SlideShare a Scribd company logo

Network security

Download as PPTX, PDF
S
SVijaylakshmi

The document discusses email security, highlighting the importance of confidentiality, authentication, integrity, and non-repudiation. It details methods such as Privacy Enhanced Mail (PEM) and Pretty Good Privacy (PGP), explaining their processes for ensuring secure email communication through techniques like digital signatures, encryption, and compression. Additionally, it introduces S/MIME as an enhancement for secure multipurpose internet mail with various cryptographic algorithms.

Internet
Related topics:
Email Security Overview
1 of 31
Download to read offline
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
Nadar Saraswathi College of arts and science,Theni DEPARTMENT OF CS & IT NETWORK AND INTERNET SECURITY Presented by S.Vijayalakshmi – I Msc (IT)
Email security
INTRODUCTION  email is one of the most widely used and regarded network service  currently message content are not secure may be inspected either in transit or by suitably privileged user on destination system
EMAIL SECURITY REQUIREMENTS  Confidentiality  Authentication  Integrity  Non-repudiation
BASIC PHASE OF EMAIL
Basic Phase of Email
PRIVACY ENHANCED MAIL PEM adopted by the Internet Architecture Board(LAB) to provide secure electronic mail communication over the internet Steps of PEM canonical conversion Digital signature Encryption Base 64 encoding
CANONICAL CONVERSIONS PEM transforms each email message into an abstract canonical representation. This means that regardless of the architecture and the operating system of the sending and receiving computers, the email message always travels in a uniform, independent format.
DIGITAL SIGNATURE
ENCRYPTION
BASE 64 ENCODING
PRETTY GOOD PRIVACY(PGP) PGP provides a confidentiality and authentication service that can be used for electronic mail and file storage application. A number of reasons can be cited for this growth.  availabel free worldwide.  It is based on extremely secure algorithm.  Wide range of applicability.  Not developed by governmental organization.
OPERATIONAL DESCRIPTION The actual operation of PGP, consists of five services: authentication, confidentiality, compression, e-mail compatibility, and segmentation
AUTHENTICATION 1.Sender creates message 2.make SHA-1160-bit hash of message 3. attached RSA signed hash to message 4.receiver decrypts& recovers hash code 5.receiver verifies received message hash
CONFIDENTIALITY 1.Sender forms 128=bit random session key 2.encrypts message with session key 3.attaches session key encrypted with RSA 4.receiver decrypts& recovers session key 5.session key is used to decrypt message
CONFIDENTIALITY&AUTHENTICATION  Can use both services on same message create signature & attach to message encrypt both message & signature attach RSAEIG amal encrypted session key
COMPRESSION  By default PGP compresses message after signing but before encrypting -so can store uncompressed message& signature -& because compression is non deterministic  Uses ZIP compression algorithm
EMAIL COMPATIBILITY  When using PGP will have binary data to send(encrypted message etc)  However email was designed only for text  Hence PGP must encode raw binary data into printable ASCII characters  Uses radix-64 algorithm -maps 3 bytes to 4 printable chars -also appends a CRC  PGP also segment messages if too big
PGP SESSION KEYS  Need a session key for each message -of varying sizes:56-bit DES,128-bit CAST or IDEA, 168-bit Triple –DES  Generated using ANSI X12.17 mode  Uses random inputs taken from previous uses and from keystroke timing of user
PGP PUBLIC & PRIVATE KEYS  Since many public/private keys may be in use, need to identify which is actually used to encrypt session key in a message. -could send full public-key with every message -but this is inefficient  Rather use a key identifier based on key -is least significant 64-bits of the key -will very likely be unique  Also use key ID in signature
PGP Message Format
PGP MESSAGE GENERATION
PGP MESSAGE RECEPTION
S/MIME(secure/Multipurpose Internet Mail Extension)  Security enhancement to MIME email  -original Internet RFC822 email was text only  -MIME provided support for varying content types and multi-part message  -with encoding of binary data to textual form  -S/MIME added security enhancement  Have S/MIME support in many mail agents  -eg MS outlook, Mozilla , Mac Mail etc
SIGNED MAIL  1. The user writes the message as clear-text .  2.The message digest is being calculated (using SHA-1[2] or MD5[3])  3.The message digest is being encrypted using the signer’s private key (DSS[4] or RSA[5]).
SINGNED MAIL
ENCRYPTED MAIL  1.The user writes the message as clear-text  2.A random session key is being created(triple DES[6] or rc2[7])  3.The message is being encrypted using the random session key.  4. For every recipient ,the session key is being encrypted using the recipient’s public key(DH[8] or RSA[5]).
Encrypted mail
S/MIME CRYPTOGRAPHIC ALGORITHMS  Digital signature: DSS &RSA  Hash functions: SHA-1 & MD5  Session key encryption: EIG amal & RSA  Message encryption: AES,Triple-DES, RC2/40 and other  MAC:HMAC with SHA-1
S/MIME FUNCTION  Enveloped data -encrypted content and associated keys  Signed data -encoded message+ signed digest  Clear –signed data -clear text message+ encoded signed digest  Signed &enveloped data -nesting of signed& encrypted entities
Network security

