Venkatesh Iyer, profile picture
Uploaded byVenkatesh Iyer
PPT, PDF7,248 views

Network Security Primer

The document provides an overview of security topics including algorithms, encryption, digital signatures, certificates, and cryptography. It discusses the need for message security, privacy, authentication, integrity and non-repudiation. It then describes symmetric key cryptography, public key cryptography, digital signatures, key management, certificates, and security at the IP, transport and application layers including SSL/TLS, IPSec, PGP and S/MIME.

Technology
In this document
Powered by AI

Introduction to the Security Primer by Venkatesh Iyer, created on 30/11/2005.

Overview of security topics including algorithms, encryption, digital signatures, certificates, and key management.

Discusses the need for message security focusing on privacy, authentication, integrity, and non-repudiation.

Defines cryptography as 'secret writing', explains plaintext and ciphertext, and introduces symmetric and public key cryptography.

Explains symmetric key cryptography, its features, advantages (like efficiency), and disadvantages (key distribution issues).

Defines digital signatures, their features for integrity, authentication, non-repudiation, and the use of hash functions.

Discusses key management in symmetric systems and public key systems, focusing on session keys and the role of certificates.

Details on the X.509 certificate standard, including its fields and the chain of trust concept in certificate authorities.

Addresses security at the IP level through IPSec, adding headers for encryption and authentication.

Discusses SSL and TLS, protocols for secure connections, handshake processes, and how keys are managed.

Explains PGP (Pretty Good Privacy) functionalities for securing emails, focusing on hashing and digest methods.

Describes S/MIME’s working principle, usage of MIME types for cryptographic information, and includes sample signatures.

Provides references for further reading on cryptography, SSL/TSL implementation, and related topics.

