CHAPTER 1
INTRODUCTION

The growth of the Internet is unbelievably rapid, more new devices and services coming out generation by generation. Billions and billions of people are using the Internet and thus internet is becoming one of the most essentialities for nowadays people in the whole world. Of the internet services, electronic mail is the most basic and widely-used services. All email users from any location are communicating each other by sending and receiving email messages over the internet for different purposes. However, email is not a secure method of communication. As email packets have to be routed through many networks over the internet, there grows a large number of longstanding security shortcomings of email in communication technology and email security becomes one of the most challenging areas in Internet security system. To solve this security concern, Pretty Good Privacy (PGP) protocol is used. PGP will give cryptographic privacy by confidentiality process and message integrity and authentication by creating a digital signature.

1. Aims of the Thesis

• To improve email security • To study the operations of PGP protocol • To understand the role of cryptography in computer and network security areas • To propose the effectiveness of applying the hybrid encryption system (i.e., applying the two encryption systems together)

1.2 Pretty Good Privacy (PGP) PGP stands for Pretty Good Privacy protocol, which was originally developed by Philip R.Zimmermann in 1991 [13]. PGP is an electronic mail security program that gives users privacy and authentication. As PGP is based on a distributed network of individuals, it is preferable to email, one of the most widely-used messaging application of the internet services. The two main fundamental services that PGP provide are the authentication of the entities and confidentiality of the messages being sent and received. Applying the PGP program which will give confidentiality and authentication features will improve the security of electronic mailing system.

1.3 PGP Security Features PGP provides a variety of security features for electronic mail: • Confidentiality • Authentication • Message Integrity • Non-repudiation of origin Confidentiality protects the contents of the email message by encrypting against the unauthorized disclosure. No one other than the authorized recipient can read the message. Data origin authentication permits the authorized receiver of the message to reliably determine the identity of the sender. Only an authorized receiver can authenticate it. Message integrity provides the authorized recipient of the message assurance that the message has not been altered in transit. The message received that needs to be identical to the message being sent can be verified by using the PGP program. Non-repudiation of the original sender is the feature that allows one person to forward the message to another email user, who can validate the identity of the original sender.

1.4 Benefits of the Proposed System

• As all the algorithms used for message encryption, session-key encryption, hash code generation and hash code encryption are integrated together in the proposed PGP encryption scheme, it eliminates the need for operating multiple, disparate management systems for deploying, managing, and supporting one or more encryption applications. • Hybrid encryption system is used in the proposed system that the biggest challenge of key exchange between the users can be covered [12].

1.5 Organization of the Thesis The basic concepts of the Pretty Good Privacy protocol and its security features are introduced in Chapter 1. The remaining parts of this book are background theory, proposed system operations, implementation of the program for proposed PGP protocol, and finally the conclusion of the system. Chapter 2 discusses the basic theory of cryptography and PGP protocol. Chapter 3 analyzes the operations and procedures of the PGP program suites and the implementation of the whole system for this thesis is explained in Chapter 4. Conclusion, advantages, limitations and further extensions of the system are expressed in Chapter 5.

CHAPTER 2
BACKGROUND THEORY

2.1 Security Trends In 1994, The Internet Architecture Board (IAB) issued a report entitled “Security in the Internet Architecture”. The report stated the general consensus that the Internet needs more and better security, and it identified key areas for security mechanisms. Among these were (1) the need to secure the network infrastructure from unauthorized monitoring and control of network traffic, and (2) the need to secure end-user-to-end-user traffic using authentication and encryption mechanisms. These concerns are fully justified. As confirmation, consider the trends reported by the Computer Emergency Response Team (CERT) Coordination Center (CERT/CC). [pic] Figure 2.1 Vulnerabilities Reported

Figure 2.1 shows the trend in internet-related vulnerabilities reported to CERT over a 10-year period. These include security weakness in the operating systems of attached computers (e.g., Windows, Linux) as well as vulnerabilities in internet routers and other network devices. [pic] Figure 2.2 Incidents Reported Figure 2.2 shows the number of security-related incidents reported to CERT. These include Denial of Service attacks, IP spoofing, various forms of eavesdropping, packet sniffing, masquerading, message tampering and replaying.

Denial of Service (DOS) : Flooding a channel or other resource with messages in order to deny access for others.
IP Spoofing : Creating packets with false IP address and exploiting the system which uses authentication based on that IP.
Eavesdropping : Obtaining copies of messages without authority.
Packet Sniffing : Determining the messages with traffic analysis.