More Related Content

PDF
Email security & threads
Inocentshuja Ahmad
 
PPT
Email security
Indrajit Sreemany
 
PDF
Electronic mail security
Dr.Florence Dayana
 
PPT
Email Security : PGP & SMIME
Rohit Soni
 
PPT
Celebrity Cricket League 2016 - http://ccl5.com/
Tania Agni
 
PPTX
S/MIME & E-mail Security (Network Security)
Prafull Johri
 
PPTX
Information and data security email security
Mazin Alwaaly
 
PPSX
Email Security
selvakumar_b1985
 
Email security & threads
Inocentshuja Ahmad
 
Email security
Indrajit Sreemany
 
Electronic mail security
Dr.Florence Dayana
 
Email Security : PGP & SMIME
Rohit Soni
 
Celebrity Cricket League 2016 - http://ccl5.com/
Tania Agni
 
S/MIME & E-mail Security (Network Security)
Prafull Johri
 
Information and data security email security
Mazin Alwaaly
 
Email Security
selvakumar_b1985
 

What's hot (19)

PPT
E-mail Security in Network Security NS5
koolkampus
 
PPT
The Security layer
Swetha S
 
PPTX
CRYPTOGRAPHY AND NETWORK SECURITY- E-Mail Security
Jyothishmathi Institute of Technology and Science Karimnagar
 
PPTX
E mail security
Soumya Vijoy
 
PPTX
IP Security
Keshab Nath
 
PPT
Lecture 8 mail security
rajakhurram
 
PPTX
Email Security Presentation
Yosef Gamble
 
PPTX
Email security
Mohammed Hilal
 
PDF
E-mail Security Protocol - 2 Pretty Good Privacy (PGP)
Vishal Kumar
 
PDF
Email security presentation
SubhradeepMaji
 
PPT
Pgp
Reham Maher El-Safarini
 
PPT
Ch15
Joe Christensen
 
PPTX
Pretty good privacy
Punnya Babu
 
PDF
Network Security Applications
Hatem Mahmoud
 
DOCX
S/MIME
maria azam
 
PPTX
Using PGP for securing the email
Gianni Fiore
 
PDF
8 Authentication Security Protocols
guestfbf635
 
PPT
IP Security in Network Security NS6
koolkampus
 
PPT
Pretty good privacy
Pushkar Dutt
 
E-mail Security in Network Security NS5
koolkampus
 
The Security layer
Swetha S
 
CRYPTOGRAPHY AND NETWORK SECURITY- E-Mail Security
Jyothishmathi Institute of Technology and Science Karimnagar
 
E mail security
Soumya Vijoy
 
IP Security
Keshab Nath
 
Lecture 8 mail security
rajakhurram
 
Email Security Presentation
Yosef Gamble
 
Email security
Mohammed Hilal
 
E-mail Security Protocol - 2 Pretty Good Privacy (PGP)
Vishal Kumar
 
Email security presentation
SubhradeepMaji
 
Pgp
Reham Maher El-Safarini
 
Ch15
Joe Christensen
 
Pretty good privacy
Punnya Babu
 
Network Security Applications
Hatem Mahmoud
 
S/MIME
maria azam
 
Using PGP for securing the email
Gianni Fiore
 
8 Authentication Security Protocols
guestfbf635
 
IP Security in Network Security NS6
koolkampus
 
Pretty good privacy
Pushkar Dutt
 
Ad

Similar to Network security (20)

