1 / 15

OpenPGP - OpenPretty Good Privacy

Principle, utilization and limitations for secure electronic mail systems. OpenPGP - OpenPretty Good Privacy. Lindomar Bandeira Rocha. FACULDADE DE ENGENHARIA DA UNIVERSIDADE DO PORTO Segurança em Sistemas Informáticos 2009/2010. Message Encoding. Inline Encoding ( clearsigning )

kasi
Download Presentation

OpenPGP - OpenPretty Good Privacy

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Principle, utilization and limitations for secure electronic mail systems OpenPGP - OpenPrettyGoodPrivacy Lindomar Bandeira Rocha FACULDADE DE ENGENHARIA DA UNIVERSIDADE DO PORTO Segurança em Sistemas Informáticos 2009/2010

  2. MessageEncoding • Inline Encoding ( clearsigning ) • Older choice • Good for basic email messages • PGP/MIME • More modern choice • Attachment-based OpenPGP : Principle, utilization and limitations for secure electronic mail systems

  3. MessageEncoding: InlineEncoding • Occurs directly within the body of the email message. • OpenPGP signature at the end of the message. • Encrypted message replaces the original message body completely. OpenPGP : Principle, utilization and limitations for secure electronic mail systems

  4. MessageEncoding: InlineEncoding • Inline- encrypted message opened without using OpenPGP program: OpenPGP : Principle, utilization and limitations for secure electronic mail systems

  5. MessageEncoding: InlineEncoding Disadvantages : Advantages: Read by any mail client. • Non- English caracter sets; • Attachments; • Binary documents; • Mail servers can corrupt clearsigned messages. OpenPGP : Principle, utilization and limitations for secure electronic mail systems

  6. MessageEncoding: PGP/MIME • Attachment-based: • Encrypted message send as attachment; • Signed message and signatures send as attachment; • Attachments are encrypted and attached. OpenPGP : Principle, utilization and limitations for secure electronic mail systems

  7. MessageEncoding: PGP/MIME Disadvantages: Advantages: Mail servers never modifies attachments; Mail clients treat attachments as separated objects; Simple to encrypt different character sets or binary files. • Not supported by all mail Clients OpenPGP : Principle, utilization and limitations for secure electronic mail systems

  8. Email Client Integration • Proxies • sits between your email client and your mail server. • Plug – Ins • integrates with your email client. OpenPGP : Principle, utilization and limitations for secure electronic mail systems

  9. Email Client Integration: Proxies disadvantages: advantages: Works with any mail client; • Configure signing, encryption, and decryption in the proxy; • Won’t get an “encrypt and sign” button or menu option; • Have to open the proxy program and say “Encrypt all messages now” or “Encrypt messages to this email address.” OpenPGP : Principle, utilization and limitations for secure electronic mail systems

  10. Email Client Integration: Plug- Ins disadvantages: advantages: Provides “sign” and “encrypt” buttons directly within the client; Is written to look like it’s part of the mail client program. • Each mail client plug-in is unique; • Each behaves slightly differently ; • Has a different interface. OpenPGP : Principle, utilization and limitations for secure electronic mail systems

  11. OpenPGP: Saving Email - Encrypted or Not? • When you send someone encrypted email, the reader must use the recipient’s private key to read it. However, because you don’t have the recipient’s private key, you can’t read the mail that you sent, even though you created it! OpenPGP : Principle, utilization and limitations for secure electronic mail systems

  12. Saving Unencrypted Email • Email are not protected on your hard drive. • Save all your Email on an encrypted disk partition. • Another popular option is to also “Encrypt to self”. OpenPGP : Principle, utilization and limitations for secure electronic mail systems

  13. Email from beyond Your Web of Trust • Expand my Web of Trust • Trace the Web of Trust to that person • Use the key but limit my trust of the sender OpenPGP : Principle, utilization and limitations for secure electronic mail systems

  14. Tracing the Web of Trust • PGP pathfinder • trace the path through the Web of Trust between any two OpenPGP keys • use the keyid for the two keys involved • Based on WOTSAP, Python program designed to trace relashionships between keys OpenPGP : Principle, utilization and limitations for secure electronic mail systems

  15. Unprotected Email Components • OpenPGP does not encrypt subject lines in email. • Email messages sent with PGP should have innocuous subjects (or perhaps no subject at all) • Mail client might default to storing unencrypted versions of the OpenPGP emails that you send. OpenPGP : Principle, utilization and limitations for secure electronic mail systems

More Related