E-mail and Encryption
description
Transcript of E-mail and Encryption
E-mail and Encryption
Ensuring secure communications in a distributed corporate environment.
The Problem
The Internet is a distributed network. No one machine controls access to all
others. E-mail travels through several servers
before arriving at its destination. Every e-mail is stored for a time on every
server it passes through. E-mail between the same recipients may
never take the same route.
Threat Assessment
Anyone with access to any of the servers through which our e-mail passes can read it.
Anyone with a minimum of technical expertise can forge e-mail to impersonate any sender (or a fictitious sender).
We are vulnerable to data theft, data vandals, and electronic imposters.
Negating the Threat
Public Key (or Asymmetric) Encryption: Permits only the intended recipient to recover
the message, no matter who sees the e-mail. Allows positive authentication, so that the
recipient can verify the sender’s identity. “Conferable Trust” extends these benefits to
any two parties that need to exchange secure e-mail, even if they have never met.
Public Key Encryption
Users generate a key pair: A Public Key that is widely
distributed (the wider the better); A Private Key that is never
revealed. Each key in the pair is the inverse
cryptographic function of its mate. It is impossible to deduce the
private key by analysis of the public key.
Alice
Public Key Protocol
Alice and Bob meet to exchange public keys. Alice “locks”
messages for Bob with her copy of Bob’s public key.
Bob uses his private key to “unlock” the message encrypted with his public key.
Eve
Bob
Cryptographic Signatures
Messages “locked” with a public key are encrypted to the recipient.
Messages “locked” with a private key are digitally signed by the sender.
Encrypted messages are recovered with recipient’s private key.
Signatures are verified with sender’s public key.
Key Management
People cannot always meet to swap keys. Vulnerable to “man in
the middle” attack: Eve intercepts keys and
substitutes her own; Eve can recover
messages intended for Alice and Charlie, and still evade detection. Alice Charlie
Eve
Conferring Trust with a Signature
Exchange keys through a mutually trusted third party: Charlie and Alice each
hold a copy of Trent’s public key;
Trent signs Charlie’s and Alice’s public key with his private key;
Charlie and Alice each verify Trent’s signature using Trent’s public key.
Alice Charlie
Trent
Eve
Key Distribution
Key servers on the Internet are free public key repositories.
Users upload their public keys so they can receive secure e-mail from others
Users can download keys for sending secure e-mail to the keys’ owners.
Users can download keys with which to authenticate signatures.
The Good News ...
You don’t have to remember much of this. SMSI has selected and will purchase for you software
that handles all of these tasks almost automatically. Today, Andrew will hand you a copy of SMSI’s
corporate public key, which will act as “Trent” in our example.
The software can harvest the keys of SMSI employees and associates off of the key servers.
Ensure each key you download is signed by SMSI. Verify the SMSI signature using the key Andrew gives you.
The Bad News
Encryption systems fail their users because of poor key management.
Pick a good pass phrase. Always verify signatures. Encrypt your private key when you’re not using
it. Keep a back-up of your keys in a safe place! If possible, try and limit physical access to your
computer.
Has it ever been cracked?
Yes. Two RSA-encrypted messages have been cracked publicly.
The first took an estimated 5000 MIPS-years of computing time. The second took about 1300.
Both compromised keys were extremely weak, consisting of fewer than 500 bits.
Today we use 2,048 bit keys (or stronger), and a more secure algorithm, called Diffie-Hellmann.
These efforts each cracked only a single RSA key. Nothing was discovered that could cause any other keys to become less secure.
If you really want to know ...
Find two very large primes, p and q. Find n=pq (the public modulus). Choose e, such that e < n and relatively prime to (p-1)(q-1). Compute d such that ed=1[mod (p-1)(q-1)]. e is the public exponent and d is the private one. The public key is (n,e), and the private key is (n,d). To encrypt, divide the target message into blocks smaller
than n and perform modular exponentiation: c=m^e mod n Decryption is the inverse operation: m=c^d mod n …et Voila!