Free Essay

Pgp Appliance in Email

In: Computers and Technology

Submitted By witch83
Words 3766
Pages 16

The growth of the Internet is unbelievably rapid, more new devices and services coming out generation by generation. Billions and billions of people are using the Internet and thus internet is becoming one of the most essentialities for nowadays people in the whole world. Of the internet services, electronic mail is the most basic and widely-used services. All email users from any location are communicating each other by sending and receiving email messages over the internet for different purposes. However, email is not a secure method of communication. As email packets have to be routed through many networks over the internet, there grows a large number of longstanding security shortcomings of email in communication technology and email security becomes one of the most challenging areas in Internet security system. To solve this security concern, Pretty Good Privacy (PGP) protocol is used. PGP will give cryptographic privacy by confidentiality process and message integrity and authentication by creating a digital signature.

1. Aims of the Thesis

• To improve email security • To study the operations of PGP protocol • To understand the role of cryptography in computer and network security areas • To propose the effectiveness of applying the hybrid encryption system (i.e., applying the two encryption systems together)

1.2 Pretty Good Privacy (PGP) PGP stands for Pretty Good Privacy protocol, which was originally developed by Philip R.Zimmermann in 1991 [13]. PGP is an electronic mail security program that gives users privacy and authentication. As PGP is based on a distributed network of individuals, it is preferable to email, one of the most widely-used messaging application of the internet services. The two main fundamental services that PGP provide are the authentication of the entities and confidentiality of the messages being sent and received. Applying the PGP program which will give confidentiality and authentication features will improve the security of electronic mailing system.

1.3 PGP Security Features PGP provides a variety of security features for electronic mail: • Confidentiality • Authentication • Message Integrity • Non-repudiation of origin Confidentiality protects the contents of the email message by encrypting against the unauthorized disclosure. No one other than the authorized recipient can read the message. Data origin authentication permits the authorized receiver of the message to reliably determine the identity of the sender. Only an authorized receiver can authenticate it. Message integrity provides the authorized recipient of the message assurance that the message has not been altered in transit. The message received that needs to be identical to the message being sent can be verified by using the PGP program. Non-repudiation of the original sender is the feature that allows one person to forward the message to another email user, who can validate the identity of the original sender.

1.4 Benefits of the Proposed System

• As all the algorithms used for message encryption, session-key encryption, hash code generation and hash code encryption are integrated together in the proposed PGP encryption scheme, it eliminates the need for operating multiple, disparate management systems for deploying, managing, and supporting one or more encryption applications. • Hybrid encryption system is used in the proposed system that the biggest challenge of key exchange between the users can be covered [12].

1.5 Organization of the Thesis The basic concepts of the Pretty Good Privacy protocol and its security features are introduced in Chapter 1. The remaining parts of this book are background theory, proposed system operations, implementation of the program for proposed PGP protocol, and finally the conclusion of the system. Chapter 2 discusses the basic theory of cryptography and PGP protocol. Chapter 3 analyzes the operations and procedures of the PGP program suites and the implementation of the whole system for this thesis is explained in Chapter 4. Conclusion, advantages, limitations and further extensions of the system are expressed in Chapter 5.


2.1 Security Trends In 1994, The Internet Architecture Board (IAB) issued a report entitled “Security in the Internet Architecture”. The report stated the general consensus that the Internet needs more and better security, and it identified key areas for security mechanisms. Among these were (1) the need to secure the network infrastructure from unauthorized monitoring and control of network traffic, and (2) the need to secure end-user-to-end-user traffic using authentication and encryption mechanisms. These concerns are fully justified. As confirmation, consider the trends reported by the Computer Emergency Response Team (CERT) Coordination Center (CERT/CC). [pic] Figure 2.1 Vulnerabilities Reported

Figure 2.1 shows the trend in internet-related vulnerabilities reported to CERT over a 10-year period. These include security weakness in the operating systems of attached computers (e.g., Windows, Linux) as well as vulnerabilities in internet routers and other network devices. [pic] Figure 2.2 Incidents Reported Figure 2.2 shows the number of security-related incidents reported to CERT. These include Denial of Service attacks, IP spoofing, various forms of eavesdropping, packet sniffing, masquerading, message tampering and replaying.

Denial of Service (DOS) : Flooding a channel or other resource with messages in order to deny access for others.
IP Spoofing : Creating packets with false IP address and exploiting the system which uses authentication based on that IP.
Eavesdropping : Obtaining copies of messages without authority.
Packet Sniffing : Determining the messages with traffic analysis.

