryption in Computer Engineering

Understanding AES Encryption in Computer Engineering

lavinia
Overview of SMX Algorithm and AES Encryption Standard

Overview of SMX Algorithm and AES Encryption Standard

nmag
Probabilistic Public Key Encryption with Equality Test Overview

Probabilistic Public Key Encryption with Equality Test Overview

keos443
Homomorphic Encryption and RLWE Schemes Overview

Homomorphic Encryption and RLWE Schemes Overview

galletta_n
Understanding AES Encryption Algorithm and Its Implementation

Understanding AES Encryption Algorithm and Its Implementation

danger
Introduction to SFTP & PGP Encryption for Secure Data Transfer

Introduction to SFTP & PGP Encryption for Secure Data Transfer

bunty
Bootstrapping in Fully Homomorphic Encryption

Bootstrapping in Fully Homomorphic Encryption

elaysia
Understanding Data Encryption and File Security

Understanding Data Encryption and File Security

ram_b
Understanding Security Threats and Public-Key Cryptosystems

Understanding Security Threats and Public-Key Cryptosystems

ainhoa
Exploring Cloud Cryptography for Secure Data Processing

Exploring Cloud Cryptography for Secure Data Processing

vespera
Understanding Cryptography Basics and Toolbox

Understanding Cryptography Basics and Toolbox

mhed
Columnar Transposition Cipher: Data Encryption Techniques at Mustansiriyah University Engineering College

Columnar Transposition Cipher: Data Encryption Techniques at Mustansiriyah University Engineering College

remiel
Cryptography Concepts and Encryption Methods Overview

Cryptography Concepts and Encryption Methods Overview

tming
ADFGVX Cipher: Encryption and Decryption Techniques

ADFGVX Cipher: Encryption and Decryption Techniques

scarlett
Public key encryption, Digital signature and authentication

Public key encryption, Digital signature and authentication

huda
Implementing Informix Encryption at Rest

Implementing Informix Encryption at Rest

ifriz
Enhancing Security Definitions for Functional Encryption

Enhancing Security Definitions for Functional Encryption

kalila
Fully Homomorphic Encryption: Foundations and Applications

Fully Homomorphic Encryption: Foundations and Applications

kora
Understanding Homomorphic Signatures and Fully Homomorphic Encryption

Understanding Homomorphic Signatures and Fully Homomorphic Encryption

dberg

More Related Content

Data Protection Best Practices for Secure Storage and File Encryption
Data Protection Best Practices for Secure Storage and File Encryption
Understanding Fully Homomorphic Encryption in Information Security
Understanding Fully Homomorphic Encryption in Information Security
Understanding Public Key Cryptosystems in RSA Encryption
Understanding Public Key Cryptosystems in RSA Encryption
Mastering Email Management: Tips, Statistics, and Best Practices
Mastering Email Management: Tips, Statistics, and Best Practices
Understanding Email Campaigns in Internet Marketing
Understanding Email Campaigns in Internet Marketing
Overview of Modern Cryptography and Data Encryption Standard (DES)
Overview of Modern Cryptography and Data Encryption Standard (DES)
Understanding the Tor Network: An In-Depth Overview
Understanding the Tor Network: An In-Depth Overview
Introduction to RSA Cryptography and Public Key Encryption
Introduction to RSA Cryptography and Public Key Encryption
Introduction to Public Key Cryptography
Introduction to Public Key Cryptography
Introduction to Cryptography, Cryptanalysis, and Cryptology
Introduction to Cryptography, Cryptanalysis, and Cryptology
Understanding Encryption Techniques: From Transposition Ciphers to Rail Fence Ciphers
Understanding Encryption Techniques: From Transposition Ciphers to Rail Fence Ciphers
Understanding Block Ciphers in Cryptography
Understanding Block Ciphers in Cryptography
Spookily Homomorphic Encryption Explained
Spookily Homomorphic Encryption Explained
Improved Encryption Technique for Phase Change Memory (PCM)
Improved Encryption Technique for Phase Change Memory (PCM)
Enhancing Public Wi-Fi Security with Opportunistic Wireless Encryption (OWE)
Enhancing Public Wi-Fi Security with Opportunistic Wireless Encryption (OWE)
Dual System Encryption: Concept, History, and Recent Works
Dual System Encryption: Concept, History, and Recent Works
Understanding Provable Security Models in Cryptography
Understanding Provable Security Models in Cryptography
BCA 601(N): Computer Network Security
BCA 601(N): Computer Network Security
Mastering Email Management: Practical Tips for Efficiency
Mastering Email Management: Practical Tips for Efficiency
Understanding Email Technologies and Infrastructure
Understanding Email Technologies and Infrastructure
Mastering Email Communication for Effective Interactions
Mastering Email Communication for Effective Interactions
Mastering Email Communication in the Workplace
Mastering Email Communication in the Workplace
Understanding LXI Network Security in Industrial Environments
Understanding LXI Network Security in Industrial Environments
Best Practices for Securing Linux Systems
Best Practices for Securing Linux Systems