Cryptography Reference
In-Depth Information
Now that we have described the basics of the fundamental protocols under-
lyingPGP, we look in detail at the various aspects of the message transfer and
reassembly, startingwith the components of the message itself.
Message Components
There are three basic components in a message
m
to be sent by Alice.
1.
Session Key
: This component has two facets. First there is Bob's identifier
I
e
B
for his public RSA key
e
B
, defined by
I
e
B
≡
e
B
(mod 2
64
), namely,
the least significant 64 bits of
e
B
. The identifier
I
e
B
is the most eJcient
means to transfer the key verifier to Bob that does not involve the use
of too much space or too much workload to do the verifying. (Note that
this identifier is essentially a probabilistic identifier in the sense that it is
possible for two different public keys to have the same least significant 64
bits, but the probability is very low given the bitlength involved.)
The second facet of the session key component is the session key
k
, itself.
2.
Signature
: This component has four facets. There is the timestamp
t
A
,
which corresponds to the creation time of Alice's signature. Then there
is the identifier
I
e
A
for Alice's public key, via
e
A
≡
I
e
A
(mod 2
64
) (see the
description of this device, presented for Bob's key, in part 1 above). Third,
there is the message digest,
h
(
t
A
,m
), which is formed (with
t
A
appended
to thwart replay attacks). Last, there are the two leadingbytes
L
1
and
L
2
,of
h
(
t
A
,m
), which allows Bob to ensure that the correct public key,
e
A
, was used to decipher the message for authentication. He does this
by comparingthe plaintext copy of these bytes with the first two bytes
of the deciphered message digest. (Note that in the previous discussion
and diagrams, we did not mention, explicitly, the timestamp in order to
simplify the presentation. Thus, we are assuming, tacitly, that it is present
and handled in the aforementioned fashion.)
3.
Message
: This is the component consistingof the messae data,
m
, itself,
accompanied by a timestamp,
t
m
, specifyingthe creation time of
m
,as
well as a filename
F
m
.
Both the message and signature components are ZIP compressed, then en-
ciphered with the session key. The session component together with the com-
pressed components are then converted to ASCII.
In Diagram 8.5, we are assuming that the (otherwise optional) operations of:
ensuringconfidentiality by forming
e
B
(
k
); ensuringauthentication by forming
d
A
(
m,h
(
t
A
,m
)); ZIP compression of the signature and message components is
carried out; and ASCII conversion is executed on all components. Each of the
symbols in the diagram are defined in the discussion preceding the diagram.
Each double box contains a set of operations to be carried out, and the nesting
of the boxes dictates the order of the operations from inner to outer.
Search WWH ::
Custom Search