Masquerading : Sending or receiving messages using the identity of another principal without authority
Message Tampering : Intercepting messages and altering the contents before passing them to the intended recipient. Man-in-the-middle attack is one example of the message tampering attack.
Replaying : Storing intercepted messages and sending them after later time. This attack may be effective even with authenticated and encrypted message. Over time, the attacks on the internet and internet-attached systems have grown more sophisticated while the amount of skill and knowledge required to mount an attack has declined (Figure 2.3). Attacks have become more automated and can cause greater amount of damage, and the role of internet security becomes the most challenging area in Information Technology.
Figure 2.3 Trends in Attack Sophistication and Intruder Knowledge The internet security trends are security attack, security mechanism and security services. Security attacks can be classified as passive attacks and active attacks.
(a) Release of message contents

(b) Traffic Analysis
Figure 2.4 Passive Attacks

Passive attacks include unauthorized reading of a message of file( eavesdropping), packet sniffing and traffic analysis.

(a) Masquerading
(b) Message Tampering
(c) Denial of Service (DoS)
Figure 2.5 Active Attacks

Active attacks which include masquerading, modification of messages or files and denial of service. A security mechanism is any process (or a device incorporating such a process) that is designed to detect, prevent, or recover from a security attack. Examples of mechanisms are encryption algorithms (symmetric or asymmetric scheme), digital signatures and authentication protocols. Security services include authentication of the message, data confidentiality, data integrity, access control, and non-repudiation of origin [2]. These terms are explained in the following.

2.1.1 Authentication Authentication is the assurance that the communicating entity is the one that it claims to be. It can protect email spoofing forgery which appear to be sent from a known sender, but they are not actually so. The most common technique for authentication is encrypting the message with the sender’s private key. As the sender’s private key is known only to it that no one other than the sender can authenticate it [2].

2.1.2 Data Confidentiality It can be achieved by encrypting the message. Data encryption is the protection of data from unauthorized disclosure. Confidentiality protects transmitted data from passive attacks. Using symmetric encryption algorithms will be more effective for encrypting a large amount of data.

Fig 2.6 Data encryption process

2.1.3 Data Integrity The assurance that the message received is exactly the same as the message being sent by the authorized original entity (i.e., the message received contains no modification, insertion, deletion, or replay) [2]. Message integrity can be obtained by applying (i) Message Authentication Code (MAC) or (ii) one-way hash function [2].

(i) Message Authentication Code The MAC function takes a variable-length message and a secret key as inputs and produces authentication code. A recipient in possession of the key can generate an authentication code to verify the integrity of the message.

Fig 2.7 One-way MAC Function
(ii) Hash Code A hash function maps a variable-length message into a fixed-length hash value, or message digest. For message integrity and authentication, a secure hash function must be combined in some fashion with a secret key.

Fig 2.8 One-way Hash Function In both MAC function and hash function, f: A ( B, the function f(x) for all x belongs to A, f(x) is easy to compute. But, f: B ( A to recover the original message A must be computationally infeasible to compute.

2.1.4 Access Control Access control is the ability to limit and control the access of the mail via the communication links. Each entity trying to read the mail must be decrypted and authenticated to recover the original email message that access rights can be tailored to individual [2].

2.1.5 Non-repudiation It prevents either the sender or the receiver from denying a transmitted email message. Thus, when an email message is sent, the receiver can prove that the alleged sender in fact sent the message. Similarly, when a message is received, the sender can prove that the alleged receiver in fact received.

2.2 Overview of Cryptography The word cryptography comes from the Greek word “kryptos”, which means hidden and “graphein”, which means writing. There has always been a need for exchanging information secretly. History is filled with examples where people have tried to keep information secret from adversaries. Nowadays, cryptography, the Science of encrypting and decrypting information, is becoming a basic building block for computer and network security [2]. In cryptography, encryption-decryption scheme can be categorized into two known as symmetric-key encryption scheme and the other, asymmetric scheme.

2.2.1 Symmetric Encryption Scheme Symmetric encryption scheme, the conventional one, has following five ingredients. 1. Plaintext : The original readable message that is put into the algorithm as input 2. Encryption Algorithm : It performs various substitutions and transformations on the plaintext 3. Secret key : The input to the algorithm for encryption and decryption. The algorithm will produce different ciphertexts for the same plaintext message using different keys. 4. Ciphertext : This is the scrambled message produced as output by the encryption algorithm. 5. Decryption Algorithm : This is essentially the encryption algorithm run in reverse to recover the original message.
In this scheme, • Encryption and decryption processes are performed using the same key. • The sender and receiver must share the same algorithm and the same key.
Figure 2.9 Simplified Model of Conventional Encryption

2.2.2 Asymmetric Encryption Scheme Public-key (asymmetric) algorithms rely on related different two keys. A public-key encryption scheme has six ingredients: plaintext, encryption algorithm, public and private keys, ciphertext and decryption algorithm. In this scheme, • One key is used for encryption process and its related key is used for the decryption process. • The sender and receiver must share the same algorithm and one of the key from the key pairs, not the same one. The other key must keep secret. The public-key cryptography can be used for both authentication and encryption. The model is illustrated in Figure 2.9.


