1
WWW.Prohackers.in
“E-mail Security Protocol-2
Pretty Good Privacy (PGP)”
By:
-Vishal Kumar
(CEH, CHFI, CISE, MCP)
2
WWW.Prohackers.in
Table of Content
1. Introduction to PGP
2. The Working of PGP
a) Step 1: Digital Signature
b) Step 2: Compression
c) Step 3: Encryption
d) Step 4: Digital Enveloping
e) Step 1: Base-64 Encoding
3. PGP Algorithms
4. Key Rings
5. PGP Certificates
a) Introducer Trust
b) Certificate Trust
c) Key Legitimacy
6. Web of Trust
3
WWW.Prohackers.in
1. Digital Signature
2. Compression
3. Encryption
5. Base-64 Encoding
Fig: PGP operation
4. Enveloping
Introduction
Phil Zimmerman is the father of the Pretty Good Privacy (PGP) protocol. The most
significant aspects of PGP are that it supports the basic requirements of cryptography, is
quite simple to use, and is completely free. Including its source code and documentation.
Moreover, for those organizations that require support, a low-cost commercial version of
PGP is available from an organization called Viacrypt (now Network Associates). PGP has
become extremely popular and is far more widely used, as compare to PEM. The E-mail
cryptographic support offered by PGP is shown below:
1 The Working of PGP
In PGP, the sender of the message needs to include the
identifiers of the algorithm used in the message, along with the
value of the keys. The broad-level steps of PGP are illustrated in
the fig. as shown, PGP starts with a digital signature, which is
followed by compression, then by encryption, then by digital
enveloping and finally, by Base-64 encoding.
PGP allows for three security options when sending an email
message. These options are.
Signature (steps 1 and 2)
Pretty Good Privacy (PGP)
Encryption Non-repudiation Message Integrity
Fig: - Security Features offered by PGP
4
WWW.Prohackers.in Signature and Base-64 encoding (Steps 1, 2 and 3)
Signature, Encryption, Enveloping, and Base064 encoding (Steps 1 to 5)
Let us discuss these five steps in PGP,
Step 1: Digital Signature
We had earlier discussed about the digital signature in the Step 1 of Privacy Enhance Mail
protocol.
Step 2: Compression
This is additional step in PGP. Here, the input message as well as the digital signature are
compressed together to reduce the size of final message that will be transmitted. For
this, the famous ZIP program is used. ZIP is based on Lempel-Ziv-algorithm.
The Lempel-Ziv-algorithm looks for repeated strings or words, and stores them in a
variable. It then replaces the actual occurrence of the repeated word or string with a
pointer to the crossponding variable. Since a pointer requires only a few bits of memory as
compare to original string, this this method reduces in the data being compressed.
For instance, consider the following string:
What is your name? My name is vishal
Using the Lempel-Ziv-algorithm, we would create two variables, say A and B and replace
the word is and name by pointer to A and B, respectively. This is shown in below image.
What is your name? My name is vishal
1. A = is 2. B = name
What 1 your 2? My 2 1 Vishal
Original String
Variable creation and
assignment
Compressed String
Fig: - Lempel-Ziv-Algorithm, as used by the ZIP program
5
WWW.Prohackers.in As we can see, the resulting string What 1 your 2? My 2 1 vishal, is smaller then compare
to original string what is your name? My name is vishal.
Step 3: Encryption
In this step the compressed output of stem 2 (the compression from of the original email
and digital signature together) are encrypted with a symmetric key. For this, generally the
IDEA algorithm in CFB mode is used. We have already discussed this process in PEM
(Privacy Enhance Mail) protocol.
Step 4: Digital Enveloping
In this case symmetric key used for encryption in step 3 is now encrypted with receiver
public key. The output of stem 3 and step 4 together forms a digital envelope. This is
shown in below figure:
Step 5: Base-64 encoding
The output of step 4 is Base-64 encoded; we have already discussed the process of this
encoding in PEM (Privacy Enhance Mail) protocol.