Downloaded 1,287 times
A Security Primer Venkatesh Iyer Created: 30/11/2005
Security Topics Algorithms Encryption Digital Signatures Certificates Algorithms Encryption Key Mgmt PGP S/MIME SSL TLS IPSec Cryptography Symmetric Key Public Key
Need for message security Privacy Am I sure no body else knows this? Authentication Am I sure that the sender is genuine and not an imposter? Integrity Am I sure that the message has not been tampered on its way? Non-repudiation What will I do if the sender denies sending the message?
Cryptography
Cryptography Jargon Cryptography means “ Secret Writing ” Original message – plaintext Encrypted message – ciphertext Encryption and decryption algorithms – ciphers The number value that the cipher operates on – key Types Symmetric key cryptography Public key cryptography
Symmetric Key Cryptography Encrypt Network Decrypt Shared secret key Features Same key used by sender and receiver Algorithm for decryption is inverse of the algorithm used for encryption Alice Bob 1 2
Symmetric Key (contd.) Algorithms DES (Data Encryption Standard) Triple DES Advantages Efficient algorithms (takes less time to encrypt and decrypt) Simple Disadvantages Each pair must have unique keys. i.e. N people will require N(N-1)/2 keys Distribution of keys between two parties can be difficult
Public Key Cryptography Encrypt Network Decrypt Bob’s public key Alice Bob Bob’s private key To the public 1 2 Features There are two keys: a private key and a public key The private key is kept by the receiver and the public key is announced to the public
Public Key (contd.) Algorithms RSA (Rivest, Shamir and Adleman) Advantages Need to distribute only the public key. Private key can be safely kept Lesser number of keys i.e. 1 million users may need only 2 million keys (as compared to 500 billion, if they use symmetric key cryptography) Disadvantages Complex algorithms Association between the public key and the entity must be verified (need for certificates)
Digital Signatures Features Enables integrity, authentication and non-repudiation Private keys are used to sign a message (or hash) Public keys are used to verify the signatures Hash Functions Signing the whole message is inefficient Hash functions are used to create a unique digest of the message Popular hashing algorithms are SHA-1 (secure hash algorithm) and MD5 (message digest)
Digital Signatures (contd.) Alice Hash Function Digest Encrypt Alice’s private key + Signed Digest Message plus Signed Digest To Bob 1 2 3 Sender site
Digital Signatures (contd.) Receiver site Bob From Alice Decrypt Hash Function Digest Alice’s public key Digest X Compare 4 5 6
Key Management In symmetric key systems: We need a mechanism to share the key between sender and receiver, and also reduce the number of keys In some cases, public key systems also use symmetric key to encrypt a message and encrypt the key using public key Solution: session keys. Symmetric keys are created for a session and destroyed when the session is over Techniques for key management: Deffie Hellman method Key distribution center (Needham-Schroeder protocol and Otway-Rees protocol)
Key Management (contd.) In public key systems: Alice needs to know whether Bob’s public key is genuine Solution: Certificates Bob goes to a Certification Authority (CA), e.g. VeriSign, which binds Bob’s public key to an entity called certificate . Certificate is signed by CA, which has a well known public key, and hence cannot be forged. Alice can verify the CA’s signature and hence be sure about Bob’s public key
Certificates Certificate is described by X.509 protocol X.509 uses ASN.1 (Abstract Syntax Notation 1) to define the fields X.509 fields: The subject public key and the algorithms that use it Public Key The entity whose public key is being certified Subject Name Start and end period that certificate is valid Validity Period The name of the CA defined by X.509 Issuer The certificate signature Signature The unique identifier used by the CA Serial Number Version number of X.509 Version Explanation Field
Chain of Trust Query propagation similar to DNS queries At any level, the CA can certify performance of CAs in the next level i.e. level-1 CA can certify level-2 CAs. Thumb-rule : Everyone trusts Root CA Root CA Level-1 CA 1 Level-2 CA 3 Level-2 CA 4 Level-2 CA 5 Level-2 CA 6 Level-2 CA 2 Level-2 CA 1 Level-1 CA 2
Security at IP Level
IPSec – IP Security Secures the IP packet by adding additional header Selection of encryption, authentication and hashing methods left to the user It requires a logical connection between two hosts, achieved using Security Association (SA) An SA is defined by: A 32-bit security parameter index (SPI) Protocol type: Authentication Header (AH) Or Encapsulating Security Payload (ESP) The source IP address IP Header IPSec Header Rest of the Packet New IP Header IP Header IPSec Header Rest of the Packet Transport Mode Tunnel Mode OR
Security at Transport Layer
Secure Sockets Layer (SSL) Developed by Netscape Used to establish secure connection between two parties Protocol similar to TLS (p.t.o) OpenSSL ( www.openssl.org ) provides libraries which implement SSL and TLS Several application layer security protocols run on top of SSL. E.g. Secure HTTP (https)
Transport Layer Security (TLS) Designed by IETF; derived from SSL Lies on top of Transport layer Uses two protocols: Handshake Protocol Data exchange protocol Uses secret key to encrypt data. Secret key already shared during handshake Hello Certificate Secret key End Handshaking Encrypted Ack Client Server
Transport Layer Security (TLS) Designed by IETF; derived from SSL Lies on top of Transport layer Uses two protocols: Handshake Protocol Data exchange protocol Uses secret key to encrypt data. Secret key already shared during handshake Hello Certificate Secret key End Handshaking Encrypted Ack Client Server Browser sends a hello message that includes TLS version and other preferences
Transport Layer Security (TLS) Designed by IETF; derived from SSL Lies on top of Transport layer Uses two protocols: Handshake Protocol Data exchange protocol Uses secret key to encrypt data. Secret key already shared during handshake Hello Certificate Secret key End Handshaking Encrypted Ack Client Server Server sends a certificate that has its public key
Transport Layer Security (TLS) Designed by IETF; derived from SSL Lies on top of Transport layer Uses two protocols: Handshake Protocol Data exchange protocol Uses secret key to encrypt data. Secret key already shared during handshake Hello Certificate Secret key End Handshaking Encrypted Ack Client Server Browser verifies the certificate. It generates a session key , encrypts with server’s public key and sends it to the server
Transport Layer Security (TLS) Designed by IETF; derived from SSL Lies on top of Transport layer Uses two protocols: Handshake Protocol Data exchange protocol Uses secret key to encrypt data. Secret key already shared during handshake Hello Certificate Secret key End Handshaking Encrypted Ack Client Server Browser sends handshake terminating message, encrypted by the secret key
Transport Layer Security (TLS) Designed by IETF; derived from SSL Lies on top of Transport layer Uses two protocols: Handshake Protocol Data exchange protocol Uses secret key to encrypt data. Secret key already shared during handshake Hello Certificate Secret key End Handshaking Encrypted Ack Client Server Server decrypts secret key with its private key. Uses secret key to decode message ad sends encrypted ack
Security at Application Layer
Pretty Good Privacy (PGP) Alice Hash Function Digest Encrypt Alice’s private key + Signed Digest Message plus Signed Digest Encrypted (secret key & message + digest) to Bob 1 2 3 Encrypt Bob’s public key Encrypt One-time secret key + 4 5 6 Sender site
Pretty Good Privacy (PGP) Alice Hash Function Digest Encrypt Alice’s private key + Signed Digest Message plus Signed Digest Encrypted (secret key & message + digest) to Bob 1 2 3 Encrypt Bob’s public key Encrypt One-time secret key + 4 5 6 Sender site Email message is hashed to create digest