Figure 2.10 Public-key Cryptography Model There is nothing in principle about either symmetric or public-key encryption system that is superior to another from the point of view of cryptanalysis. It will be more secured if we use the hybrid system [1]. PGP is the protocol which uses hybrid encryption system.

2.2.3 Hybrid Encryption Scheme Hybrid encryption system means symmetric encryption of data and asymmetric encryption of the generated session-key. By theory, the symmetric cryptography is much faster and suitable for encrypting a large amount of data. The public-key cryptography is relatively slow and is only suitable for encrypting small amounts of information such as the keys. The hybrid encryption system will help both the key exchange between users and the message encryption work effectively.

2.3 Electronic Mail The most popular and widespread internet application service is the electronic mail. Electronic mail, often abbreviated to e-mail, email or originally eMail, is a store-and-forward method of writing, sending, receiving and saving messages over electronic communication systems [15]. The host computers communicate with each other by sending and receiving email messages over the Internet. On the other hand, email is vulnerable to the reception of unauthorized users in transit. The simplified model of electronic mail system is shown in the figure below (Figure 2.10). The SMTP server will move the mail from one mail server to another and the email packets are routed through the internet till they reach the destination mail server, POP3 or IMAP and downloaded to the recipient host computer. So, the mail being sent can be received, read, stored or altered by the non-authorized users in transit.

Figure 2.11 Simplified model of the Electronic mail system

2.3.1 Email Format The email address has two parts: user name and domain name; the format is as follows: username@domain name For example, [11]

Internet email messages consist of two major sections: Header and Body.
The message Header usually includes at least the following fields: • From : The email address and optionally the name of the sender • To : The email address (es), and optionally the name (s) of the recipients(s) • Subject : A brief summary of the contents of the message (optional) • Date: The local time and date when the message was written Other common header fields include • Cc : Carbon Copy • BCc : Blind Carbon Copy • Received : Tracking information generated by mail servers that have previously handled a message • Reply-to : Address that should be used to reply to the sender. Many email clients present “BCc” (Blind Carbon Copy, recipients not visible in the “To” field) as a header file. Different protocols are used to deal with the “BCc” field; at times the entire field is removed, whereas other times the field remains but the addresses therein are removed [15].

2.3.2 Email Security Concerns Email privacy, without some security precautions, can be compromised because: • email messages are generally not encrypted; • email messages have to go through intermediate computers before reaching the destination; • many Internet Service Providers (ISP) store copies of email messages on their mail servers before they are delivered. The backups of these can remain up to several months on their servers even if the user deletes them in the mailbox; Therefore, email-related encryption standards are involved and used with the mail program [15]. Examples for some encryption standards are Privacy Enhanced Mail (PEM), Elliptic Curve, Secure Multipurpose Internet Mail Extensions (S/MIME), Pretty Good Privacy (PGP) and GNU Privacy Guard (GPG) [14]. This thesis proposes the PGP standard in which the original 3DES algorithm is modified for better security. It is a mail security standard that transports email messages securely using the hybrid encryption technique [15]. The main advantage of the PGP protocol is that all three algorithms are integrated together for less complexity.


Though the proposed PGP program is not integrated with the mail program, it is designed to work within the existing electronic mail systems, primarily those used on the internet.

Figure 3.1 Overview of the proposed system The overview structure of the proposed system is shown in the Figure 3.1. To apply PGP, both ends need to have PGP program for encrypting and decrypting email messages. First of all, all users have to generate the public/private key pairs and put their public keys on the PGP shared key server. To gain access to the PGP key server, usernames and passwords must be entered. Their respective private keys must keep secret to each user. After going through the PGP program, the encrypted email message is sent from the SMTP server. Sending the encrypted mail will be secure while the mail packets are passing through the routes over the internet. On the receiving end, the encrypted message can be recovered at the destination computer by applying the PGP program.

3.1 The Proposed System Design

a) Generic description of the send Procedure

(b) Module (1)


(c) Module (2)
Figure 3.2 The send procedure Design

(a) Generic Description of the receive procedure

(b) Module (3)

(c) Module (4)
Figure 3.3 The receive procedure Design

3.1.1 Three Types of key in PGP

One-time session symmetric key : must not be predictable for data encryption
Public keys and private keys : allow users to have multiple sets and store key server for public keys

2. Cryptographic algorithms used in proposed system In PGP, public-key cryptography is used for key management and creating digital signatures, conventional secret-key cryptography for message encryption, and a one-way hash function for digital signatures.