PPTX
module 4_7th sem_ Electronic Mail Security.pptx
prateekPallav2
 
PPT
computer netwok security Pretty Good Privacy PGP.ppt
jayaprasanna10
 
PPT
chapter 15-Network and Security-By-MIT.ppt
KamranHussainAwan
 
PPT
ch15 (1).ppt
SunilKatkar5
 
PPT
ch15.ppt
ssuser6602e0
 
PPT
ch15.ppt
witscollege
 
PDF
1682302951397_PGP.pdf
georgejustymirobi1
 
PPT
chap15 cryptography and network security.ppt
ubaidullah75790
 
PPT
PGP.ppt
qwerrew1
 
PDF
Email Security Pretty Good Privacy (PGP),Services Provided by PGP.pdf
aryalmadhave123
 
PPT
S-MIMEemail-security.ppt
witscollege
 
PDF
M.FLORENCE DAYANA/electronic mail security.pdf
Dr.Florence Dayana
 
PPT
E-mail Security.ppt
maniklal123
 
DOCX
Pgp
Abhishek Kesharwani
 
DOCX
Pgp
Abhishek Kesharwani
 
PDF
Network Security CS2
Infinity Tech Solutions
 
PPTX
Email security
kumarviji
 
PDF
BAIT1103 Chapter 5
limsh
 
PPTX
Email sec11
Athira Asakumar
 
PDF
CS6004 CYBER FORENSICS
Kathirvel Ayyaswamy
 
module 4_7th sem_ Electronic Mail Security.pptx
prateekPallav2
 
computer netwok security Pretty Good Privacy PGP.ppt
jayaprasanna10
 
chapter 15-Network and Security-By-MIT.ppt
KamranHussainAwan
 
ch15 (1).ppt
SunilKatkar5
 
ch15.ppt
ssuser6602e0
 
ch15.ppt
witscollege
 
1682302951397_PGP.pdf
georgejustymirobi1
 
chap15 cryptography and network security.ppt
ubaidullah75790
 
PGP.ppt
qwerrew1
 
Email Security Pretty Good Privacy (PGP),Services Provided by PGP.pdf
aryalmadhave123
 
S-MIMEemail-security.ppt
witscollege
 
M.FLORENCE DAYANA/electronic mail security.pdf
Dr.Florence Dayana
 
E-mail Security.ppt
maniklal123
 
Pgp
Abhishek Kesharwani
 
Pgp
Abhishek Kesharwani
 
Network Security CS2
Infinity Tech Solutions
 
Email security
kumarviji
 
BAIT1103 Chapter 5
limsh
 
Email sec11
Athira Asakumar
 
CS6004 CYBER FORENSICS
Kathirvel Ayyaswamy
 
Ad

More from SVijaylakshmi (13)

PPTX
client server computing.pptx
SVijaylakshmi
 
PPTX
small industries.pptx
SVijaylakshmi
 
PPTX
pseudo Color Image.pptx
SVijaylakshmi
 
PPTX
hive.pptx
SVijaylakshmi
 
PPTX
real Time data analysis.pptx
SVijaylakshmi
 
PPTX
Density based methods
SVijaylakshmi
 
PPTX
Reinforcement Learning
SVijaylakshmi
 
PPTX
Synchronization in distributed computing
SVijaylakshmi
 
PPTX
control structures
SVijaylakshmi
 
PPTX
Swing components
SVijaylakshmi
 
PPTX
Basic Traversal and Search Techniques
SVijaylakshmi
 
PPTX
Parallel language and compiler
SVijaylakshmi
 
PPTX
Basic Traversal and Search Techniques
SVijaylakshmi
 
client server computing.pptx
SVijaylakshmi
 
small industries.pptx
SVijaylakshmi
 
pseudo Color Image.pptx
SVijaylakshmi
 
hive.pptx
SVijaylakshmi
 
real Time data analysis.pptx
SVijaylakshmi
 
Density based methods
SVijaylakshmi
 
Reinforcement Learning
SVijaylakshmi
 
Synchronization in distributed computing
SVijaylakshmi
 
control structures
SVijaylakshmi
 
Swing components
SVijaylakshmi
 
Basic Traversal and Search Techniques
SVijaylakshmi
 
Parallel language and compiler
SVijaylakshmi
 
Basic Traversal and Search Techniques
SVijaylakshmi
 

Recently uploaded (20)