Pretty Good Privacy (PGP) Alice Hash Function Digest Encrypt Alice’s private key + Signed Digest Message plus Signed Digest Encrypted (secret key & message + digest) to Bob 1 2 3 Encrypt Bob’s public key Encrypt One-time secret key + 4 5 6 Sender site Digest is encrypted using Alice’s private key
Pretty Good Privacy (PGP) Alice Hash Function Digest Encrypt Alice’s private key + Signed Digest Message plus Signed Digest Encrypted (secret key & message + digest) to Bob 1 2 3 Encrypt Bob’s public key Encrypt One-time secret key + 4 5 6 Sender site Signed digest added to the message
Pretty Good Privacy (PGP) Alice Hash Function Digest Encrypt Alice’s private key + Signed Digest Message plus Signed Digest Encrypted (secret key & message + digest) to Bob 1 2 3 Encrypt Bob’s public key Encrypt One-time secret key + 4 5 6 Sender site The message and digest are encrypted using one time secret key created by Alice
Pretty Good Privacy (PGP) Alice Hash Function Digest Encrypt Alice’s private key + Signed Digest Message plus Signed Digest Encrypted (secret key & message + digest) to Bob 1 2 3 Encrypt Bob’s public key Encrypt One-time secret key + 4 5 6 Sender site The secret key is encrypted using Bob’s public key
Pretty Good Privacy (PGP) Alice Hash Function Digest Encrypt Alice’s private key + Signed Digest Message plus Signed Digest Encrypted (secret key & message + digest) to Bob 1 2 3 Encrypt Bob’s public key Encrypt One-time secret key + 4 5 6 Sender site The encrypted message, digest and secret key is sent to Bob
PGP (contd.) Receiver site Bob Decrypt Hash Function Digest Alice’s public key Digest X Compare 9 10 11 Encrypted (secret key & message + digest) Bob’s private key Decrypt Decrypt Encrypted (message + digest) One-time secret key 7 8
PGP (contd.) Receiver site Bob Decrypt Hash Function Digest Alice’s public key Digest X Compare 9 10 11 Encrypted (secret key & message + digest) Bob’s private key Decrypt Decrypt Encrypted (message + digest) One-time secret key 7 8 Bob decrypts the secret key with his private key
PGP (contd.) Receiver site Bob Decrypt Hash Function Digest Alice’s public key Digest X Compare 9 10 11 Encrypted (secret key & message + digest) Bob’s private key Decrypt Decrypt Encrypted (message + digest) One-time secret key 7 8 Bob decrypts the encrypted message and digest using the decrypted secret key
PGP (contd.) Receiver site Bob Decrypt Hash Function Digest Alice’s public key Digest X Compare 9 10 11 Encrypted (secret key & message + digest) Bob’s private key Decrypt Decrypt Encrypted (message + digest) One-time secret key 7 8 Bob decrypts the encrypted digest with Alice’s public key
PGP (contd.) Receiver site Bob Decrypt Hash Function Digest Alice’s public key Digest X Compare 9 10 11 Encrypted (secret key & message + digest) Bob’s private key Decrypt Decrypt Encrypted (message + digest) One-time secret key 7 8 Bob hashes the received message to create a digest (for message integrity)
PGP (contd.) Receiver site Bob Decrypt Hash Function Digest Alice’s public key Digest X Compare 9 10 11 Encrypted (secret key & message + digest) Bob’s private key Decrypt Decrypt Encrypted (message + digest) One-time secret key 7 8 The two digests are compared, thus providing authentication and integrity
Sample PGP Signature From: alice@wonderland.com Date: Mon, 16 Nov 1998 19:03:30 -0600 Subject: Message signed with PGP MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Content-Description: "cc:Mail Note Part" -----BEGIN PGP SIGNED MESSAGE----- Bob, This is a message signed with PGP, so you can see how much overhead PGP signatues introduce. Compare this with a similar message signed with S/MIME. Alice -----BEGIN PGP SIGNATURE----- Version: PGP for Personal Privacy 5.0 Charset: noconv iQCVAwUBM+oTwFcsAarXHFeRAQEsJgP/X3noON57U/6XVygOFjSY5lTpvAduPZ8M aIFalUkCNuLLGxmtsbwRiDWLtCeWG3k+7zXDfx4YxuUcofGJn0QaTlk8b3nxADL0 O/EIvC/k8zJ6aGaPLB7rTIizamGOt5n6/08rPwwVkRB03tmT8UNMAUCgoM02d6HX rKvnc2aBPFI= =mUaH -----END PGP SIGNATURE-----
S/MIME Working principle similar to PGP S/MIME uses multipart MIME type to include the cryptographic information with the message S/MIME uses Cryptographic Message Syntax (CMS) to specify the cryptographic information Creating S/MIME message: MIME Entity CMS Object S/MIME Certificates Algo identifiers CMS Processing MIME Wrapping
Sample SMIME Signature From: alice@wonderland.com Date: Mon, 16 Nov 1998 19:03:08 -0600 Subject: Message signed with S/MIME MIME-Version: 1.0 Content-Type: multipart/mixed ; boundary="simple boundary" --simple boundary Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Content-Description: "cc:Mail Note Part" Bob, This is a message signed with S/MIME, so you can see how much overhead S/MIME signatures introduce. Compare this with a similar message signed with PGP. Alice --simple boundary Content-Type: application/octet-stream; name="smime.p7s" Content-Transfer-Encoding: base64 Content-Disposition: attachment; filename="smime.p7s" MIIQQwYJKoZIhvcNAQcCoIIQNDCCEDACAQExCzAJBgUrDgMCGgUAMAsGCSqGSIb3DQEHAaCCDnww ggnGMIIJL6ADAgECAhBQQRR9a+DX0FHXfQOVHQhPMA0GCSqGSIb3DQEBBAUAMGIxETAPBgNVBAcT CEludGVybmV0MRcwFQYDVQQKEw5WZXJpU2lnbiwgSW5jLjE0MDIGA1UECxMrVmVyaVNpZ24gQ2xh c3MgMSBDQSAtIEluZGl2aWR1YWwgU3Vic2NyaWJlcjAeFw05NzAxMjcwMDAwMDBaFw05ODAxMjcy MzU5NTlaMIIBFzERMA8GA1UEBxMISW50ZXJuZXQxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMTQw MgYDVQQLEytWZXJpU2lnbiBDbGFzcyAxIENBIC0gSW5kaXZpZHVhbCBTdWJzY3JpYmVyMUYwRAYD
Sample SMIME Signature UzEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xNzA1BgNVBAsTLkNsYXNzIDEgUHVibGljIFByaW1h cnkgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNOTYwNjI3MDAwMDAwWhcNOTkwNjI3MjM1OTU5 WjBiMREwDwYDVQQHEwhJbnRlcm5ldDEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xNDAyBgNVBAsT K1ZlcmlTaWduIENsYXNzIDEgQ0EgLSBJbmRpdmlkdWFsIFN1YnNjcmliZXIwgZ8wDQYJKoZIhvcN AQEBBQADgY0AMIGJAoGBALYUps9N0AUN2Moj0G+qtCmSY44s+G+W1y6ddksRsTaNV8nD/RzGuv4e CLozypXqvuNbzQaot3kdRCrtc/KxUoNoEHBkkdc+a/n3XZ0UQ5tul0WYgUfRLcvdu3LXTD9xquJA 8lQ5vBbuz3zsuts/bCqzFrGGEp2ukzTVuNXQ9z6pAgMBAAGjMzAxMA8GA1UdEwQIMAYBAf8CAQEw CwYDVR0PBAQDAgEGMBEGCWCGSAGG+EIBAQQEAwIBBjANBgkqhkiG9w0BAQIFAAOBgQDB+vcC51fK EXXGnAz6K3dPh0UXO+PSwdoPWDmOrpWZA6GooTj+eZqTFwuXhjnHymg0ZrvHiEX2yAwF7r6XJe/g 1G7kf512XM59uhSirguf+2dbSKVnJa8ZZIj2ctgpJ6o3EmqxKK8ngxhlbI3tQJ5NxHiohuzpLFC/ pvkN27CmSjCCAjEwggGaAgUCpAAAATANBgkqhkiG9w0BAQIFADBfMQswCQYDVQQGEwJVUzEXMBUG A1UEChMOVmVyaVNpZ24sIEluYy4xNzA1BgNVBAsTLkNsYXNzIDEgUHVibGljIFByaW1hcnkgQ2Vy dGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNOTYwMTI5MDAwMDAwWhcNOTkxMjMxMjM1OTU5WjBfMQsw CQYDVQQGEwJVUzEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xNzA1BgNVBAsTLkNsYXNzIDEgUHVi bGljIFByaW1hcnkgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwgZ8wDQYJKoZIhvcNAQEBBQADgY0A MIGJAoGBAOUZv22jVmEtmUhx9mfeuY3rt56GgAqRDvo4Ja9GiILlc6igmyRdDR/MZW4MsNBWhBiH mgabEKFz37RYOWtuwfYV1aioP6oSBo0xrH+wNNePNGeICc0UEeJORVZpH3gCgNrcR5EpuzbJY1zF 4Ncth3uhtzKwezC6Ki8xqu6jZ9rbAgMBAAEwDQYJKoZIhvcNAQECBQADgYEAUnO6mlXc3D+CfbCQ mGIqgkx2AG4lPdXCCXBXAQwPdx8YofscYA6gdTtJIUH+p1wtTEJJ0/8o2Izqnf7JB+J3glMj3lXz zkST+vpMvco281tmsp7I8gxeXtShtCEJM8o7WfySwjj8rdmWJOAt+qMp9TNoeE60vJ9pNeKomJRz O8QxggGPMIIBiwIBATB2MGIxETAPBgNVBAcTCEludGVybmV0MRcwFQYDVQQKEw5WZXJpU2lnbiwg SW5jLjE0MDIGA1UECxMrVmVyaVNpZ24gQ2xhc3MgMSBDQSAtIEluZGl2aWR1YWwgU3Vic2NyaWJl cgIQUEEUfWvg19BR130DlR0ITzAJBgUrDgMCGgUAoIGxMBgGCSqGSIb3DQEJAzELBgkqhkiG9w0B BwEwIwYJKoZIhvcNAQkEMRYEFE5W9YE9GtbjlD5A52LLaEi96zCKMBwGCSqGSIb3DQEJBTEPFw05 NzA4MDcxODQwMTBaMFIGCSqGSIb3DQEJDzFFMEMwCgYIKoZIhvcNAwcwDgYIKoZIhvcNAwICAgCA MAcGBSsOAwIHMA0GCCqGSIb3DQMCAgFAMA0GCCqGSIb3DQMCAgEoMA0GCSqGSIb3DQEBAQUABEDI 3mvHr3SAJkdoMqxZnSjJ+5gfZABJGQVOfyEfcKncY/RYFvWuHBAEBySImIQZjMgMNrQLL7QXJ/eI xIwDet+c --simple boundary--
References
References Overview of cryptography: www.rsalabs.com/faq/ http://www.faqs.org/faqs/cryptography-faq/part06/ Implementation of SSL and TSL: www.openssl.org S/MIME Internet task force: www.imc.org/ietf-smime/index.html Relationship between S/MIME and PGP/MIME: www.imc.org/smime-pgpmime.html