Data Encryption Algorithm : Modified Triple Data Encryption Standard (modified-3DES)

Key Management Algorithm : RSA

Message Integrity Check and : SHA-1 and RSA Digital Signature Algorithm

3.2.1 Triple Data Encryption Standard (3DES) Algorithm

The original 3DES algorithm is explained in the following:

Key Length : two 56-bit different keys (they are concatenated after encryption)
No of Rounds : 16 rounds for each DES encryption
Best Attacks : Brute-force Attack
Comment : Brute- force attack infeasible

Triple-DES is a simple variant of DES: encrypt the message with DES three times, one after the other. By using different keys for each encryption, the result is more secured than DES. The choice of Encrypt-Decrypt-Encrypt with the keys is deliberate to avoid cryptanalysis problems. The problem with 3DES is that it tends to be slower because of the triple encryption. 3DES algorithm has a 112-bit key: two independent 56-bit keys. This is long enough to make a brute-force attack infeasible. It is resistant to both differential cryptanalysis and linear cryptanalysis.

(a) Encryption

(b) Decryption
Figure 3.4 The Generic Description of 3-DES Algorithm

The DES Algorithm Operation is discussed in the following: DES is a block cipher, operating on 64-bit blocks of data. Each input block is processes as illustared in Figure 3.6. That figure shows how a single block of data is being encrypted. First, the order of the input bits is changed according to the permutation function. The L and R arrays are then operated separately. There are 16 process steps, each step using a different subset Kn of the encryption key. Finally, the bit order is changed inversely with respect to the initial permutation function. The decryption algorithm is the same as the encryption algorithm; only the sequence of the key subset Kn is reversed.
Figure 3.5 encryption Flow of DES Encryption Algorithm

The F(R,K) function of DES algorithm is shown in Figure 3.6. The role of S-boxes in the function F(R,K) is are illustrated in the figure. The substitution consists of a set of eight S-boxes, each of which accepts 6 bits as input and 4 bits as output. For example, the output of the input 011001 (6-bit representation) is 1001 (4-bit representation). The output will be varied according the values in the S-boxes. The operation is shown in Figure 3.6.
Figure 3.6 Transforming 6-bit input to 4-bit output

Figure 3.7 The F(R,K) Function of DES algorithm

The 64-bit input message into two 32-bit left (L) and right (R) arrays. As in any classic Fiestel cipher, the overall processing at each round can be summarized in the following formulas: Li = Ri-1 Ri = Li-1 x F(Ri-1,Ki) The round key Ki is 48 bits. The role of the S-boxes in the F Function is the figure 3.5. Each row of an S-box defines a general reversible substitution. The 16 rounds of DES encryption procedure is shown in Figure 3.6. After going through the 16 key-independent stages known as rounds in which the data to be encrypted is bit-rotated determined by the key and three key-independent transpositions using the F Function, L & R arrays, Function, L & R arrays , the secured ciphertext message is ready to be sent. To perform 3DES algorithm operation, DES algorithm is used three times using two 56-bit keys K1 and K2. In the proposed system, the original 3DES algorithm is modified. The two different 56-bit session keys are concatenated into one key after encrypting the message. Ks = Key 1 || Key 2 If K1= 11010101 11000101 1011101 000110100 01010001 1011110 10011011 and K2= 11000101 10101010 11011011 10011000 10111101 11000001 1010 1000, the concatenated Ks will be Ks= 11010101 11000101 1011101 000110100 01010001 1011110 10011011 11000101 10101010 11011011 10011000 10111101 11000001 10101000. The main purpose is to be less complex in key management. It will need to encrypt the concatenated session key with RSA only once, no need to encrypt the two separate session keys for two times. Besides, it will improve the security of the system because the intruder has to separate the concatenated key even if he/she can recover the encrypted combined key.

3.2.2 RSA Algorithm

Key Length : 1024 bits
Best Attacks : Brute-force Attack
Comment : Brute- force attack infeasible

RSA is a public-key cryptography algorithm. It is called RSA after its inventors: Ron Rivest, Adi Shamir, and Len Adleman. RSA uses prime numbers, i.e., numbers that are evenly divisible only by 1 and themselves. The premise behind RSA is that it is easy to multiply two prime numbers to get a third number, but, very hard to recover the two primes from the third number. Generating the public keys involves multiplying two large primes and figuring out the private key from the public key involves factoring a large number. If the number is large enough, then no one can do it in anything resembling a reasonable length of time.
Generating keys 1. Choose two distinct large prime numbers p and q. 2. Compute n = p x q. 3. Compute θ(n) = (p-1) x (q-1) 4. Choose a prime integer e such that 1…...