Output of
Step 3
Sender
Symmetric key encrypted with the
receiver’s public key
Digital Envelope
Fig: - Formation of Digital Envelope
6
WWW.Prohackers.in 2.2 PGP Algorithms
PGP supports a number of algorithms. The most common of them are listed below:
Algorithm type Description
Asymmetric Key RSA (Encryption and signing, Encryption only, Signing only)
DSS (Signing only)
Message Digest MD5, SHA-1, RIPE-MD
Encryption IDEA, DES-3, AES
2.3 Key Rings
When a sender wants to send an email message to a single recipient, there is no too much
of problem. Complexities are introduced when a message has to be sent to multiple
recipients. If Alice needs to correspond with 10 people, Alice needs the public key of all
the 10 people. Hence, Alice is said to need a key ring of 10 public key. PGP specific a ring
of public-private keys. This is because Alice may want to change her public-private key
pair, or may want to use a different key pair for different groups or users. In other
words, every PGP user need to have two sets of key rings: (a) A ring of her own public-
private key pair, (b) A ring of public key of other users.
The concept of key rings is shown in the below figure. Note that in one of the key rings,
Alice maintain a set of key pair; while in other she just maintain the public keys of other
users. Obliviously, she cannot have the private key of other users.
Table: - PGP Algorithms
Alice’s key ring, where she holds
her own public-private key pairs
Alice’s key ring, where she holds
only the public key of PGP users
in the system
Fig: Key rings maintain by a user in PGP
7
WWW.Prohackers.in 2.4 PGP Certificates
In order to trust the public key of a user, we need to have that user’s digital certificate.
PGP can use certificate issued by a CA, or can use its own certificate system.
The originally, certificate issued by the root CA to the second-level CAs. The second level
CA can issue certificate to third-level CA and so on this can continue up-to the require
number of levels. At the lowest level, the last CA issues certificate to end user.
In PGP, there is no CA, anyone can sign a certificate to anyone else in the ring. Vishal can
sign the certificate to Deepak, Juhi, Harish and so on. There is no hierarchy of trust. This
creates a situation where a user can have certificates issued by different users. For
example; Juhi may have a certificate signed by Vishal and another one by Anita, this is
shown in the below figure. Hence, if Harish wants to verify Juhi’s certificate, he has two
paths: Juhi to Vishal and Juhi to Anita. Harish may fully trust Vishal, but not Anita, hence
there can be a multiple path in the line of trust from a fully or partially trusted authority
to a certificate.
The equivalent of CA (a user who issue certificate) in PGP is called introducer.
Vishal
Anita
Digital Certificate
User: Juhi
Issued by: Vishal
Digital Certificate
User: Juhi
Issued by: Anita
Juhi
Fig: Anyone can issue certificate to anyone else
8
WWW.Prohackers.in The whole concept can be understood better with the help of three ideas:
Introducer trust
Certificate trust
Key legitimacy
Let us discuss these three concepts now:
(a) Introducer trust
We know that there is no hierarchical CA structure in PGP. Hence it is natural that the
ring of trust in PGP cannot be very large, if every user has to trust every other user in
the system. Think about this, in real life, we do not fully trust everyone.
To resolve this issue PGP provides for multiple level of trust. The number of level depends
on the decision of implementing PGP. However, for simplicity, let us say that we have
decided to implement three level of trust to an introducer. These three levels are none,
partial, and complete. The introducer trust then specifies what level of trust the
introducer wants to allocate to other user in the system. For example, Vishal may now say
that he fully trust Juhi, where Anita says she only partial trust Juhi. Juhi says that she
does not trust Harish, Harish suggest that he partially trust Anita in turn, and so on. This
scenario is shown in the below figure.
Vishal
Anita
Digital Certificate
User: Juhi
Trust: Full
Digital Certificate
User: Juhi
Trust: Partial
Juhi
Fig: Introducer Trust
Digital Certificate
User: Anita
Trust: Partial
Digital
Certificate
User: Harish
Trust: None
Harish
9
WWW.Prohackers.in (b) Certificate trust
When a user A receives a certificate of another user B issued by this ruder C, depending
on the level of trust that A has in C, A assign a certificate trust level to that certificate
while storing it. It is normally the same as the introducer trust level that issued the
certificate this is shown in the below figure.
Background Information: Vishal and Anita have issued certificate to Juhi, Juhi send these certificates to Harish, so that
Harish can extract Juhi’s public key out of any of those certificates and use it in communication with Juhi. However,
Harish does not trust Vishal at all, but trust Anita fully.