More Related Content

PPT
Introduction To PKI Technology
bySylvain Maret
 
PPT
Ch15
byJoe Christensen
 
PPT
6. cryptography
by7wounders
 
PPT
Cryptography
byIGZ Software house
 
PPT
Cryptography Fundamentals
byDuy Do Phan
 
PPT
Digital signature
byAJAL A J
 
PPSX
Digital signature
byNisha Menon K
 
PDF
Digital signatures
byIshwar Dayal
 
Introduction To PKI Technology
bySylvain Maret
 
Ch15
byJoe Christensen
 
6. cryptography
by7wounders
 
Cryptography
byIGZ Software house
 
Cryptography Fundamentals
byDuy Do Phan
 
Digital signature
byAJAL A J
 
Digital signature
byNisha Menon K
 
Digital signatures
byIshwar Dayal
 

What's hot

PPT
Pgp
byReham Maher El-Safarini
 
PDF
Introduction to Cryptography
bySeema Goel
 
PDF
SSL/TLS Handshake
byArpit Agarwal
 
PPT
Cryptography
byamiable_indian
 
PPTX
3 public key cryptography
byRutvik Mehta
 
PPTX
Ssl in a nutshell
byFrank Kelly
 
PPT
Digital Signature
bysaurav5884
 
PDF
Electronic mail security
byDr.Florence Dayana
 
PPTX
Digital signature
byPraseela R
 
PPTX
SSL TLS Protocol
byDevang Badrakiya
 
PPTX
Cryptography
bysubodh pawar
 
PPT
Email Security : PGP & SMIME
byRohit Soni
 
PPT
Fundamentals of cryptography
byHossain Md Shakhawat
 
PDF
Cryptography
byKalyani Government Engineering College
 
PPT
Symmetric & Asymmetric Cryptography
bychauhankapil
 
PPTX
Cryptography and applications
bythai
 
PPTX
Digital signatures
byReachLocal Services India
 
PPTX
Digital certificates
bySimmi Kamra
 
PPTX
RSA ALGORITHM
bySathish Kumar
 
PPTX
Rc4
byAmjad Rehman
 
Pgp
byReham Maher El-Safarini
 
Introduction to Cryptography
bySeema Goel
 
SSL/TLS Handshake
byArpit Agarwal
 
Cryptography
byamiable_indian
 
3 public key cryptography
byRutvik Mehta
 
Ssl in a nutshell
byFrank Kelly
 
Digital Signature
bysaurav5884
 
Electronic mail security
byDr.Florence Dayana
 
Digital signature
byPraseela R
 
SSL TLS Protocol
byDevang Badrakiya
 
Cryptography
bysubodh pawar
 
Email Security : PGP & SMIME
byRohit Soni
 
Fundamentals of cryptography
byHossain Md Shakhawat
 
Cryptography
byKalyani Government Engineering College
 
Symmetric & Asymmetric Cryptography
bychauhankapil
 
Cryptography and applications
bythai
 
Digital signatures
byReachLocal Services India
 
Digital certificates
bySimmi Kamra
 
RSA ALGORITHM
bySathish Kumar
 
Rc4
byAmjad Rehman
 

Viewers also liked

PPT
Digital signature
byHossain Md Shakhawat
 
PPTX
pgp s mime
byChirag Patel
 
PPTX
Email security - Netwroking
bySalman Memon
 
PPSX
Intrusion detection system
bygaurav koriya
 
PPT
Intrusion detection system ppt
bySheetal Verma
 
PPTX
Information security: importance of having defined policy & process
byInformation Technology Society Nepal
 
PPTX
Computer security threats & prevention
byPriSim
 
PPSX
Email Security
byselvakumar_b1985
 
PPTX
Importance Of A Security Policy
bycharlesgarrett
 
PPTX
Threats to information security
byarun alfie
 
PPT
Email and web security
byshahhardik27
 
PPTX
Threats to Information Resources - MIS - Shimna
byChinnu Shimna
 
PPT
Graphics programming in Java
byTushar B Kute
 
PPS
Packages and inbuilt classes of java
bykamal kotecha
 
PPT
Java packages
byRaja Sekhar
 
PPTX
Microsoft Hololens
byarun alfie
 
Digital signature
byHossain Md Shakhawat
 
pgp s mime
byChirag Patel
 
Email security - Netwroking
bySalman Memon
 
Intrusion detection system
bygaurav koriya
 
Intrusion detection system ppt
bySheetal Verma
 
Information security: importance of having defined policy & process
byInformation Technology Society Nepal
 
Computer security threats & prevention
byPriSim
 
Email Security
byselvakumar_b1985
 
Importance Of A Security Policy
bycharlesgarrett
 
Threats to information security
byarun alfie
 
Email and web security
byshahhardik27
 
Threats to Information Resources - MIS - Shimna
byChinnu Shimna
 
Graphics programming in Java
byTushar B Kute
 
Packages and inbuilt classes of java
bykamal kotecha
 
Java packages
byRaja Sekhar
 
Microsoft Hololens
byarun alfie
 

Similar to Network Security Primer

PPTX
Basic Cryptography unit 4 CSS
byDr. SURBHI SAROHA
 
PDF
CS6701 CRYPTOGRAPHY AND NETWORK SECURITY
byKathirvel Ayyaswamy
 
PPTX
CRYPTOGRAPHY AND NETWORK SECURITY- E-Mail Security
byJyothishmathi Institute of Technology and Science Karimnagar
 