Similar Documents

Premium Essay

Email History

...Email Timeline (notes) 1965: first concept of email… there was a CTSS (Compatible Time-Sharing System) in the MIT Computation Center. So the MIT had many registered users and most of them used the CTSS service. Then they wanted to share information to each other in new ways. So they had this “common file” place in the disk. What they would do is they would create files that they named like TO TOM or to whoever… and put them in those common file place. Then the person who will receive the message could log into the CTSS and search for that file. 1971: Ray Tomlinson (he invented the email, not because someone asked him to. He just thought that it would be a really cool idea.) sends the first electronic mail. Not through internet, cuz it wasn’t invented it… it was through a network called the ARPANET (Advanced Research Projects Agency Network). It said “QWERTYUIOP.” He worked for a company called (forgot… BBM or something…) which was hired by the United States Defense Department to create the internet in 1968. 1976: Queen Elizabeth II becomes the first head of a state to send an email!! She was demonstrating networking technology and she sent the email from the Royal Signs and Radar Establishment (RSRE). 1983: MCI Mail is the first commercial email service (through a server), and it is introduced to the public!! It was a service that allowed people to sent electronic text-based messages to other people with MCI Mail. Later on it allowed people to send messages to users of...

Words: 592 - Pages: 3

Premium Essay


...Dear Ms Jocelyn Smith I am emailing you to ask for your assistance as a financial advisor for my new business, Buttons Bar and Lounge. I require R4 000 000 for the start up of the company and need your assistance in preparing a budget, doing accounts and obtaining a loan. The estimated cost to start the business consists of property, interior, stock and appliances. Adding to this is the cost of paying staff at an estimate of R4500 per night. As I have no experience in running accounts and doing finances for a business I require your help in doing so. I would need to prepare a monthly budget inclusive of all expenses and income so as to efficiently spend money and create maximum profits. I would also require you to do monthly accounting for the business to submit to SARS. Most importantly we would need your assistance in obtaining a loan from the bank to fund the start up of the business. This amount will be the whole R4 000 000. The loan will need to be obtained within the next year so the building for the business can be purchased and the business can be started by the set date of 24 April 2015. This means that in the time being you would not have to go forward with the monthly accounts however, I would like you to draw up the budget so I have an idea of the business plan in advance. Thank you in advance for your attention to this matter....

Words: 257 - Pages: 2

Premium Essay


...SITUATION WHERE EMAIL SHOULD BE USED IN CORPORATE COMMUNICATION Email is widely used as a form of business communication and overall it is a highly effective communication tool. Email is inexpensive, only requiring an Internet connection that is generally already present in the business. Although a printout of emails is possible, emails often stay as soft copies because archiving and retrieving email communications is easy to do. From the CEO to the janitorial staff and even temporary employees of the business can send and receive email communications. 1. Although it cannot and should not replace all face-to-face communication and others forms of communication, internal email usage can cover many areas within the business. Internal emails can function as an effective communication for sharing basic information, such as new cafeteria prices, paper use guidelines or security precautions, for example. Sending simple messages to an entire workforce with just the click of a mouse is fast, easy, convenient and can save the company money. If saved, the email can function as proof of a message sent or received, and is easily accessible to remind the recipient of pertinent information. Many businesses use email as part of its marketing efforts to share information with prospects, customers, and vendors. 2. Business emails should be concise and to the point. Use plain text and common fonts with a simple signature line. Fancy graphics, fonts, and backgrounds can take up......

Words: 955 - Pages: 4

Free Essay

Email Policy

...The purpose of this policy is to ensure the proper use of company’s email system and to make all employees aware of what the company deems as acceptable and unacceptable use of its email system. The company reserves the right to amend this policy at its discretion. In case of amendments, users will be informed appropriately. The policies are outlined below. The company considers email as an important means of communication and recognizes the importance of proper email content and speedy replies in conveying a professional image and delivering good customer service. Therefore the company wishes users to adhere to the following guidelines: • Writing emails: o Write well-structured emails and use short, descriptive subjects. o Email style is informal. This means that sentences can be short and to the point. You can start your e-mail with ‘Hi’, or ‘Dear’, and the name of the person. Messages can be ended with ‘Best Regards’. The use of Internet abbreviations and characters such as smileys however, is not encouraged. o Signatures must include your name, job title and company name. A disclaimer will be added underneath your signature. o Use the spell checker before you send out an email. o Do not send unnecessary attachments. Compress attachments larger than 200K before sending them. o Do not write emails in capitals. o Do not use cc: or bcc: fields unless the cc:......