Masquerading : Sending or receiving messages using the identity of another principal without authority
Message Tampering : Intercepting messages and altering the contents before passing them to the intended recipient. Man-in-the-middle attack is one example of the message tampering attack.
Replaying : Storing intercepted messages and sending them after later time. This attack may be effective even with authenticated and encrypted message. Over time, the attacks on the internet and internet-attached systems have grown more sophisticated while the amount of skill and knowledge required to mount an attack has declined (Figure 2.3). Attacks have become more automated and can cause greater amount of damage, and the role of internet security becomes the most challenging area in Information Technology.
[pic]
Figure 2.3 Trends in Attack Sophistication and Intruder Knowledge The internet security trends are security attack, security mechanism and security services. Security attacks can be classified as passive attacks and active attacks.
[pic]
(a) Release of message contents

[pic]
(b) Traffic Analysis
Figure 2.4 Passive Attacks

Passive attacks include unauthorized reading of a message of file( eavesdropping), packet sniffing and traffic analysis.

[pic]
(a) Masquerading
[pic]
(b) Message Tampering
[pic]
(c) Denial of Service (DoS)
Figure 2.5 Active Attacks

Active attacks which include masquerading, modification of messages or files and denial of service. A security mechanism is any process (or a device incorporating such a process) that is designed to detect, prevent, or recover from a security attack. Examples of mechanisms are encryption algorithms (symmetric or asymmetric scheme), digital signatures and authentication protocols. Security services include authentication of the message, data confidentiality, data integrity, access control, and non-repudiation of origin [2]. These terms are explained in the following.

2.1.1 Authentication Authentication is the assurance that the communicating entity is the one that it claims to be. It can protect email spoofing forgery which appear to be sent from a known sender, but they are not actually so. The most common technique for authentication is encrypting the message with the sender’s private key. As the sender’s private key is known only to it that no one other than the sender can authenticate it [2].

2.1.2 Data Confidentiality It can be achieved by encrypting the message. Data encryption is the protection of data from unauthorized disclosure. Confidentiality protects transmitted data from passive attacks. Using symmetric encryption algorithms will be more effective for encrypting a large amount of data.

[pic]
Fig 2.6 Data encryption process

2.1.3 Data Integrity The assurance that the message received is exactly the same as the message being sent by the authorized original entity (i.e., the message received contains no modification, insertion, deletion, or replay) [2]. Message integrity can be obtained by applying (i) Message Authentication Code (MAC) or (ii) one-way hash function [2].

(i) Message Authentication Code The MAC function takes a variable-length message and a secret key as inputs and produces authentication code. A recipient in possession of the key can generate an authentication code to verify the integrity of the message.

Fig 2.7 One-way MAC Function
(ii) Hash Code A hash function maps a variable-length message into a fixed-length hash value, or message digest. For message integrity and authentication, a secure hash function must be combined in some fashion with a secret key.

Fig 2.8 One-way Hash Function In both MAC function and hash function, f: A ( B, the function f(x) for all x belongs to A, f(x) is easy to compute. But, f: B ( A to recover the original message A must be computationally infeasible to compute.

2.1.4 Access Control Access control is the ability to limit and control the access of the mail via the communication links. Each entity trying to read the mail must be decrypted and authenticated to recover the original email message that access rights can be tailored to individual [2].

2.1.5 Non-repudiation It prevents either the sender or the receiver from denying a transmitted email message. Thus, when an email message is sent, the receiver can prove that the alleged sender in fact sent the message. Similarly, when a message is received, the sender can prove that the alleged receiver in fact received.

2.2 Overview of Cryptography The word cryptography comes from the Greek word “kryptos”, which means hidden and “graphein”, which means writing. There has always been a need for exchanging information secretly. History is filled with examples where people have tried to keep information secret from adversaries. Nowadays, cryptography, the Science of encrypting and decrypting information, is becoming a basic building block for computer and network security [2]. In cryptography, encryption-decryption scheme can be categorized into two known as symmetric-key encryption scheme and the other, asymmetric scheme.

2.2.1 Symmetric Encryption Scheme Symmetric encryption scheme, the conventional one, has following five ingredients. 1. Plaintext : The original readable message that is put into the algorithm as input 2. Encryption Algorithm : It performs various substitutions and transformations on the plaintext 3. Secret key : The input to the algorithm for encryption and decryption. The algorithm will produce different ciphertexts for the same plaintext message using different keys. 4. Ciphertext : This is the scrambled message produced as output by the encryption algorithm. 5. Decryption Algorithm : This is essentially the encryption algorithm run in reverse to recover the original message.
In this scheme, • Encryption and decryption processes are performed using the same key. • The sender and receiver must share the same algorithm and the same key.
[pic]
Figure 2.9 Simplified Model of Conventional Encryption

2.2.2 Asymmetric Encryption Scheme Public-key (asymmetric) algorithms rely on related different two keys. A public-key encryption scheme has six ingredients: plaintext, encryption algorithm, public and private keys, ciphertext and decryption algorithm. In this scheme, • One key is used for encryption process and its related key is used for the decryption process. • The sender and receiver must share the same algorithm and one of the key from the key pairs, not the same one. The other key must keep secret. The public-key cryptography can be used for both authentication and encryption. The model is illustrated in Figure 2.9.

