WebFund 2013F Lecture 2: Difference between revisions

From Soma-notes
Afry (talk | contribs)
No edit summary
No edit summary
 
(3 intermediate revisions by 2 users not shown)
Line 1: Line 1:
== PGP - GPG - Pretty Good Privacy - Gnu Privacy Guard ==
Video walkthroughs that were shown in lecture and class and associated notes are posted [http://homeostasis.scs.carleton.ca/~soma/webfund-2013f/email-crypto/ here].
 
== S/MIME - Secure Multipurpose Internet Mail Extensions==


This lecture should give an overview of the encryption of email, and what it means to apply a digital signature to an email message. There will be video demonstrations of how to setup both S/MIME and PGP on an Ubuntu machine with Thunderbird.  
This lecture should give an overview of the encryption of email, and what it means to apply a digital signature to an email message. There will be video demonstrations of how to setup both S/MIME and PGP on an Ubuntu machine with Thunderbird.  
Line 14: Line 12:


RFC 3851: S/MIME 3.1
RFC 3851: S/MIME 3.1
Links for setting up your software:
[https://help.ubuntu.com/community/GnuPrivacyGuardHowto Ubuntu GPG HowTo]
[http://www.gnupg.org/ GPG Main Website]
[https://support.mozillamessaging.com/en-US/kb/digitally-signing-and-encrypting-messages Mozilla Thunderbird Enigmail Info]
September 11
* most email is sent in plaintext
* SMTP is a store and forward protocol
* Hops may use point-to-point encryption
* Analog days: passing notes in class
* End to End Encryption
** PGP
*** pretty good privacy
*** encrypt or digitally sign mail
** S/MIME
** attacker doesn't know at which point to get to message
** wouldn't know how to unencrypt unless they had key
*point to point encryption: SSL/TLS
** can attack at many points through mail transfer
*asymmetric - a public key and a private key
** two keys, one is public one is private
*** can use either to encrypt message
[[Sending message
]]|Hi Bob!| -> hash function (MD5) ->|0110110|->Encrypt ->Signature
signature Private Key
[[Receiving Message]]
|Hi Bob!|-sh>md5sum msg.txt->|0110110|->Decrypt -> Signature value
Signature
Public Key
* if anything changed in transit, it would change hash function value and would let you know that the message integrity has failed
* by not encrypting  we cannot ensure integrity of communications
* trace route a couple of your packets
* IETF = ISO
** RFC
*** SMTP
*** CMS
** OpenPGP
*** GPG -> free license
*** PGP (Pretty good privacy)

Latest revision as of 21:13, 8 November 2013

Video walkthroughs that were shown in lecture and class and associated notes are posted here.

This lecture should give an overview of the encryption of email, and what it means to apply a digital signature to an email message. There will be video demonstrations of how to setup both S/MIME and PGP on an Ubuntu machine with Thunderbird.

The RFCs that relate to the topics presented will include:

RFC 821 : SMTP - simple mail transfer protocol

RFC 5652: CMS

RFC 2440: OpenPGP Message Format

RFC 3851: S/MIME 3.1

Links for setting up your software:

Ubuntu GPG HowTo

GPG Main Website

Mozilla Thunderbird Enigmail Info


September 11

  • most email is sent in plaintext
  • SMTP is a store and forward protocol
  • Hops may use point-to-point encryption
  • Analog days: passing notes in class
  • End to End Encryption
    • PGP
      • pretty good privacy
      • encrypt or digitally sign mail
    • S/MIME
    • attacker doesn't know at which point to get to message
    • wouldn't know how to unencrypt unless they had key
  • point to point encryption: SSL/TLS
    • can attack at many points through mail transfer
  • asymmetric - a public key and a private key
    • two keys, one is public one is private
      • can use either to encrypt message

[[Sending message ]]|Hi Bob!| -> hash function (MD5) ->|0110110|->Encrypt ->Signature signature Private Key

Receiving Message |Hi Bob!|-sh>md5sum msg.txt->|0110110|->Decrypt -> Signature value Signature Public Key

  • if anything changed in transit, it would change hash function value and would let you know that the message integrity has failed
  • by not encrypting we cannot ensure integrity of communications
  • trace route a couple of your packets
  • IETF = ISO
    • RFC
      • SMTP
      • CMS
    • OpenPGP
      • GPG -> free license
      • PGP (Pretty good privacy)