Words: 1021 - Pages: 5

Premium Essay

Using Sms in Mobile Phone for Home Appliances Controlling

...Using SMS in Mobile Phone for Home Appliances Controlling Through PC Parallel Port Interfacing e-mail: University of Salahaddin, College of Engineering, Electrical Engineering Department Erbil, Iraq Keywords: Mobile phone, PC ports, Interfacing, Visual C++. Fadhil T. Aula ABSTRACT This paper presents a system of the PC remote Controlling with the Mobile Telephone through accessing the main PC ports; serial and parallel. Serial port for transferring data from Mobile phone to PC and parallel port for interfacing PC with real time controlling hardware. The system is implemented by using the SMS (Short Message Service) as associated with all modern mobile phone devices and mobile telecommunication networks. The software for whole system is designed and implemented with KORAK Telecom Network in Erbil City, Nokia mobile phone device and with ordinary type of PC that running under Windows XP or compatible. The software for system is divided into two parts; Mobile to PC through serial port is a general commercial program that associated with the Nokia mobile devices, and second which access SMS file and control all parts of system is designed by using Microsoft Visual C++ Ver. 6 . Such idea is quiet new and represents the ability of anyone who has Mobile and PC to control remotely major devices in his/her home, office and etc. 1. INTRODUCTION Nowadays, the communications becomes very simple, fast, interactive and more compact, that makes the global as a......

Words: 2726 - Pages: 11

Premium Essay

Email Marketing

...Email marketing It informs your leads about new products, services, or offers that are relevant to their interests so that they can move into the next steps of the decision-making process. TIPS: * Segment B2B and B2C.. * Engage your prospects and existing customers. * Prospect need to be informed. Existing customers have knowledge = different stages of the buying cycle * Re-engage inactive customers. Look into new layouts, new content, reach them at different times. * Personalize email Different types of email marketing: Customer acquisition and sales generating email marketing.. Customer loyalty and brand email marketing.. Customer retention marketing.. Simple strategies: * Customer loyalty, brand building emails (most loyal customers)– holiday and birthday greetings, thank you emails, company status and advice, tips. * Rentention emails – content is an offer, sale, discount or free gift. Or info on new products * Customer win back – those who are inactive - Offers, sales, free gifts, free shipping. Email newsletters VS direct sales newsletters Newsletters * Product reviews, features and announcements of new products  * Upcoming events calendars * Special offers and discounts * Featured quotes * Featured customers or users * Links to partner websites * Links to useful sections of your......

Words: 4517 - Pages: 19

Free Essay

Shannon Y Pgp

...Como dijo Claude Shannon: “el adversario conoce el sistema”. PGP PGP es el acrónimo de Pretty Good Privacy (Privacidad Bastante Buena), un programa desarrollado por Phil Zimmermann que sirve para cifrar contenido y acceder a él mediante una clave pública y firmar documentos digitalmente para autentificarlos. El programa vio la luz en 1991, y desde entonces se ha convertido en una herramienta imprescindible para el cifrado de toda clase de archivos, ya que a pesar de sus más de 20 años de vida, sigue siendo una tecnología de cifrado muy segura. En la actualidad, la tecnología es propiedad de Symantec, pero está disponible a través de una gran cantidad de programas distintos para diferentes plataformas. Además, existe una versión de código abierto cuyo principal representante es la aplicación GnuPG. Cómo funciona PGP Intentando no ser demasiado técnico, hay que decir que PGP (Pretty Good Privacy) utiliza cuatro procesos distintos de cifrado (hashing, compresión de datos, cifrado de clave simétrica y cifrado de clave pública) que garantizan la seguridad desde el momento en que cifras un archivo, mensaje o documento y lo descifras. En el proceso de cifrado, se comprime el documento o archivo y se genera una clave aleatoria. Al enviar el paquete de datos se adjunta una clave cifrada con la clave del receptor, que en el momento de descifrar el archivo o documento, realiza el proceso inverso. Funciones de PGP La PGP ofrece las siguientes funciones: * Firmas digitales y......