PDF
18CS2005 Cryptography and Network Security
byKathirvel Ayyaswamy
 
PPT
unit6.ppt
bySrinivas Devulapalli
 
PDF
information security by cryptography sid
byfaiziikanwal47
 
PPT
chapter 15-Network and Security-By-MIT.ppt
byKamranHussainAwan
 
PDF
CNS ppt.pdf
byChaitanyaK65
 
PPT
chap15 cryptography and network security.ppt
byubaidullah75790
 
PPT
Crypt
bysachincrazy
 
PPT
ch15 (1).ppt
bySunilKatkar5
 
PDF
TLS/SSL Protocol Design 201006
byNate Lawson
 
PDF
TLS/SSL Protocol Design
byNate Lawson
 
PPT
SSl and certificates
byNetri Chowdhary
 
PDF
PBU-Intro_to_PGP
byauremoser
 
PPT
What is Encryption
byIsrael Marcus
 
PPT
ch15.ppt
byssuser6602e0
 
PPT
ch15.ppt
bywitscollege
 
PPT
Secure Communication (Distributed computing)
bySri Prasanna
 
PPT
1329 n 9460
bykicknit123
 
Basic Cryptography unit 4 CSS
byDr. SURBHI SAROHA
 
CS6701 CRYPTOGRAPHY AND NETWORK SECURITY
byKathirvel Ayyaswamy
 
CRYPTOGRAPHY AND NETWORK SECURITY- E-Mail Security
byJyothishmathi Institute of Technology and Science Karimnagar
 
18CS2005 Cryptography and Network Security
byKathirvel Ayyaswamy
 
unit6.ppt
bySrinivas Devulapalli
 
information security by cryptography sid
byfaiziikanwal47
 
chapter 15-Network and Security-By-MIT.ppt
byKamranHussainAwan
 
CNS ppt.pdf
byChaitanyaK65
 
chap15 cryptography and network security.ppt
byubaidullah75790
 
Crypt
bysachincrazy
 
ch15 (1).ppt
bySunilKatkar5
 
TLS/SSL Protocol Design 201006
byNate Lawson
 
TLS/SSL Protocol Design
byNate Lawson
 
SSl and certificates
byNetri Chowdhary
 
PBU-Intro_to_PGP
byauremoser
 
What is Encryption
byIsrael Marcus
 
ch15.ppt
byssuser6602e0
 
ch15.ppt
bywitscollege
 
Secure Communication (Distributed computing)
bySri Prasanna
 
1329 n 9460
bykicknit123
 

Recently uploaded

PDF
PDF Security Intelligence Platform | Cybersecurity Project by Ashish Patil
byAshishPatil495087
 
PDF
Do more with the HP Z2 Mini G1a
byPrincipled Technologies
 
PDF
Session 4 - Agentic Testing with UiPath Agents
byDianaGray10
 
PPTX
Your First Deep Learning project With CNN (workshop).pptx
byMuhammad Fahad Bashir
 
PDF
Supercharge Your JVM with Project Leyden
byAna-Maria Mihalceanu
 
PDF
Unleash AI power with the Dell Pro 14 Plus - Interactive PDF
byPrincipled Technologies
 
PDF
RR B.Ed. educational trust. Ashish Tiwari
byat386834
 
PPTX
A GREEN BUSINESS TOOLKIT FOR EARLY-STAGE ENTREPRENEURS (1).pptx.pptx
bylearnskillsofficial1
 
PDF
Transform Your Online Store with AltiusNxt AI Enriched data
byAltiusNxt Technologies
 
PPTX
Enhancing Web Security: Key Concepts & Strategies.pptx
byParham Abolghasemi
 
PPTX
Expanding Your Toolbox: Beginners Guide to Controlling Kubernetes Logs
byEric D. Schabell
 
PDF
Database Performance at Scale: The TL;DR
byScyllaDB
 
PPSX
AppSec Role Based Training OWASP Global AppSec USA 2025-11-06
byRobert Grupe, CSSLP CISSP PE PMP
 
PDF
Private Governance: How Decentralized Mechanisms Can Regulate the Crypto Economy
byFederico Ast
 
PDF
Control Access to Files - RHCSA (RH124).pdf
byLinuxCert Guru
 
PPTX
Odoo_by_Infinys_All_in_One_Business_Solution_for_Small_Companies.pptx
byAgusto Sipahutar
 
PPTX
Getting Started with MSP360 Backup for M365/Google
byMSP360
 
PDF
Manage Local Users and Groups - RHCSA (RH124)
byLinuxCert Guru
 
PDF
"Visual Guide to DSA: Big O Notation, Data Structures, and Algorithms Fundame...
byNusrat Gulbarga
 
PPTX
Bulwark Pokemon League Top 8 graphic archive
byGc Howard
 
PDF Security Intelligence Platform | Cybersecurity Project by Ashish Patil
byAshishPatil495087
 
Do more with the HP Z2 Mini G1a
byPrincipled Technologies
 
Session 4 - Agentic Testing with UiPath Agents
byDianaGray10
 
Your First Deep Learning project With CNN (workshop).pptx
byMuhammad Fahad Bashir
 
Supercharge Your JVM with Project Leyden
byAna-Maria Mihalceanu
 
Unleash AI power with the Dell Pro 14 Plus - Interactive PDF
byPrincipled Technologies
 
RR B.Ed. educational trust. Ashish Tiwari
byat386834
 
A GREEN BUSINESS TOOLKIT FOR EARLY-STAGE ENTREPRENEURS (1).pptx.pptx
bylearnskillsofficial1
 
Transform Your Online Store with AltiusNxt AI Enriched data
byAltiusNxt Technologies
 
Enhancing Web Security: Key Concepts & Strategies.pptx
byParham Abolghasemi
 
Expanding Your Toolbox: Beginners Guide to Controlling Kubernetes Logs
byEric D. Schabell
 
Database Performance at Scale: The TL;DR
byScyllaDB
 
AppSec Role Based Training OWASP Global AppSec USA 2025-11-06
byRobert Grupe, CSSLP CISSP PE PMP
 
Private Governance: How Decentralized Mechanisms Can Regulate the Crypto Economy
byFederico Ast
 
Control Access to Files - RHCSA (RH124).pdf
byLinuxCert Guru
 
Odoo_by_Infinys_All_in_One_Business_Solution_for_Small_Companies.pptx
byAgusto Sipahutar
 
Getting Started with MSP360 Backup for M365/Google
byMSP360
 
Manage Local Users and Groups - RHCSA (RH124)
byLinuxCert Guru
 
"Visual Guide to DSA: Big O Notation, Data Structures, and Algorithms Fundame...
byNusrat Gulbarga
 
