E-mail is convenient, fast and low-cost. It can not only transmit text information, but also attach functions such as images and sounds, which makes e-mail more and more popular.

1 mail transmission process

E-mail is sent and received through SMTP and POP protocols. However, due to the openness of the Internet, the content of e-mail is transmitted in clear text on the Internet. This makes people have to consider security factors when using e-mail, so how to ensure the confidentiality, integrity, authenticity and non-repudiation of e-mail is particularly important.

Introduction to 2 PGP

In order to make e-mail run safely on the Internet, some secure e-mail standards have been developed: PGP and S/MIME. Among them PGP is widely used.

PGP (Pretty Good Privacy) was developed by American Phil Zimmermann. It is composed of many encryption algorithms (IDEA, RSA, MD5, random number generation algorithm), which can not only realize the confidentiality function of the email, but also digitally sign the email, so that the recipient can accurately judge whether the email has been illegally tampered with during transmission.

Working principle of 3 PGP

3. 1 IDEA algorithm

IDEA belongs to symmetric encryption algorithm, that is, the encryption key and decryption key are the same. The specific algorithm rule is that every 64 blocks of input data are divided into 4 groups, and each group has 16 bits as the input of the first round. After multiplication, addition, XOR and other operations, four subgroups are formed, and the middle two blocks are exchanged as the input of the next round. After eight rounds of operation,

3.2 RSA algorithm

RSA belongs to asymmetric encryption algorithm, also known as public key algorithm, that is, the encryption key is different from the decryption key, and the encryption key can be completely disclosed. However, because there is no decryption key, even if the illegal person steals the ciphertext and the encryption key of the sender, he can't view the content, which solves the key management problem in symmetric encryption. The security of RSA depends on the factorization of large numbers, which is a mathematical problem.

RSA algorithm description:

1) choose two large prime numbers p and q at will, where p is not equal to q, and q and p are kept secret;

2) calculate n = pq.

3) Euler function, φ(n) = (p- 1)(q- 1), where n is public and φ(n) is confidential;

4) Choose a positive integer E less than φ(n), which satisfies gcd(e, φ(n))= 1, and E is the public encryption key;

5) calculate d, which satisfies de≡ 1(modφ(n)), and d is the secret decryption key;

6) encryption transformation: for plaintext m∈Zn, the ciphertext is c = me mod n；;

7) decryption transformation: ciphertext C∈Zn, plaintext M = CD mod n；;

Because the operation involved in RSA is very complicated and the operation speed is very slow, RSA algorithm is only suitable for encrypting a small amount of data, such as digital signature. Generally speaking, if you want to encrypt a lot of information, you still need to use symmetric encryption algorithm, because symmetric encryption is much faster than public key encryption.

3.3 MD5 algorithm

MD5 is a hash function, which can compress an input of any length into an output of a fixed length, and has the one-way characteristics of many to one. It can be used for digital signature, integrity detection and so on.

4 services provided by PGP

The services provided by PGP include authentication, encryption, compression, email compatibility and radix -64 conversion.

4. 1 certification

The authentication steps are as follows: ① the sender creates information m; ② The sender uses MD5 algorithm to generate a message digest H with 128 bits; (3) The sender encrypts H, M‖ER connection with his own private key through RSA algorithm and compresses it to get Z; (4) sending Z through the Internet; ⑤ After receiving the message, the receiver decompresses Z- 1 first, decrypts it with the sender's public key through RSA algorithm, calculates the message digest H with the received m, compares the two H's, and if they are the same, receives them, otherwise it means that they have been tampered with and rejected.

4.2 encryption

Encryption step: the sender compresses the message M, encrypts it with the IDEA algorithm, encrypts the key with the public key of the receiver, and sends it after connecting with M. The receiver decrypts it with RSA algorithm to obtain the session key, and decrypts and decompresses it according to the IDEA algorithm to reach the original text.

In the process of encryption, because there are many relative contents of information, symmetric encryption algorithm is used to encrypt the information, and asymmetric encryption algorithm RSA with high security strength is used to encrypt the key. The combination of IDEA and RSA not only improves the security of mail transmission, but also shortens the encryption and decryption time.

4.3 compression

PGP uses ZIP algorithm to compress information, which not only saves storage space, but also saves time during transmission. In addition, compressing information before encryption is equivalent to a transformation, which enhances its security.

4.4 Compatibility with E-mail

Because e-mail only allows ASC strings, and PGP's output is 8-bit strings, in order to be compatible with e-mail, PGP uses radix -64 transformation to convert the output 8-bit strings into printable ASCII strings.

4.5 PGP message segmentation and reorganization

There is a limit to the length of message content in e-mail. When it is longer than the specified length, it needs to be segmented, and the segmentation will be carried out after all processing is completed, so the session key and signature appear at the beginning of the first segment. At the receiving end, PGP will be reorganized into the original information.

5 PGP security analysis

Because PGP is a hybrid cryptosystem, its security lies in the security analysis of IDEA, RSA and MD5 algorithms.

5. 1 Safety of concept

PGP adopts 64-bit CFB mode of IDEA. Many researchers analyzed the weakness of IDEA, but they didn't find a way to decipher it. It can be seen that the IDEA algorithm is relatively safe, and its attack mode is only "direct attack" or "key exhaustion" attack. (Author: Zhong Zexiu) 5.2 RSA security

RSA algorithm is an asymmetric cryptosystem, and its security is based on the difficulty of prime number decomposition of large integers. After long-term research, no effective solution has been found. This is a mathematical problem. So RSA public key cryptosystem is a mathematical problem based on factorization of large numbers.

Assuming that the cryptanalyst can get P and Q through the factorization of N, he can easily get the Euler function φ(n) and the decryption key D, thus decrypting RSA. So it is more difficult to decipher RSA than to factorize n.

Assuming that the cryptanalyst can find the Euler function φ(n) without decomposing n, he can get the decryption key D according to de≡ 1(modφ(n)), thus decrypting RSA, because p+q=n-φ(n)+ 1, p-q = sqr (p).

If the cryptanalyst can get the decryption key D directly without factorizing N or asking φ(n), then he can calculate ed- 1, where ed- 1 is a multiple of Euler function φ(n), because the factor of N can be easily decomposed by using the multiple of φ(n). Therefore, it is more difficult to directly calculate the decryption key d than to factorize n.

Although the greater the N, the higher its security, but because it involves complex mathematical operations, it will affect the running speed, so in our practical application, if we decide the size of N to make it safe and not too slow, then the current length of N is 1024 bits to 2048 bits.

The researchers suggest that when using RSA algorithm, in addition to specifying the length of n, P and Q should also be restricted: ① the sizes of P and Q should be similar; ② both p-1and q- 1 should contain large prime factors; ③gcd(p- 1, q- 1) should be very small.

5.3 MD5 security

MD5 is developed on the basis of MD4, and used in PGP for one-way conversion of user passwords and one-way hash algorithm of information signature. Its security lies in that messages with arbitrary input length can be converted into fixed-length outputs. At present, direct attacks on one-way hash include ordinary direct attacks and "birthday attacks".

In cryptography, there is a saying: never underestimate the ability of a cryptanalyst. This will also be a contest between password designers and password analysts. In fact, an absolutely unbreakable cryptographic system does not exist in theory. Therefore, in practical application, after a cryptographic system is used for a period of time, some new parameters will be changed or a new cryptographic system will be replaced. Of course, the key will change frequently. It can be seen that although PGP software has brought security to our e-mail, it is not eternal, and may be replaced by new secure e-mail products in the near future because of its weaknesses.