E-Mail Security Protocol - 1 Privacy Enhanced Mail (PEM) Protocol
5 likes6,365 views
The document discusses email security protocols, particularly focusing on Privacy Enhanced Mail (PEM). It outlines various email attacks such as spoofing, spamming, and flaming while detailing the structure and functionality of PEM, including its processes like canonical conversion, digital signatures, encryption, and base-64 encoding. The document serves as an informative guide on how these protocols enhance email security against prevalent threats.
E-Mail Security Protocol - 1 Privacy Enhanced Mail (PEM) Protocol
- 1. 1 WWW.Prohackers.in E-mail Security Protocol-1 Privacy Enhanced Mail (PEM)β By: -Vishal Kumar (CEH, CHFI, CISE, MCP) info@prohackers.in
- 2. 2 WWW.Prohackers.in Table of content 1. Introduction 2. E-mail Attacks and Issues 3. Email Message Structure 3.1 Attachment Size Limitation 3.2 Spam 3.3 Malware 3.4 Email Spoofing 3.5 Email Bombing 3.6 Flaming 3.7 Email Bankruptcy 4. Email Security Protocols 3.1 Privacy Enhanced Mail 1. The working of PEM i. Canonical Conversation ii. Digital Signature iii. Encryption iv. Base-64 Encoding
- 3. 3 WWW.Prohackers.in Introduction We had discussed about the fundamental structure of E-Mail in our previous document βFundamental of Electronic Mailβ. We had learned about its different part, flow of and e- mail message from sender to recipient, the Header and response code etc. Now we are moving towards the issues or threats related to the electronic mail (E-mail) and what are the security protocols who provide the security to the E-mail message. There are three main security protocols that play the most important role in providing the security to the E-mail message: Privacy Enhanced Mail (PEM), Pretty Good Privacy (PGP) and Secure MIME. Letβs discuss these security protocols in brief but before have a look on some attacks related to the email. E-Mail Attacks and Issues Because of email contains the sensitive information hence the chances of attacks is more possible on the email server and client. The attacker can steal the sensitive information about the organization and can miss use it. Letβs discuss some popular E-mail attacks on E- mail in brief. Attachment size limitation Email messages may have one or more attachments, which are additional files that are appended to the email. Typical attachments include Microsoft Word documents, pdf documents and scanned images of paper documents. In principle there is no technical restriction on the size or number of attachments, but in practice email clients, servers and Internet service providers implement various limitations on the size of files, or complete email - typically to 25MB or less.
- 4. 4 WWW.Prohackers.in Spam Email "spam" is the term used to describe unsolicited bulk email. The low cost of sending such email meant that by 2003 up to 30% of total email traffic was already spam. and was threatening the usefulness of email as a practical tool. The US CAN-SPAM Act of 2003 and similar laws elsewhere had some impact, and a number of effective anti-spam techniques now largely mitigate the impact of spam by filtering or rejecting it for most users, but the volume sent is still very highβand increasingly consists not of advertisements for products, but malicious content or links. Malware A range of malicious email types exist. These range from various types of email scams, including "social engineering" scams such as advance-fee scam "Nigerian letters", to phishing, email bombardment and email worms. Email spoofing Email spoofing occurs when the email message header is designed to make the message appear to come from a known or trusted source. Email spam and phishing methods typically use spoofing to mislead the recipient about the true message origin. Email spoofing may be done as a prank, or as part of a criminal effort to defraud an individual or organization. An example of a potentially fraudulent email spoofing is if an individual creates an email which appears to be an invoice from a major company, and then sends it to one or more recipients. In some cases, these fraudulent emails incorporate the logo of the purported organization and even the email address may appear legitimate. Email bombing Email bombing is the intentional sending of large volumes of messages to a target address. The overloading of the target email address can render it unusable and can even cause the mail server to crash.
- 5. 5 WWW.Prohackers.in Flaming Flaming occurs when a person sends a message (or many messages) with angry or antagonistic content. The term is derived from the use of the word "incendiary" to describe particularly heated email discussions. The ease and impersonality of email communications mean that the social norms that encourage civility in person or via telephone do not exist and civility may be forgotten. Email bankruptcy Also known as "email fatigue", email bankruptcy is when a user ignores a large number of email messages after falling behind in reading and answering them. The reason for falling behind is often due to information overload and a general sense there is so much information that it is not possible to read it all. As a solution, people occasionally send a "boilerplate" message explaining that their email inbox is full, and that they are in the process of clearing out all the messages. E-Mail Security Protocols As we know there are mainly three e-mail security protocols which play the most important role in securing the E-mail messages. Letβs discuss these protocols in brief 1. Privacy Enhanced Mail (PEM): The privacy Enhanced Mail (EPM) is an email security standard adopted by the Internet Architecture Board (IAB) to provide secures electronic mail communication over the internet. PEM was initially developed by the Internet Research Task Force (IRTF) and Privacy Security Research Group (PSRG). PEM is described in four specification documents, which are RFC number 1421 to 1424. PEM support the three main cryptographic functions of encryption, non-repudiation and message integrity.