Words: 950 - Pages: 4

Free Essay

Pgp Company Case

...XLRI Jamshedpur J. Singh The PGP Company The PGP Company was a large concern making many types of consumer products. It had six plants spread around the country. Their purchasing procedures had never been completely coordinated. In fact, the head office of the company had encouraged each of the plant managers to operate with their staffs as separate independent units in most matters. In 2005, when it began to appear that the company would face increasing difficulty in securing essential raw materials, Mr. Seth, the CEO, recruited an experienced purchasing executive, Mr. Ghosh, as VP in charge of purchasing—a position especially created for him. Mr. Seth gave Mr. Ghosh wide latitude in organizing his job, and assigned Mr. Murthy (who had served the company in various capacities for many years, and knew most of the plant executives personally) as his assistant. Mr. Ghosh’s appointment was announced through the formal channels usual in the company, including the house magazine. One of Mr. Ghosh’s first decisions was to begin immediately to centralize the company’s purchasing procedure. As a first step he decided that he would require each of the executives who handled purchasing in the individual plants to clear with the head office all purchase contracts which they made in excess of Rs. 1 lakh. He felt that if the head office was to do any coordinating in a way that was helpful to each plant and the......

Words: 663 - Pages: 3

Free Essay

Procedural Email

...Procedural Email Message Assignment Nora Field ENG 315 – Professional Communications Professor Mark Crilly April 15, 2015 To: FSSD Project Manager <> From: Nora Field <nora.field@donfssd.coml> Subject: ACTION: New Procedures for Project Tracking FSSD Project Manager, Alternations and construction projects constitute a large percentage of our expenditures in the Facilities and Support Services Division. Currently we do not have procedures in place that will allow for project and financial tracking and accountability. Therefore, I have created a summary project log for which each project and the cost associated will be logged and tracked. You will also be responsible for creating project folders which will contain all supporting documentation pertaining to each project. The new procedures are effective April 20, 2015. Directions to access that share drive, instructions on completing the project log and for creating project files are outline on the attached file. I realize that this may be painful at the beginning but in the long run will benefit FSSD in greater visibility and reporting to leadership of workload and financial portfolios. If I can provide assistance or address any questions or concerns, please do not hesitate to contact me at 703-555-2570 or email at Very Respectfully, Nora Field Financial Manager Facilities and Support......

Words: 488 - Pages: 2

Free Essay

Email to Miguel

...Business 100W Assignment One Fifty Points ASSIGNMENT I. Email Revision. Due to SafeAssign by noon on April 16th This first paper will expect the student to revise a poorly written (and, where appropriate, redacted/altered) email, one that was actually recently written within a medium sized company. Students will be expected to apply the skills conveyed through lecture and the assigned texts to revise and rewrite, within a certain set of parameters, the email that is under consideration. Lecture, discussion, UWP writing sessions (mandatory), and the Lanham will be particularly germane to this assignment. This first assignment is the briefest of the lot and requires no oral presentation. Context and Scenario: A friend of yours, Miguel, has heard that you are a strong writer, and he seeks your counsel regarding an email he needs to send. Miguel has learned from co-workers like Milton how important clear communication is. Being the generous person you are and are known to be (you have cultivated something of a reputation for this), you have agreed to help your friend Miguel write that email. Miguel explains that he wants to write his supervisor (Lauren Alvarez), a person whom Miguel is about to meet for the first time. Recently hired by Tech-Shield, Lauren is quite excited about her new position and eagerly awaits meeting her team of analysts. While Miguel has not actually met his supervisor, he has a number of recommendations he thinks his supervisor may be interested in.......

Words: 1317 - Pages: 6

Premium Essay

Star Appliance

...Star Appliance Case Study Star Appliance is looking to expand their product line and is considering three different projects: dishwashers, garbage disposals, and trash compactors. We want to determine which project would be worth doing by determining if they will add value to Star. Thus, the projects that will add the most value to Star Appliance will be worth pursuing. The current hurdle rate of 10% should be re-evaluated by finding the weighted average cost of capital (WACC). Then by forecasting the cash flows of each project and discounting them by the WACC to find the net present value, or by solving for the internal rate of return, we should be able to see which projects Star should undertake.  Conclusion:  After calculating the NPV and the IRR for each project, I have determined that both the dishwasher and the trash compactor projects should be pursued. Both of them have shown positive NPVs at the new discount rate of 11.58% (WACC). Both projects also yielded IRRs greater than the given hurdle rate. The disposal did not meet these requirements and therefore should not be undertaken.  Based on the optimal capital structure analysis, they should pursue as 70% debt proportion, which will give them the lowest cost of capital at 11.58%. Currently Star has no debt in their capital structure, so these new projects should begin to add debt to the company. However, no matter what debt and equity proportions are chosen for each project, the discount rate of 11.58% should...