PPTX
introduction about ICD -10 & ICD-11 ppt.pptx
naveenithkrishnan
 
PPTX
Digital Literacy And Online Safety on internet
riksa rifqi
 
PPTX
PptxGenJS_Demo_Chart_20250317130215833.pptx
itruongva
 
PPTX
522797556-Unit-2-Temperature-measurement-1-1.pptx
msar8888
 
PDF
An introduction to the IFRS (ISSB) Stndards.pdf
farhankhan13694
 
PDF
Testing WebRTC applications at scale.pdf
Giacomo Vacca
 
PDF
Paper PDF World Game (s) Great Redesign.pdf
Steven McGee
 
PPTX
Introuction about ICD -10 and ICD-11 PPT.pptx
naveenithkrishnan
 
PDF
RPKI Status Update, presented by Makito Lay at IDNOG 10
APNIC
 
PDF
The New Creative Director: How AI Tools for Social Media Content Creation Are...
SageTitans
 
PDF
Unit-1 introduction to cyber security discuss about how to secure a system
shivangisharma636228
 
PPTX
Funds Management Learning Material for Beg
NKKumar16
 
PDF
Automated vs Manual WooCommerce to Shopify Migration_ Pros & Cons.pdf
CartCoders
 
PPTX
Internet___Basics___Styled_ presentation
poonam62133
 
PPTX
artificial intelligence overview of it and more
yafotin445
 
PDF
The Internet -By the Numbers, Sri Lanka Edition
APNIC
 
PPTX
Introuction about WHO-FIC in ICD-10.pptx
naveenithkrishnan
 
PPTX
international classification of diseases ICD-10 review PPT.pptx
naveenithkrishnan
 
PPTX
June-4-Sermon-Powerpoint.pptx USE THIS FOR YOUR MOTIVATION
KuyaRogie
 
PDF
Tenda Login Guide: Access Your Router in 5 Easy Steps
tendawifi16
 
introduction about ICD -10 & ICD-11 ppt.pptx
naveenithkrishnan
 
Digital Literacy And Online Safety on internet
riksa rifqi
 
PptxGenJS_Demo_Chart_20250317130215833.pptx
itruongva
 
522797556-Unit-2-Temperature-measurement-1-1.pptx
msar8888
 
An introduction to the IFRS (ISSB) Stndards.pdf
farhankhan13694
 
Testing WebRTC applications at scale.pdf
Giacomo Vacca
 
Paper PDF World Game (s) Great Redesign.pdf
Steven McGee
 
Introuction about ICD -10 and ICD-11 PPT.pptx
naveenithkrishnan
 
RPKI Status Update, presented by Makito Lay at IDNOG 10
APNIC
 
The New Creative Director: How AI Tools for Social Media Content Creation Are...
SageTitans
 
Unit-1 introduction to cyber security discuss about how to secure a system
shivangisharma636228
 
Funds Management Learning Material for Beg
NKKumar16
 
Automated vs Manual WooCommerce to Shopify Migration_ Pros & Cons.pdf
CartCoders
 
Internet___Basics___Styled_ presentation
poonam62133
 
artificial intelligence overview of it and more
yafotin445
 
The Internet -By the Numbers, Sri Lanka Edition
APNIC
 
Introuction about WHO-FIC in ICD-10.pptx
naveenithkrishnan
 
international classification of diseases ICD-10 review PPT.pptx
naveenithkrishnan
 
