Email Security

Question 1

What are the steps for the sender to achieve authentication and digital signature security using PGP?

Answer 1

1. Apply hash function to plaintext
2. Encrypt the hash output using the private key of user A
3. Append encrypted hash code with plaintext message
4. Apply zip

Question 2

What are the steps for the receiver to achieve authentication and digital signature security using PGP?

Answer 2

1. Unzip data to obtain message and encrypted hash code
2. Decrypt encrypted hash code using public key of user A
3. Apply hash code on message
4. Compare between hashed message and decrypted hash code

Question 3

What are the steps for the sender to achieve confidentiality using PGP?

Answer 3

1. Apply zip to plaintext
2. Apply symmetric encryption using secret key to zipped plaintext
3. Encrypt the secret key using the public key of user A
4. Append 2. with 3.

Question 4

What are the steps for the receiver to achieve confidentiality using PGP?

Answer 4

1. Decrypt secret key with private key of user A
2. Using secret key, decrypt the encrypted zipped plaintext
3. Unzip plaintext

Question 5

Why is PGP originally incompatible with email protocols?

Answer 5

Encryption works with 8-bit octets but most emails use ASCII text

Question 6

How does Radix-64 fix compatibility problems with PGP?

Answer 6

Radix 64 encodes binary characters to ASCII characters. Every 24 bits (6+6+6+6) is 4 ASCII characters.