| Application Layer Security:PGP |
| The implementation of security at the application layer is more feasible and simpler, particularly when the Internet communication involves only two parties, as in the case of email and TELNET. |
| The sender and the receiver can agree to use the same protocol and to use any type of security services they desire. |
| In this section, we discuss one protocol used at the application layer to provide security: PGP. |
| Pretty Good Privacy (PGP) was invented by Phil Zimmermann to provide all four aspects of security (privacy, integrity, authentication, and nonrepudiation) in the sending of email. |
| PGP uses digital signature (a combination of hashing and public-key encryption) to provide integrity, authentication, and nonrepudiation. |
| It uses a combination of secret-key and public-key encryption to provide privacy. Specifically, it uses one hash function, one secret key, and two private-public key pairs. |
| The email message is hashed to create a digest. The digest is encrypted (signed) using Sender’s private key. The message and the digest are encrypted using the one-time secret key created by sender. |
| The secret key is encrypted using receivers public key and is sent together with the encrypted combination of message and digest. |
| The combination of encrypted secret key and message plus digest is received. |
| The encrypted secret key first is decrypted (using Receiver's private key) to get the one-time secret key created by sender. |
| The secret key then is used to decrypt the combination of the message plus digest. |
Thursday, February 5, 2009
Application Layer Security:PGP
Subscribe to:
Post Comments (Atom)
1 comment:
the combination of using a secret key together with a public key can be very effective in increasing the level of security. In this post http://www.theemailadmin.com/2008/12/creating-public-asymmetric-keys the process of how to create a public key is explained in detail and provides a very good insight in how these can be used effectively.
Post a Comment