June-4-Sermon-Powerpoint.pptx USE THIS FOR YOUR MOTIVATION
KuyaRogie
 
Tenda Login Guide: Access Your Router in 5 Easy Steps
tendawifi16
 

Network security

  • 1. Nadar Saraswathi College of arts and science,Theni DEPARTMENT OF CS & IT NETWORK AND INTERNET SECURITY Presented by S.Vijayalakshmi – I Msc (IT)
  • 3. INTRODUCTION  email is one of the most widely used and regarded network service  currently message content are not secure may be inspected either in transit or by suitably privileged user on destination system
  • 4. EMAIL SECURITY REQUIREMENTS  Confidentiality  Authentication  Integrity  Non-repudiation
  • 7. PRIVACY ENHANCED MAIL PEM adopted by the Internet Architecture Board(LAB) to provide secure electronic mail communication over the internet Steps of PEM canonical conversion Digital signature Encryption Base 64 encoding
  • 8. CANONICAL CONVERSIONS PEM transforms each email message into an abstract canonical representation. This means that regardless of the architecture and the operating system of the sending and receiving computers, the email message always travels in a uniform, independent format.
  • 12. PRETTY GOOD PRIVACY(PGP) PGP provides a confidentiality and authentication service that can be used for electronic mail and file storage application. A number of reasons can be cited for this growth.  availabel free worldwide.  It is based on extremely secure algorithm.  Wide range of applicability.  Not developed by governmental organization.
  • 13. OPERATIONAL DESCRIPTION The actual operation of PGP, consists of five services: authentication, confidentiality, compression, e-mail compatibility, and segmentation
  • 14. AUTHENTICATION 1.Sender creates message 2.make SHA-1160-bit hash of message 3. attached RSA signed hash to message 4.receiver decrypts& recovers hash code 5.receiver verifies received message hash
  • 15. CONFIDENTIALITY 1.Sender forms 128=bit random session key 2.encrypts message with session key 3.attaches session key encrypted with RSA 4.receiver decrypts& recovers session key 5.session key is used to decrypt message
  • 16. CONFIDENTIALITY&AUTHENTICATION  Can use both services on same message create signature & attach to message encrypt both message & signature attach RSAEIG amal encrypted session key
  • 17. COMPRESSION  By default PGP compresses message after signing but before encrypting -so can store uncompressed message& signature -& because compression is non deterministic  Uses ZIP compression algorithm
  • 18. EMAIL COMPATIBILITY  When using PGP will have binary data to send(encrypted message etc)  However email was designed only for text  Hence PGP must encode raw binary data into printable ASCII characters  Uses radix-64 algorithm -maps 3 bytes to 4 printable chars -also appends a CRC  PGP also segment messages if too big
  • 19. PGP SESSION KEYS  Need a session key for each message -of varying sizes:56-bit DES,128-bit CAST or IDEA, 168-bit Triple –DES  Generated using ANSI X12.17 mode  Uses random inputs taken from previous uses and from keystroke timing of user
  • 20. PGP PUBLIC & PRIVATE KEYS  Since many public/private keys may be in use, need to identify which is actually used to encrypt session key in a message. -could send full public-key with every message -but this is inefficient  Rather use a key identifier based on key -is least significant 64-bits of the key -will very likely be unique  Also use key ID in signature
  • 24. S/MIME(secure/Multipurpose Internet Mail Extension)  Security enhancement to MIME email  -original Internet RFC822 email was text only  -MIME provided support for varying content types and multi-part message  -with encoding of binary data to textual form  -S/MIME added security enhancement  Have S/MIME support in many mail agents  -eg MS outlook, Mozilla , Mac Mail etc
  • 25. SIGNED MAIL  1. The user writes the message as clear-text .  2.The message digest is being calculated (using SHA-1[2] or MD5[3])  3.The message digest is being encrypted using the signer’s private key (DSS[4] or RSA[5]).
  • 27. ENCRYPTED MAIL  1.The user writes the message as clear-text  2.A random session key is being created(triple DES[6] or rc2[7])  3.The message is being encrypted using the random session key.  4. For every recipient ,the session key is being encrypted using the recipient’s public key(DH[8] or RSA[5]).
  • 29. S/MIME CRYPTOGRAPHIC ALGORITHMS  Digital signature: DSS &RSA  Hash functions: SHA-1 & MD5  Session key encryption: EIG amal & RSA  Message encryption: AES,Triple-DES, RC2/40 and other  MAC:HMAC with SHA-1
  • 30. S/MIME FUNCTION  Enveloped data -encrypted content and associated keys  Signed data -encoded message+ signed digest  Clear –signed data -clear text message+ encoded signed digest  Signed &enveloped data -nesting of signed& encrypted entities