Bulwark Pokemon League Top 8 graphic archive
byGc Howard
 

Network Security Primer

  • 1.
    A Security PrimerVenkatesh Iyer Created: 30/11/2005
  • 2.
    Security Topics AlgorithmsEncryption Digital Signatures Certificates Algorithms Encryption Key Mgmt PGP S/MIME SSL TLS IPSec Cryptography Symmetric Key Public Key
  • 3.
    Need for messagesecurity Privacy Am I sure no body else knows this? Authentication Am I sure that the sender is genuine and not an imposter? Integrity Am I sure that the message has not been tampered on its way? Non-repudiation What will I do if the sender denies sending the message?
  • 4.
  • 5.
    Cryptography JargonCryptography means “ Secret Writing ” Original message – plaintext Encrypted message – ciphertext Encryption and decryption algorithms – ciphers The number value that the cipher operates on – key Types Symmetric key cryptography Public key cryptography
  • 6.
    Symmetric Key CryptographyEncrypt Network Decrypt Shared secret key Features Same key used by sender and receiver Algorithm for decryption is inverse of the algorithm used for encryption Alice Bob 1 2
  • 7.
    Symmetric Key (contd.)Algorithms DES (Data Encryption Standard) Triple DES Advantages Efficient algorithms (takes less time to encrypt and decrypt) Simple Disadvantages Each pair must have unique keys. i.e. N people will require N(N-1)/2 keys Distribution of keys between two parties can be difficult
  • 8.
    Public Key CryptographyEncrypt Network Decrypt Bob’s public key Alice Bob Bob’s private key To the public 1 2 Features There are two keys: a private key and a public key The private key is kept by the receiver and the public key is announced to the public
  • 9.
    Public Key (contd.)Algorithms RSA (Rivest, Shamir and Adleman) Advantages Need to distribute only the public key. Private key can be safely kept Lesser number of keys i.e. 1 million users may need only 2 million keys (as compared to 500 billion, if they use symmetric key cryptography) Disadvantages Complex algorithms Association between the public key and the entity must be verified (need for certificates)
  • 10.
    Digital Signatures FeaturesEnables integrity, authentication and non-repudiation Private keys are used to sign a message (or hash) Public keys are used to verify the signatures Hash Functions Signing the whole message is inefficient Hash functions are used to create a unique digest of the message Popular hashing algorithms are SHA-1 (secure hash algorithm) and MD5 (message digest)
  • 11.
    Digital Signatures (contd.)Alice Hash Function Digest Encrypt Alice’s private key + Signed Digest Message plus Signed Digest To Bob 1 2 3 Sender site
  • 12.
    Digital Signatures (contd.)Receiver site Bob From Alice Decrypt Hash Function Digest Alice’s public key Digest X Compare 4 5 6
  • 13.
    Key Management Insymmetric key systems: We need a mechanism to share the key between sender and receiver, and also reduce the number of keys In some cases, public key systems also use symmetric key to encrypt a message and encrypt the key using public key Solution: session keys. Symmetric keys are created for a session and destroyed when the session is over Techniques for key management: Deffie Hellman method Key distribution center (Needham-Schroeder protocol and Otway-Rees protocol)
  • 14.
    Key Management (contd.)In public key systems: Alice needs to know whether Bob’s public key is genuine Solution: Certificates Bob goes to a Certification Authority (CA), e.g. VeriSign, which binds Bob’s public key to an entity called certificate . Certificate is signed by CA, which has a well known public key, and hence cannot be forged. Alice can verify the CA’s signature and hence be sure about Bob’s public key
  • 15.
    Certificates Certificate isdescribed by X.509 protocol X.509 uses ASN.1 (Abstract Syntax Notation 1) to define the fields X.509 fields: The subject public key and the algorithms that use it Public Key The entity whose public key is being certified Subject Name Start and end period that certificate is valid Validity Period The name of the CA defined by X.509 Issuer The certificate signature Signature The unique identifier used by the CA Serial Number Version number of X.509 Version Explanation Field
  • 16.
    Chain of TrustQuery propagation similar to DNS queries At any level, the CA can certify performance of CAs in the next level i.e. level-1 CA can certify level-2 CAs. Thumb-rule : Everyone trusts Root CA Root CA Level-1 CA 1 Level-2 CA 3 Level-2 CA 4 Level-2 CA 5 Level-2 CA 6 Level-2 CA 2 Level-2 CA 1 Level-1 CA 2
  • 17.
  • 18.
    IPSec – IPSecurity Secures the IP packet by adding additional header Selection of encryption, authentication and hashing methods left to the user It requires a logical connection between two hosts, achieved using Security Association (SA) An SA is defined by: A 32-bit security parameter index (SPI) Protocol type: Authentication Header (AH) Or Encapsulating Security Payload (ESP) The source IP address IP Header IPSec Header Rest of the Packet New IP Header IP Header IPSec Header Rest of the Packet Transport Mode Tunnel Mode OR
  • 19.
  • 20.
    Secure Sockets Layer(SSL) Developed by Netscape Used to establish secure connection between two parties Protocol similar to TLS (p.t.o) OpenSSL ( www.openssl.org ) provides libraries which implement SSL and TLS Several application layer security protocols run on top of SSL. E.g. Secure HTTP (https)
  • 21.