- 6. 6 WWW.Prohackers.in 1. Canonical Conversion 2. Digital Signature 3. Encryption 4. Base-64 Encoding Fig: PEM operation 1.2. The Working of PEM The broad-level steps in PEM are shown in the below image, as shown, PEM is started with canonical conversion, which is followed by signature, then by encryption and finally, Base-64 encoding. PEM allows for three security options when sending an e-mail message. These options are: ο· Signature only (step 1 and 2) ο· Signature and Base-64 encoding (step 1,2 and 4) ο· Signature, Encryption and Base-64 encoding (step 1 to 4) Let us now discuss the four steps shown in the above figure. Note that these four steps are performed by the receiver in reverse direction to retrieve the original plane text message. Step 1: Canonical Conversion There a distinct possibility that the sender and the receiver of an e-mail message use computers that have different architectures and operating systems. This is because the internet works on any computer that has a TCP/IP stack, regardless of the architecture or operating system. Therefore, it is quite possible that the same thing is represented Privacy Enhance Mail (PEM) Encryption Non-repudiation Message integrity Fig: Security Features offered by PEM
- 7. 7 WWW.Prohackers.in differently in these different computers. This can create problems when creating message digests, and therefore, digital signature. Consequently, PEM transforms each e-mail message into an abstract, canonical representation. This means that regardless of the architecture and the operating system of the sending and receiving computers, the e-mail message always travel in uniform, independent format. Step 2: Digital Signature This is typical process of digital signature that we had studied many times cryptography technique. It is start by creating a message digest of the e-mail message using an algorithm such as MD2 or MD5, as shown in the below image. The message digest thus created and then encrypted with the senders private key to form the senderβs digital signature. The process shown below: E-mail message To: visahlkumar@gmail.com From: info@prohackers.in Subject: Our Meetings β¦β¦β¦β¦β¦β¦β¦β¦β¦β¦ 1001010111 1011011101 0111011010 001010------- --------- Message-digest algorithm (MD2 or MD5) Message Digest Fig: Message-digest creation of the original e-mail message Original E-mail Message
- 8. 8 WWW.Prohackers.in Step 3: Encryption In this step the original e-mail and the digital signature are encrypted together with symmetric key. For this, the DES or DES-3 algorithms in CBC (Cipher Block Chaining) mode are used. This is shown I the below image: DES or DES-3 in CBC Mode Digital Signature E-mail message To: visahlkumar@gmail.com From: info@prohackers.in Subject: Our Meetings β¦β¦β¦β¦β¦β¦β¦β¦β¦β¦ Encryption Encrypted Result Fig: Encryption in PEM
- 9. 9 WWW.Prohackers.in Step 4: Base-64 Encoding This is the last step in PEM. The base-64 encoding (also called Radix-64 encoding or ASCII armour) process transforms arbitrary binary input into printable character output. In this technique, the binary input is processed in block of 3 octets, or 24 bits. These 24 bits are considered to be made up of 4 sets, each of 6 bits. Each such set of 6 bits is mapped into an 8-bit output character inn this process. This concept is showing the below image (note that the value in the figure is just for example purpose) This seems to be a fairly straightforward process. However, one key question is what is the logic used for mapping a 6-bit input block into an output 8-bit blocks? For this a mapping table used which is explained in below example: In our example of Base-64 encoding, let us consider a 24-bit raw stream 011001110100100110101000. Input bit stream Divided into 24-bit blocks Each 24-bit divided into four 6-bit blocks 6-bit blocks mapped to 8-bit blocks 10100100100101101110110011010010100001110001β¦β¦. 10100101 00101001 10110001 101001 010010 110001100110 10011010 00100101 0010101111000110 Fig: Base-64 encoding concept
- 10. 10 WWW.Prohackers.in 24-bit Input Divided into four 6-bit blocks Write there decimal equivalents Map to Base-64 table 011001110100100110101000 011001 110100 101000100110 01011010 00110000 0110111101101101 Fig: Base-64 encoding concept 25 52 4038 Z 0 om Write ASCII equivalent binary
- 11. 11 WWW.Prohackers.in Char. Dec. Char. Dec. Char. Dec. A 0 W 22 s 44 B 1 X 23 t 45 C 2 Y 24 u 46 D 3 Z 25 v 47 E 4 a 26 w 48 F 5 b 27 x 49 G 6 c 28 y 50 H 7 d 29 z 51 I 8 e 30 0 52 J 9 f 31 1 53 K 10 g 32 2 54 L 11 h 33 3 55 M 12 i 34 4 56 N 13 j 35 5 57 O 14 k 36 6 58 P 15 l 37 7 59 Q 16 m 38 8 60 R 17 n 39 9 61 S 18 o 40 + 62 T 19 p 41 / 63 U 20 q 42 V 21 r 43 = (Padding) Fig: Base-64 encoding Table
- 12. 12 WWW.Prohackers.in Thanks for reading this presentation Please give us your feedback at info@prohackers.in Your feedback is most valuable for us for improving the presentation You can also suggest the topic on which you want the presentation Website: www.prohackers.in FB page: www.facebook.com/theprohackers2017 Join FB Group: www.facebook.com/groups/group.prohackers/ Watch us on: www.youtube.com//channel/UCcyYSi1sh1SmyMlGfB-Vq6A ***Thanks***