Pretty Good Privacy - PowerPoint by liuqingzhan


									   Email Security

By: Bassante Elsayed Saad

   Overview.
   Architecture and services.
   The User Agent.
   Message Formats.
   Message Transfer.
   Final Delivery.
   Defending Yourself from Spam and Email Viruses.
   Pretty Good Privacy.

   E-mail is the most popular network application.
   Using jargon.
   The first email systems consist of file transfer protocols with
    the first line containing the recipient’s address.
   There were some complaints:
       Sending a message to a group of people was inconvenient.
       Messages had no internal structure, making computer processing
       The sender never knew if a message arrived or not.
       The user interface was poorly integrated with the transmission system.
       Impossible to create and send messages containing multi types.
              Architecture and services

   RFC 822 vs. X 400.
   Email systems consist of two subsystems:
       User agents
       Message transfer agents
                  Basic Functions

   Composition
   Transfer
   Reporting
   Displaying
   Disposition
Beside those five basic functions, email system support additional
   •   Create mailboxes.
   •   Using commands.
   •   Mail list.
   •   Carbon copies and blind carbon copies.
   •   Secret email.
                     The User Agent

   It’s a local program that provide a command based or
    graphical method for interacting with email system.
   It allows people to read and send email.
   It’s called mail reader.
   Accepts commands with simple interface.
   After building a message, passes it to the message transfer
    agent which uses some of the headers fields to construct the
    actual envelope.
                       The User Agent

   Sending E-mail
       Destination address:
            user@dns-address
            Aliases
                 The User Agent

   Reading E-mail
   Displayed fields are extracted from envelope or headers.
   Simple vs. sophisticated email system.
   Flags:
        K: read previously.
        A: already answered.
        F: forwarded.
   Graphical vs. text based interface.
   Using 1 character commands:
        T: type
        A: answer
        D: delete
        F: forward
                 Message Formats

Header fields:
   Another header fields:
       Reply to
       Message id
       Other non important fields
   User can invent new headers provided that they start with X-
                     Message Formats

   Multipurpose Internet Mail Extensions: MIME
       Using non ASCII or English text.
       Use same RFC format but adding structure to the message body and
        define encoding rules for non ASCII messages.
       It defines five new headers
The new headers
   The content Transfer Encoding
       7 bits ASCII text provided that no line exceeds 1000 characters.
       8 bits
       Binary encoding:
            no guarantee that the message’ll arrive correctly.
            Base 64 encoding called ASCII armor
             Groups of 24 bits broken into 6 bits units each sent in ASCII character.
             Quoted printable encoding
                  for the almost entirely ASCII but few non ASCII characters.
                  7 bit ASCII
   Content type
                      Message Transfer

   The Simple Mail Transfer Protocol: SMTP
       Establish a TCP connection to port 25 of the destination machine.
       SMTP listen to this port and accepts incoming connections, then copies
        the messages into the mailboxes.
       Error report incase failure.
       The sending machine works as client waiting a reply from the server.
       Using 4 character commands.
       Using ASCII text for easy test and debug.
                     Message Transfer

   Problems that SMTP faces:
       Message length
       Time outs

   The solution is to use ESMTP.
                              Final Delivery

   Why do message transfer agents exist on an ISP machine?
   Post Office Protocol Version 3: POP 3
       Allows user transfer agents (on client PCs) to contact the message
        transfer agent (on ISP’s machine).
       Copy emails from ISP machine to the client one.
       First, the mail reader calls the ISP and establish a TCP connection with
        the message transfer agent at port 110.
       Three states of POP3:
            Authentication
            Transaction
            Update
                         Final Delivery

   Internet Message Access Protocol: IMAP
       All emails remain on server in multiple mailboxes.
       Can read parts of messages.
       Online.
       Listen to port 143
    Defending Yourself from Spam and
             Email Viruses
   Spam
      Spam is unwanted email that clogs our in-boxes.

      Spam has three unique characteristics:
           It is unsolicited. You didn't ask to be sent the information.
           It is sent regularly and frequently.
           There is some underlying commercial interest at stake.
    Defending Yourself from Spam and
              Email Viruses
   It is impossible to stop all spam, just like it is impossible to
    stop junk mail from reaching your mailbox.
   Nonetheless, there are measures you can take that can stop
    much of the spam from reaching you:
      Just Delete It

      Use a Mail Filter/Rule

      Forward the Spam to Ryerson's Email Postmaster
    Defending Yourself from Spam and
              Email Viruses
   Email Viruses
      The virus can be in an attachment to the email message. If
       you try to open the attachment, the virus will be activated.
      some email programs (especially older versions of
       Microsoft Outlook) are often configured to open
       attachments automatically. This means that the virus will
       be launched automatically before you can stop it.
      there are some simple indicators that are common features
       of email messages that contain viruses and that are easy to
       look out for.
    Defending Yourself from Spam and
              Email Viruses
   An email message may contain a virus if:
      it comes from an email address you don't recognise

      the subject of the email is extremely vague

      the subject contains hook lines like "Hi! Here's the
       document you wanted"
      the text body of the message is extremely short but the
       message size is very large
      the attachment is executable

      the attachment has a double suffix - e.g. filename.doc.exe.
    Defending Yourself from Spam and
              Email Viruses
   there are a few simple rules you can follow to substantially
    reduce the danger of email viruses:
      Never Open Attachments that are Executable Files

      Use Unix/Linux-based Computers
      Use Netscape Messenger and NOT Microsoft Outlook

      Save & Scan Attachments

      Enable Maximum Security on Microsoft Software
      Update Your Anti-Virus Software and Install Security
       Updates for Applications
       Contact the Sender to Verify the Attachment
       Disable System Restore (Windows Me/XP).
                    Pretty Good Privacy

Why we are using PGP?
•Select the best cryptographic algorithms.
•Integrated these algorithms into a general purpose application that

is independent of O.S. and processor based on an easy commands.
•Free source code and documentation for this package are available via Internet.

•It wasn’t developed by nor is it controlled by governmental or standards

•Consists of five services: authentication, confidentiality, compression, email
compatibility and segmentation.
PGP Cryptographic Functions
                   Pretty Good Privacy

   Email Compatibility:
       The resulting block consists of a stream of 8 bit octets
       Convert them into a stream of printable ASCII characters
       Use Radix64 conversions
                            Some Notes

   It’s preferable to generate a signature before encryption the
   Applying the compression after the signature but before the
    encryption for saving space
   The signature is generated before compression
       Easy for verification
   Encryption applied after compression
       Strengthen cryptographic security since the compressed message has
        less redundancy
    Cryptographic Keys and Key Rings
   PGP allows the users to have multiple public/private keys.
   Key Identifiers:
        How the recipient knows which private key to use to decrypt the session key?
        The solution:
           Transmit the public key : waste of space
           Use key id: overhead in mapping from key id to public key.

           Assign a key id to each PK with high probability, unique within the user id

           consist of its least 64 bits
        How the recipient knows which public key to use to decrypt the digital
         The solution:
             The digital signature includes the 64 bit key id of the required public key
   Key Rings

To top