IY5502 Introduction to Cryptography and Security Mechanisms.
Added on - 20 Sep 2019
IY5502 Introduction to Cryptography and Security MechanismsAssignment 3Questions based on article Why Johnny Can’t Encrypt by Whitten and TygarQ1. What use of the security software PGP is discussed in this article, and what(cryptographic) security services does it provide?A:Pretty Good Privacy (PGP) is a software for computers that allows users to send and receiveemail securely, such that the contents cannot be read or modified in transit, and only the intendedrecipient can read the message. All this is based on cryptography.In other words, the (cryptographic) services provided by PGP include confidentiality by notallowing unauthorised persons to be able to read the email message. The message is encryptedusing a public-key or symmetric cryptographic algorithm and this key is encrypted using theprivate-key and included in the message being sent.And it also provides authentication by allowing to verify the sender of the email. This is based onthe use of cryptographic hashing algorithms (e.g. SHA-1), which creates a fixed-length uniquerepresentation (called message digests, hash value or hash) of any input data of arbitrary length.This message digest is encrypted with the private key of the sender (in asymmetriccryptography), and thus will only be decrypted by the public key of the same sender.Additionally, both encryption and authentication can be used to together.Q2. In your own words, provide a one paragraph summary of the main findings of thisarticle.A:The hypothesis of the paper is that security software is different from consumer software anduser design principles for consumer software cannot be blindly applied to the security software.Security mechanisms are only effective when used correctly, and humans are often the weakestlink in any security technique. Also, users of all skill-sets will eventually prefer convenience, so
the software has to be learnable and convenient, without sacrificing the integrity it is supposed toprovide. The software tested is Pretty Good Privacy (PGP) 5.0, which has been developed with afocus on user experience. It is used for ensuring that email messages cannot be read byunauthorised people and that the sender can be verified. The study found lots of deficiencies, notdue to lack of motivation, but a flawed understanding of the requirements for a security software.Cognitive walkthrough analysis, heuristic evaluation, and laboratory tests on twelve individualsrepresenting the cross-section of average email users confirm the researchers' originalhypothesis.Q3. The article suggests that users encountered difficulties because they did notunderstand the basic concepts behind public-key encryption and digital signatures.Provide a short explanation of these two concepts that is suitable for educating userswho are trying to use PGP software.A:Some of the difficulties encountered in the use of Pretty Good Privacy (PGP) arose from theusers' being unaware of how the underlying concepts of public-key encryption and digitalsignatures work. Both of these are based on cryptography, mathematics while digital signaturealso uses central or distributed entities for trust.Encryption: It is used to implement confidentiality. Public-key (also called asymmetric)encryption is based on mathematics. For every entity (individual or organisation), there is a pairof keys - one of them in public, and thus freely available and distributed to all, and the other isprivate, kept secure by the entity. These keys are bound by mathematical properties thatencryption (making data unintelligible but can be recovered by applicable key) by one of thesecan only be reversed (decryption) by the other associated key. This does away with therequirement of sharing any common key between the sender and receiver. In PGP, this translatesinto the software managing the owner's public and private key, other's public keys, encryptingoutgoing emails for particular senders, decrypting incoming email. To use this, the message isencrypted with the public key of the receiver, only who owns the corresponding private and thusis the only person who will be able to recover the message.
Digital signature: It is used to ensure authentication, which means to verify the sender of amessage. This too is based on public-key (also called asymmetric) encryption. In this scenario,the sender uses his private key (which only he is supposed to know) to encrypt a message. Now,the associated public key can be used to decrypt the message. The laws of cryptographyguarantee that any encryption done by either of the pair can only de reversed by the associatedother key. Thus, successful decryption by the public key of an entity confirms that the privatekey of that entity was used i.e. that entity is the sender of the document. This is usually used withhashing algorithms, which are one-way functions to create a fixed-length unique representation(called message digest, hash value or hash) for any arbitrary input. Then this message digest inencrypted with the private key to help implement authenticity. However, who is to vouch for theassociation of a public key with an entity and this introduces responsibility of trust which can bemaintained by central authorities or peers.Q4. Providing assurance of purpose of keys is an important aspect of key management:a) How does PGP provide assurance of purpose of public keys?A:Pretty Good Privacy (PGP) is the brainchild of a single person, Phil Zimmermann, who isagainst governments and establishments. This shows in his design for the issue of trust in PGP.He developed a decentralised method for assuring trust in the public and private key pairs, asexplained next.A vetting scheme called "web of trust" is used to manage the public-private key association.Creating a pair of a public and private key is a trivial operation. The difficult part is theverification that a particular public key belongs to the individual being claimed (trust), andsecondly, that the owner of the key is actually the same individual as being claimed (validity). Tomanage this in a decentralised way, any individual can publish a public key claiming to be his.This is maintained in an identity certificate. Next, some other people will vouch for this claim bydigitally signing this person's identity certificate. This will be the process for every person. Now,PGP software downloads the list of public keys. The concept is that out of the people who havedigitally signed the identity certificate, some of them will be trusted by the sender (in varyingdegrees - complete trust, partial trust, or no trust). Thus, the accuracy of the public key can beestimated. This setting is user-configurable. A couple of issues crop up in this method for the