[pic]

(a)Encryption
[pic]
(b)Authentication
Figure 2.10 Public-key Cryptography Model There is nothing in principle about either symmetric or public-key encryption system that is superior to another from the point of view of cryptanalysis. It will be more secured if we use the hybrid system [1]. PGP is the protocol which uses hybrid encryption system.

2.2.3 Hybrid Encryption Scheme Hybrid encryption system means symmetric encryption of data and asymmetric encryption of the generated session-key. By theory, the symmetric cryptography is much faster and suitable for encrypting a large amount of data. The public-key cryptography is relatively slow and is only suitable for encrypting small amounts of information such as the keys. The hybrid encryption system will help both the key exchange between users and the message encryption work effectively.

2.3 Electronic Mail The most popular and widespread internet application service is the electronic mail. Electronic mail, often abbreviated to e-mail, email or originally eMail, is a store-and-forward method of writing, sending, receiving and saving messages over electronic communication systems [15]. The host computers communicate with each other by sending and receiving email messages over the Internet. On the other hand, email is vulnerable to the reception of unauthorized users in transit. The simplified model of electronic mail system is shown in the figure below (Figure 2.10). The SMTP server will move the mail from one mail server to another and the email packets are routed through the internet till they reach the destination mail server, POP3 or IMAP and downloaded to the recipient host computer. So, the mail being sent can be received, read, stored or altered by the non-authorized users in transit.

Figure 2.11 Simplified model of the Electronic mail system

2.3.1 Email Format The email address has two parts: user name and domain name; the format is as follows: username@domain name For example, mayoo@pgptest.com mayookhaing@ucsy.edu.mm m.o.khaing@mail.google.com [11]

Internet email messages consist of two major sections: Header and Body.
The message Header usually includes at least the following fields: • From : The email address and optionally the name of the sender • To : The email address (es), and optionally the name (s) of the recipients(s) • Subject : A brief summary of the contents of the message (optional) • Date: The local time and date when the message was written Other common header fields include • Cc : Carbon Copy • BCc : Blind Carbon Copy • Received : Tracking information generated by mail servers that have previously handled a message • Reply-to : Address that should be used to reply to the sender. Many email clients present “BCc” (Blind Carbon Copy, recipients not visible in the “To” field) as a header file. Different protocols are used to deal with the “BCc” field; at times the entire field is removed, whereas other times the field remains but the addresses therein are removed [15].

2.3.2 Email Security Concerns Email privacy, without some security precautions, can be compromised because: • email messages are generally not encrypted; • email messages have to go through intermediate computers before reaching the destination; • many Internet Service Providers (ISP) store copies of email messages on their mail servers before they are delivered. The backups of these can remain up to several months on their servers even if the user deletes them in the mailbox; Therefore, email-related encryption standards are involved and used with the mail program [15]. Examples for some encryption standards are Privacy Enhanced Mail (PEM), Elliptic Curve, Secure Multipurpose Internet Mail Extensions (S/MIME), Pretty Good Privacy (PGP) and GNU Privacy Guard (GPG) [14]. This thesis proposes the PGP standard in which the original 3DES algorithm is modified for better security. It is a mail security standard that transports email messages securely using the hybrid encryption technique [15]. The main advantage of the PGP protocol is that all three algorithms are integrated together for less complexity.

CHAPTER 3
THE PGP ENVIRONMENT

Though the proposed PGP program is not integrated with the mail program, it is designed to work within the existing electronic mail systems, primarily those used on the internet.

Figure 3.1 Overview of the proposed system The overview structure of the proposed system is shown in the Figure 3.1. To apply PGP, both ends need to have PGP program for encrypting and decrypting email messages. First of all, all users have to generate the public/private key pairs and put their public keys on the PGP shared key server. To gain access to the PGP key server, usernames and passwords must be entered. Their respective private keys must keep secret to each user. After going through the PGP program, the encrypted email message is sent from the SMTP server. Sending the encrypted mail will be secure while the mail packets are passing through the routes over the internet. On the receiving end, the encrypted message can be recovered at the destination computer by applying the PGP program.

3.1 The Proposed System Design

a) Generic description of the send Procedure

[pic]
(b) Module (1)

[pic]

(c) Module (2)
Figure 3.2 The send procedure Design

(a) Generic Description of the receive procedure

(b) Module (3)

(c) Module (4)
Figure 3.3 The receive procedure Design

3.1.1 Three Types of key in PGP

One-time session symmetric key : must not be predictable for data encryption
Public keys and private keys : allow users to have multiple sets and store key server for public keys

2. Cryptographic algorithms used in proposed system In PGP, public-key cryptography is used for key management and creating digital signatures, conventional secret-key cryptography for message encryption, and a one-way hash function for digital signatures.