Fig: certificate Trust
Result: when Juhi sends the two certificates (issued by Vishal and Anita) to Harish, Harish adds them to his database of
certificate. It is actually the ring of public key of other users. Apart from adding them there, Harish record the fact that it
does not want to trust Juhi’s certificate issued by Vishal (because he does not trust Vishal), but want to trust Juhi’s
certificate issued by Anita (because he trust Anita)
10
WWW.Prohackers.in This concept is explained in the diagram. Let us take another example to ensure that
there is no confusion. Imagine that there is a set of users in the system. Assume that
Mahesh fully trust Naren, partially trust Ravi and Anmol, and has no trust in Amit.
i. Naren issue two certificates: one to Amrita (with public key K1) and another to
Pallavi (with public key K2). Mahesh stores the public key and certificates or Amrita
and Pallavi in his key ring of public keys with certificate trust level equal to fully.
ii. Ravi issues a certificate to Uday (with public key K3). Mahesh stores the public key
and certificate of Uday in his ring of public key with certificate trust level equal to
partial.
iii. Anmol Issue Two Certificates: one to Uday (with public key K3), and another to
Parag (with public Key K4). Mahesh stores the public keys and certificates of Uday
and Parag in his ring of public key with certificate trust level equal to partial. Note
that Mahesh has now two certificates for Uday, one issued by Ravi, and the other
issued by Anmol, both with partial level of certificate trust.
iv. Amit issue a certificate to Parag (with public key K4). Mahesh stores the public key
and certificate of Parag in his ring or public keys with certificate trust level equal
to none. Mahesh can also discard this certificate.
(c) Key legitimacy
The objective behind the introducer trust and certificate trust is to decide whether to
trust the public key of a user. In PGP terms, this is called Key Legitimacy. Mahesh needs
to know how legitimate are the public keys of Amrita, Pallavi, Uday, and Parag and so on.
PGP define the following the simple rule to decide the key legitimacy: the level of key
legitimacy for a user is the weighted trust level for that user. For example, suppose we
have assigned certain weights to certificate trust level, as shown in the below figure:
Weight Meaning
0 No trust
½ Partial trust
1 Complete or Full trust
11
WWW.Prohackers.in In this situation in order to trust a public key (i.e. certificate) of any other user, Mahesh
needs one fully trusted certificate or two partial trusted certificates. Thus Mahesh can
fully trust Amrita and Pallavi based on the certificates they had received from Naren.
Mahesh can also trust Uday, based on tow partial trusted certificates that Uday had
received from Ravi and Anmol.
2.5 Web Trust
The earlier discussion leads to a potential problem. What happens if nobody creates
certificate for fully or partially trusted entity? In our example, on what basis would we
trust Naren’s public key, if no one has created a certificate for Naren? To resolve this
problem, several schemes are possible in PGP, as outlined below.
(a) Mahesh can physically obtain the public key of Naren by meeting in person and
getting the key on a piece of paper or as a disk file.
(b) This can be done telephonic as well.
(c) Naren can email his public key to Mahesh. Both Naren and Mahesh compute the
message digest of this key. If MD5 is used, the result is a 16-byte digest. If SHA-1
is used, the result is 20-byte digest. In hexadecimal, the digest become a 32-digit
value in MD5, and a 40-digit value in SHA-1. This is displayed as 8 groups of 4-digit
value in MD5, and 10 groups of 4-digit values in SHA-1, and is called fingerprint.
Before Mahesh adds this public key of Naren to his ring, he can call up Naren to tell
him what fingerprint value he has obtained to cross-check with the fingerprint
value that is separately obtained by Naren. This ensures that the public key value is
not changed in the email transit. To make matters better, PGP assign a unique
English word to a 4-digit hexadecimal number group, so that instead of speaking out
the hexadecimal string of numbers, users can speak out normal English words as
define by PGP. For example PGP may assign a word India to a hexadecimal pattern of
4AOB, etc.
(d) Mahesh can obtain Naren’s public key from CA.
Regardless of the mechanism, eventually this process of obtaining key of other users and
sending our own to others creates which is called web of trust between groups of people.
12
WWW.Prohackers.in This keeps the public key ring getting bigger and bigger, and helps secure the email
communication
Whenever a user needs to revoke his/her public key (because of loss of private key, etc)
he/she needs to send a key revocation certificate to the other users. This certificate is
self-signed by the user with his/her private key.
Thanks for reading this presentation
Please give us your feedback at
Your feedback is most valuable for us for improving the presentation
You can also suggest the topic on which you want the presentation
Website: www.prohackers.in
FB page: www.facebook.com/theprohackers2017
Join FB Group: www.facebook.com/groups/group.prohackers/
Watch us on: www.youtube.com//channel/UCcyYSi1sh1SmyMlGfB-Vq6A
***Thanks***
Top Related