Words: 1747 - Pages: 7

Premium Essay


...Email to Coworker Lisa Smith HCS/131 02/29/16 Kelly Hernandez Email to Coworker Dear Gracie, I wanted to take some time and send you the information you requested on Communication in the workplace. Workplace communication is the transmitting and receiving of information between one person and another or a group of people. It can include emails, text messages, voice mails, notes etc. Workplace communication is essential to our company’s ability to be productive and run smoothly. Listening skills and speaking skills are necessary to have efficient interactions with coworkers and employers. The following tips will help you communicate more effectively in the work place. Listening Skills Listening skills is a common problem area, with all the distractions around us try and stay focused, having good face to face listening skills is vital. Make sure the person is hearing you by having them repeat facts or write things down. Make sure there is an understanding, have them repeat back to you in their own words what was said so they can grasp the concepts. Speaking skills Speaking skills is another important form of communication. It is very common for people to speak without thinking, also think of your audience speak on their level try to adapt yourself to different types of situations. It is important to know how to listen to others as they speak and it is also important to know how to speak to others as they listen.......

Words: 444 - Pages: 2

Premium Essay

Chat and Email

... Functions: 1. transfer email messages over the internet from one server to another using SMTP 2. Facilitate the delivery of the message 3. Helps servers to communicate 4. Verifies the configuration of the computer **if email is not successfully delivered, it bounces back or return to sender** Script: Types of Protocols, the 1st type of protocol is the SMTP, SMTP stands for Simple Mail Transfer Protocol, it is a protocol that use to move e-mail on and across the network. The functions of SMTP are (1) it transfers email messages over the internet from one server to another using SMTP (2) it facilitate the delivery of the message (3) it helps servers to communicate and lastly it verifies the configuration of the computer. There are some instances that messages can’t be deliver, it could be because of wrong spelling of email address, not the right domain, etc. and when it is not successfully delivered it will just bounce back to the sender. POP3 (Post Office Protocol 3rd Version) -communication between a server and an email clients Functions: 1. Used for downloading messages from an email server to one’s computer (stored on online hard disk to local computer hard disk that enables to view them even w/o internet connection 2. Able to access to old messages Script: The 2nd Protocol is the Post Office Protocol or POP, 3 is the number of version. The POP is used to build communication between a server and an email clients and a server it is......

Words: 456 - Pages: 2

Premium Essay

Email Etiquette

...Email etiquette is the proper and acceptable behaviour expected from an email sender. It is primarily concerned with matters of courtesy in email communications. When you use the right email etiquette it shows professionalism and efficiency. When you use the wrong email etiquette it gives a bad impression to the recipient and its shows a lack of care and respect. Email etiquette is important because our correspondence says a lot about us and it gives an instant impression to the person receiving the mail. There are certain things that are acceptable when writing to another party and certain things that are simply not. Another reason why it is important is because I want to make sure I come across as respectful, friendly, and approachable. I don't want to sound curt or demanding, back to impressions, I don’t want to give the wrong ones from the wording of our email. In the book Email Etiquette it is stated that there are 8 ways to write great email which are; 1. Clearly identify the subject matter of the email 2. Be as concise as possible 3. Check your spelling and punctuation 4. Use an appropriate style 5. Request the action or information you need. 6. Explain how urgent your message is. 7. Use attachments to provide detail 8. Include further contact details If you follow the 8 above steps you’re on your way to writing an effective email which will be clear, professional and get your desired message across to the recipient. When you use the proper......

Words: 365 - Pages: 2

Free Essay

Implementation of Pgp

...of Pretty Good Privacy (PGP) Pretty Good Privacy (PGP), is a cryptosystem used for the purpose of secure e-mail message communication over an open network. The main idea behind introducing PGP, introduced is to increase the degree of security and efficiency of e-mail message communication. 1 Introduction Since the beginning of the era of e-mail message communication over open networks, the security of electronic mail (e-mail) has been a growing concern [1]. There have been several protocols developed and implemented to assure the security of such communication. These protocols provide the security services of message confidentiality and message authentication for an e-mail message, basically. Some e-mail security protocols that have been developed include: Simple Mail Transfer Protocol (SMTP) [2], Multipurpose Internet Mail Extension (MIME), and its enhancement, known as Secure MIME (S/MIME) [3]. Other protocols are: Certified Exchange of Electronic Mail (CEEM) [4], Secure E-mail Protocol (SEP) [5], Privacy Enhanced Mail (PEM) [6] etc. We will implement PGP(Pretty Good Protocol) which is the most popular protocol used nowadays in order to provide email security over the network. Pretty Good Privacy (PGP) [7] is an integrated cryptographic system, invented by Phillip Zimmerman in 1991, in order to establish the integrity, authenticity, compactness, confidentiality, and compatibility of e-mail message communication. Since its invention, PGP has been one of the......

Words: 327 - Pages: 2