    Transport Layer Security(TLS) Designed by IETF; derived from SSL Lies on top of Transport layer Uses two protocols: Handshake Protocol Data exchange protocol Uses secret key to encrypt data. Secret key already shared during handshake Hello Certificate Secret key End Handshaking Encrypted Ack Client Server
  • 22.
    Transport Layer Security(TLS) Designed by IETF; derived from SSL Lies on top of Transport layer Uses two protocols: Handshake Protocol Data exchange protocol Uses secret key to encrypt data. Secret key already shared during handshake Hello Certificate Secret key End Handshaking Encrypted Ack Client Server Browser sends a hello message that includes TLS version and other preferences
  • 23.
    Transport Layer Security(TLS) Designed by IETF; derived from SSL Lies on top of Transport layer Uses two protocols: Handshake Protocol Data exchange protocol Uses secret key to encrypt data. Secret key already shared during handshake Hello Certificate Secret key End Handshaking Encrypted Ack Client Server Server sends a certificate that has its public key
  • 24.
    Transport Layer Security(TLS) Designed by IETF; derived from SSL Lies on top of Transport layer Uses two protocols: Handshake Protocol Data exchange protocol Uses secret key to encrypt data. Secret key already shared during handshake Hello Certificate Secret key End Handshaking Encrypted Ack Client Server Browser verifies the certificate. It generates a session key , encrypts with server’s public key and sends it to the server
  • 25.
    Transport Layer Security(TLS) Designed by IETF; derived from SSL Lies on top of Transport layer Uses two protocols: Handshake Protocol Data exchange protocol Uses secret key to encrypt data. Secret key already shared during handshake Hello Certificate Secret key End Handshaking Encrypted Ack Client Server Browser sends handshake terminating message, encrypted by the secret key
  • 26.
    Transport Layer Security(TLS) Designed by IETF; derived from SSL Lies on top of Transport layer Uses two protocols: Handshake Protocol Data exchange protocol Uses secret key to encrypt data. Secret key already shared during handshake Hello Certificate Secret key End Handshaking Encrypted Ack Client Server Server decrypts secret key with its private key. Uses secret key to decode message ad sends encrypted ack
  • 27.
  • 28.
    Pretty Good Privacy(PGP) Alice Hash Function Digest Encrypt Alice’s private key + Signed Digest Message plus Signed Digest Encrypted (secret key & message + digest) to Bob 1 2 3 Encrypt Bob’s public key Encrypt One-time secret key + 4 5 6 Sender site
  • 29.
    Pretty Good Privacy(PGP) Alice Hash Function Digest Encrypt Alice’s private key + Signed Digest Message plus Signed Digest Encrypted (secret key & message + digest) to Bob 1 2 3 Encrypt Bob’s public key Encrypt One-time secret key + 4 5 6 Sender site Email message is hashed to create digest
  • 30.
    Pretty Good Privacy(PGP) Alice Hash Function Digest Encrypt Alice’s private key + Signed Digest Message plus Signed Digest Encrypted (secret key & message + digest) to Bob 1 2 3 Encrypt Bob’s public key Encrypt One-time secret key + 4 5 6 Sender site Digest is encrypted using Alice’s private key
  • 31.
    Pretty Good Privacy(PGP) Alice Hash Function Digest Encrypt Alice’s private key + Signed Digest Message plus Signed Digest Encrypted (secret key & message + digest) to Bob 1 2 3 Encrypt Bob’s public key Encrypt One-time secret key + 4 5 6 Sender site Signed digest added to the message
  • 32.
    Pretty Good Privacy(PGP) Alice Hash Function Digest Encrypt Alice’s private key + Signed Digest Message plus Signed Digest Encrypted (secret key & message + digest) to Bob 1 2 3 Encrypt Bob’s public key Encrypt One-time secret key + 4 5 6 Sender site The message and digest are encrypted using one time secret key created by Alice
  • 33.
    Pretty Good Privacy(PGP) Alice Hash Function Digest Encrypt Alice’s private key + Signed Digest Message plus Signed Digest Encrypted (secret key & message + digest) to Bob 1 2 3 Encrypt Bob’s public key Encrypt One-time secret key + 4 5 6 Sender site The secret key is encrypted using Bob’s public key
  • 34.
    Pretty Good Privacy(PGP) Alice Hash Function Digest Encrypt Alice’s private key + Signed Digest Message plus Signed Digest Encrypted (secret key & message + digest) to Bob 1 2 3 Encrypt Bob’s public key Encrypt One-time secret key + 4 5 6 Sender site The encrypted message, digest and secret key is sent to Bob
  • 35.
    PGP (contd.) Receiversite Bob Decrypt Hash Function Digest Alice’s public key Digest X Compare 9 10 11 Encrypted (secret key & message + digest) Bob’s private key Decrypt Decrypt Encrypted (message + digest) One-time secret key 7 8
  • 36.
    PGP (contd.) Receiversite Bob Decrypt Hash Function Digest Alice’s public key Digest X Compare 9 10 11 Encrypted (secret key & message + digest) Bob’s private key Decrypt Decrypt Encrypted (message + digest) One-time secret key 7 8 Bob decrypts the secret key with his private key
  • 37.
    PGP (contd.) Receiversite Bob Decrypt Hash Function Digest Alice’s public key Digest X Compare 9 10 11 Encrypted (secret key & message + digest) Bob’s private key Decrypt Decrypt Encrypted (message + digest) One-time secret key 7 8 Bob decrypts the encrypted message and digest using the decrypted secret key
  • 38.
    PGP (contd.) Receiversite Bob Decrypt Hash Function Digest Alice’s public key Digest X Compare 9 10 11 Encrypted (secret key & message + digest) Bob’s private key Decrypt Decrypt Encrypted (message + digest) One-time secret key 7 8 Bob decrypts the encrypted digest with Alice’s public key