Data Encryption Algorithm : Modified Triple Data Encryption Standard (modified-3DES)

Key Management Algorithm : RSA

Message Integrity Check and : SHA-1 and RSA Digital Signature Algorithm

3.2.1 Triple Data Encryption Standard (3DES) Algorithm

The original 3DES algorithm is explained in the following:

Key Length : two 56-bit different keys (they are concatenated after encryption)
No of Rounds : 16 rounds for each DES encryption
Best Attacks : Brute-force Attack
Comment : Brute- force attack infeasible

Triple-DES is a simple variant of DES: encrypt the message with DES three times, one after the other. By using different keys for each encryption, the result is more secured than DES. The choice of Encrypt-Decrypt-Encrypt with the keys is deliberate to avoid cryptanalysis problems. The problem with 3DES is that it tends to be slower because of the triple encryption. 3DES algorithm has a 112-bit key: two independent 56-bit keys. This is long enough to make a brute-force attack infeasible. It is resistant to both differential cryptanalysis and linear cryptanalysis.

(a) Encryption

(b) Decryption
Figure 3.4 The Generic Description of 3-DES Algorithm

The DES Algorithm Operation is discussed in the following: DES is a block cipher, operating on 64-bit blocks of data. Each input block is processes as illustared in Figure 3.6. That figure shows how a single block of data is being encrypted. First, the order of the input bits is changed according to the permutation function. The L and R arrays are then operated separately. There are 16 process steps, each step using a different subset Kn of the encryption key. Finally, the bit order is changed inversely with respect to the initial permutation function. The decryption algorithm is the same as the encryption algorithm; only the sequence of the key subset Kn is reversed.
[pic]
Figure 3.5 encryption Flow of DES Encryption Algorithm

The F(R,K) function of DES algorithm is shown in Figure 3.6. The role of S-boxes in the function F(R,K) is are illustrated in the figure. The substitution consists of a set of eight S-boxes, each of which accepts 6 bits as input and 4 bits as output. For example, the output of the input 011001 (6-bit representation) is 1001 (4-bit representation). The output will be varied according the values in the S-boxes. The operation is shown in Figure 3.6.
[pic]
Figure 3.6 Transforming 6-bit input to 4-bit output

[pic]
Figure 3.7 The F(R,K) Function of DES algorithm

The 64-bit input message into two 32-bit left (L) and right (R) arrays. As in any classic Fiestel cipher, the overall processing at each round can be summarized in the following formulas: Li = Ri-1 Ri = Li-1 x F(Ri-1,Ki) The round key Ki is 48 bits. The role of the S-boxes in the F Function is the figure 3.5. Each row of an S-box defines a general reversible substitution. The 16 rounds of DES encryption procedure is shown in Figure 3.6. After going through the 16 key-independent stages known as rounds in which the data to be encrypted is bit-rotated determined by the key and three key-independent transpositions using the F Function, L & R arrays, Function, L & R arrays , the secured ciphertext message is ready to be sent. To perform 3DES algorithm operation, DES algorithm is used three times using two 56-bit keys K1 and K2. In the proposed system, the original 3DES algorithm is modified. The two different 56-bit session keys are concatenated into one key after encrypting the message. Ks = Key 1 || Key 2 If K1= 11010101 11000101 1011101 000110100 01010001 1011110 10011011 and K2= 11000101 10101010 11011011 10011000 10111101 11000001 1010 1000, the concatenated Ks will be Ks= 11010101 11000101 1011101 000110100 01010001 1011110 10011011 11000101 10101010 11011011 10011000 10111101 11000001 10101000. The main purpose is to be less complex in key management. It will need to encrypt the concatenated session key with RSA only once, no need to encrypt the two separate session keys for two times. Besides, it will improve the security of the system because the intruder has to separate the concatenated key even if he/she can recover the encrypted combined key.

3.2.2 RSA Algorithm

Key Length : 1024 bits
Best Attacks : Brute-force Attack
Comment : Brute- force attack infeasible

RSA is a public-key cryptography algorithm. It is called RSA after its inventors: Ron Rivest, Adi Shamir, and Len Adleman. RSA uses prime numbers, i.e., numbers that are evenly divisible only by 1 and themselves. The premise behind RSA is that it is easy to multiply two prime numbers to get a third number, but, very hard to recover the two primes from the third number. Generating the public keys involves multiplying two large primes and figuring out the private key from the public key involves factoring a large number. If the number is large enough, then no one can do it in anything resembling a reasonable length of time.
Generating keys 1. Choose two distinct large prime numbers p and q. 2. Compute n = p x q. 3. Compute θ(n) = (p-1) x (q-1) 4. Choose a prime integer e such that 1