
















Study with the several resources on Docsity
Earn points by helping other students or get them with a premium plan
Prepare for your exams
Study with the several resources on Docsity
Earn points to download
Earn points by helping other students or get them with a premium plan
This lecture was delivered by Dr. Samarendra Jeethesh at Ankit Institute of Technology and Science for System Security and Cryptography course. It includes: Electronic, Mail, Security, VADM, Poindexter, Enhancements, Confidentiality, Authentication, Message, Integrity
Typology: Slides
1 / 24
This page cannot be seen from the preview
Don't miss anything!

















Despite the refusal of VADM Poindexter and LtCol North to appear, the Board's access to other sources ofinformation filled much of this gap. The FBI provideddocuments taken from the files of the National SecurityAdvisor and relevant NSC staff members, includingmessages from the PROF system between VADMPoindexter and LtCol North. The PROF messages wereconversations by computer, written at the time eventsoccurred and presumed by the writers to be protectedfrom disclosure. In this sense, they provide a first-hand,contemporaneous account of events. —The Tower Commission Report to PresidentReagan on the Iran-Contra Affair, 1987
email is one of the most widely used andregarded network services currently message contents are not secure may be inspected either in transit or by suitably privileged users on destinationsystem
widely used de facto secure email developed by Phil Zimmermann selected best available crypto algs to use integrated into a single program on Unix, PC, Macintosh and other systems originally free, now also have commercialversions available
sender creates message
use SHA-1 to generate 160-bit hash ofmessage
signed hash with RSA using sender'sprivate key, and is attached to message
receiver uses RSA with sender's publickey to decrypt and recover hash code
receiver verifies received message usinghash of it and compares with decryptedhash code
can use both services on same message create signature & attach to message encrypt both message & signature attach RSA/ElGamal encrypted session key
by default PGP compresses messageafter signing but before encrypting so can store uncompressed message &signature for later verification & because compression is non deterministic uses ZIP compression algorithm
need a session key for each message of varying sizes: 56-bit DES, 128-bit CAST orIDEA, 168-bit Triple-DES generated using ANSI X12.17 mode uses random inputs taken from previoususes and from keystroke timing of user
each PGP user has a pair of keyrings: public-key ring contains all the public-keys ofother PGP users known to this user, indexedby key ID private-key ring contains the public/privatekey pair(s) for this user, indexed by key ID &encrypted keyed from a hashed passphrase security of private keys thus depends onthe pass-phrase security
rather than relying on certificate authorities in PGP every user is own CA can sign keys for users they know directly forms a “web of trust” trust keys have signed can trust keys others have signed if have a chain ofsignatures to them key ring includes trust indicators users can also revoke their keys
enveloped data encrypted content and associated keys signed data encoded message + signed digest clear-signed data cleartext message + encoded signed digest signed & enveloped data nesting of signed & encrypted entities
digital signatures: DSS & RSA hash functions: SHA-1 & MD session key encryption: ElGamal & RSA message encryption: AES, Triple-DES,RC2/40 and others MAC: HMAC with SHA- have process to decide which algs to use