  • 39.
    PGP (contd.) Receiversite Bob Decrypt Hash Function Digest Alice’s public key Digest X Compare 9 10 11 Encrypted (secret key & message + digest) Bob’s private key Decrypt Decrypt Encrypted (message + digest) One-time secret key 7 8 Bob hashes the received message to create a digest (for message integrity)
  • 40.
    PGP (contd.) Receiversite Bob Decrypt Hash Function Digest Alice’s public key Digest X Compare 9 10 11 Encrypted (secret key & message + digest) Bob’s private key Decrypt Decrypt Encrypted (message + digest) One-time secret key 7 8 The two digests are compared, thus providing authentication and integrity
  • 41.
    Sample PGP SignatureFrom: [email protected] Date: Mon, 16 Nov 1998 19:03:30 -0600 Subject: Message signed with PGP MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Content-Description: "cc:Mail Note Part" -----BEGIN PGP SIGNED MESSAGE----- Bob, This is a message signed with PGP, so you can see how much overhead PGP signatues introduce. Compare this with a similar message signed with S/MIME. Alice -----BEGIN PGP SIGNATURE----- Version: PGP for Personal Privacy 5.0 Charset: noconv iQCVAwUBM+oTwFcsAarXHFeRAQEsJgP/X3noON57U/6XVygOFjSY5lTpvAduPZ8M aIFalUkCNuLLGxmtsbwRiDWLtCeWG3k+7zXDfx4YxuUcofGJn0QaTlk8b3nxADL0 O/EIvC/k8zJ6aGaPLB7rTIizamGOt5n6/08rPwwVkRB03tmT8UNMAUCgoM02d6HX rKvnc2aBPFI= =mUaH -----END PGP SIGNATURE-----
  • 42.
    S/MIME Working principlesimilar to PGP S/MIME uses multipart MIME type to include the cryptographic information with the message S/MIME uses Cryptographic Message Syntax (CMS) to specify the cryptographic information Creating S/MIME message: MIME Entity CMS Object S/MIME Certificates Algo identifiers CMS Processing MIME Wrapping
  • 43.
    Sample SMIME SignatureFrom: [email protected] Date: Mon, 16 Nov 1998 19:03:08 -0600 Subject: Message signed with S/MIME MIME-Version: 1.0 Content-Type: multipart/mixed ; boundary="simple boundary" --simple boundary Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Content-Description: "cc:Mail Note Part" Bob, This is a message signed with S/MIME, so you can see how much overhead S/MIME signatures introduce. Compare this with a similar message signed with PGP. Alice --simple boundary Content-Type: application/octet-stream; name="smime.p7s" Content-Transfer-Encoding: base64 Content-Disposition: attachment; filename="smime.p7s" MIIQQwYJKoZIhvcNAQcCoIIQNDCCEDACAQExCzAJBgUrDgMCGgUAMAsGCSqGSIb3DQEHAaCCDnww ggnGMIIJL6ADAgECAhBQQRR9a+DX0FHXfQOVHQhPMA0GCSqGSIb3DQEBBAUAMGIxETAPBgNVBAcT CEludGVybmV0MRcwFQYDVQQKEw5WZXJpU2lnbiwgSW5jLjE0MDIGA1UECxMrVmVyaVNpZ24gQ2xh c3MgMSBDQSAtIEluZGl2aWR1YWwgU3Vic2NyaWJlcjAeFw05NzAxMjcwMDAwMDBaFw05ODAxMjcy MzU5NTlaMIIBFzERMA8GA1UEBxMISW50ZXJuZXQxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMTQw MgYDVQQLEytWZXJpU2lnbiBDbGFzcyAxIENBIC0gSW5kaXZpZHVhbCBTdWJzY3JpYmVyMUYwRAYD
  • 44.
    Sample SMIME SignatureUzEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xNzA1BgNVBAsTLkNsYXNzIDEgUHVibGljIFByaW1h cnkgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNOTYwNjI3MDAwMDAwWhcNOTkwNjI3MjM1OTU5 WjBiMREwDwYDVQQHEwhJbnRlcm5ldDEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xNDAyBgNVBAsT K1ZlcmlTaWduIENsYXNzIDEgQ0EgLSBJbmRpdmlkdWFsIFN1YnNjcmliZXIwgZ8wDQYJKoZIhvcN AQEBBQADgY0AMIGJAoGBALYUps9N0AUN2Moj0G+qtCmSY44s+G+W1y6ddksRsTaNV8nD/RzGuv4e CLozypXqvuNbzQaot3kdRCrtc/KxUoNoEHBkkdc+a/n3XZ0UQ5tul0WYgUfRLcvdu3LXTD9xquJA 8lQ5vBbuz3zsuts/bCqzFrGGEp2ukzTVuNXQ9z6pAgMBAAGjMzAxMA8GA1UdEwQIMAYBAf8CAQEw CwYDVR0PBAQDAgEGMBEGCWCGSAGG+EIBAQQEAwIBBjANBgkqhkiG9w0BAQIFAAOBgQDB+vcC51fK EXXGnAz6K3dPh0UXO+PSwdoPWDmOrpWZA6GooTj+eZqTFwuXhjnHymg0ZrvHiEX2yAwF7r6XJe/g 1G7kf512XM59uhSirguf+2dbSKVnJa8ZZIj2ctgpJ6o3EmqxKK8ngxhlbI3tQJ5NxHiohuzpLFC/ pvkN27CmSjCCAjEwggGaAgUCpAAAATANBgkqhkiG9w0BAQIFADBfMQswCQYDVQQGEwJVUzEXMBUG A1UEChMOVmVyaVNpZ24sIEluYy4xNzA1BgNVBAsTLkNsYXNzIDEgUHVibGljIFByaW1hcnkgQ2Vy dGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNOTYwMTI5MDAwMDAwWhcNOTkxMjMxMjM1OTU5WjBfMQsw CQYDVQQGEwJVUzEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xNzA1BgNVBAsTLkNsYXNzIDEgUHVi bGljIFByaW1hcnkgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwgZ8wDQYJKoZIhvcNAQEBBQADgY0A MIGJAoGBAOUZv22jVmEtmUhx9mfeuY3rt56GgAqRDvo4Ja9GiILlc6igmyRdDR/MZW4MsNBWhBiH mgabEKFz37RYOWtuwfYV1aioP6oSBo0xrH+wNNePNGeICc0UEeJORVZpH3gCgNrcR5EpuzbJY1zF 4Ncth3uhtzKwezC6Ki8xqu6jZ9rbAgMBAAEwDQYJKoZIhvcNAQECBQADgYEAUnO6mlXc3D+CfbCQ mGIqgkx2AG4lPdXCCXBXAQwPdx8YofscYA6gdTtJIUH+p1wtTEJJ0/8o2Izqnf7JB+J3glMj3lXz zkST+vpMvco281tmsp7I8gxeXtShtCEJM8o7WfySwjj8rdmWJOAt+qMp9TNoeE60vJ9pNeKomJRz O8QxggGPMIIBiwIBATB2MGIxETAPBgNVBAcTCEludGVybmV0MRcwFQYDVQQKEw5WZXJpU2lnbiwg SW5jLjE0MDIGA1UECxMrVmVyaVNpZ24gQ2xhc3MgMSBDQSAtIEluZGl2aWR1YWwgU3Vic2NyaWJl cgIQUEEUfWvg19BR130DlR0ITzAJBgUrDgMCGgUAoIGxMBgGCSqGSIb3DQEJAzELBgkqhkiG9w0B BwEwIwYJKoZIhvcNAQkEMRYEFE5W9YE9GtbjlD5A52LLaEi96zCKMBwGCSqGSIb3DQEJBTEPFw05 NzA4MDcxODQwMTBaMFIGCSqGSIb3DQEJDzFFMEMwCgYIKoZIhvcNAwcwDgYIKoZIhvcNAwICAgCA MAcGBSsOAwIHMA0GCCqGSIb3DQMCAgFAMA0GCCqGSIb3DQMCAgEoMA0GCSqGSIb3DQEBAQUABEDI 3mvHr3SAJkdoMqxZnSjJ+5gfZABJGQVOfyEfcKncY/RYFvWuHBAEBySImIQZjMgMNrQLL7QXJ/eI xIwDet+c --simple boundary--
  • 45.
  • 46.
    References Overview ofcryptography: www.rsalabs.com/faq/ http://www.faqs.org/faqs/cryptography-faq/part06/ Implementation of SSL and TSL: www.openssl.org S/MIME Internet task force: www.imc.org/ietf-smime/index.html Relationship between S/MIME and PGP/MIME: www.imc.org/smime-pgpmime.html