车衣 本章要点 15 PGP是保障电子邮件安全的免费开源软件包,提供使 用数字签名的认证、对称密码的保密、ZP的压缩、 基数64编码的兼容性,以及分段和组装长电子邮件的 功能。 ·PGP融合了开发公钥信任模型和公钥证书管理的工具 S/MlME是保障电子邮件安全的标准Internet协议,提 供了与PGP类似的功能。 平 2022/10/9 现代密码学理论与实践-15:电子邮件的安全 2/61
2022/10/9 现代密码学理论与实践-15:电子邮件的安全 2/61 本章要点 ⚫ PGP是保障电子邮件安全的免费开源软件包,提供使 用数字签名的认证、对称密码的保密、ZIP的压缩、 基数64编码的兼容性,以及分段和组装长电子邮件的 功能。 ⚫ PGP融合了开发公钥信任模型和公钥证书管理的工具 ⚫ S/MIME是保障电子邮件安全的标准Internet协议,提 供了与PGP类似的功能
安全电子邮件系统PGP (Pretty Good Privacy) 。PGP由个人发展起来 ●Phil Zimmermann(齐默尔曼) ·PGP为电子邮件和文件存储应用提供了认证和保密性服务 选择理想的密码算法 把算法很好地集成到通用应用中,独立于操作系统和微处理器 自由发放,包括文档、源代码等 ● 与商业公司(Network Associates)合作,提供一个全面兼容的、 低价位的商业版本PGP ·PGP历史 ● 1991年推出1.0版,1994年推出2.6版,现在9.6版等 算法的专利之争,困扰了3年多 与美国出口管理限制之争,长达5年时间的调查 2022/10/9 现代密码学理论与实践-15:电子邮件的安全 3/61
2022/10/9 现代密码学理论与实践-15:电子邮件的安全 3/61 安全电子邮件系统PGP (Pretty Good Privacy) ⚫ PGP由个人发展起来—— ⚫ Phil Zimmermann(齐默尔曼) ⚫ PGP为电子邮件和文件存储应用提供了认证和保密性服务 ⚫ 选择理想的密码算法 ⚫ 把算法很好地集成到通用应用中,独立于操作系统和微处理器 ⚫ 自由发放,包括文档、源代码等 ⚫ 与商业公司(Network Associates)合作,提供一个全面兼容的、 低价位的商业版本PGP ⚫ PGP历史 ⚫ 1991年推出1.0版,1994年推出2.6版,现在9.6版等 ⚫ 算法的专利之争,困扰了3年多 ⚫ 与美国出口管理限制之争,长达5年时间的调查
About Phil Zimmermann He was born in Camden,New Jersey.His father was a concrete mixer truck driver.Zimmermann received a B.S.degree in computer science from Florida Atlantic University in Boca Raton in 1978,and currently lives in the San Francisco Bay Area. In 1991,he wrote the popular Pretty Good Privacy(PGP)program,and made it available (together with its source code)through public FTP for download,the first widely available program implementing public-key cryptography.Shortly thereafter,it became available overseas via the Internet,though Zimmermann has said he had no part in its distribution outside the US. After a report from RSA Data Security,Inc.,who were in a licensing dispute with regard to use of the RSAalgorithm in PGP,the Customs Service started a criminal investigation of Zimmermann,for allegedly violating the Arms Export Control Act.The US Government had long regarded cryptographic software as a munition,and thus subject to arms trafficking export controls.At that time,the boundary between permitted ("low-strength")cryptography and impermissible ("high-strength")cryptography placed PGP well on the too-strong-to-export side (this boundary has since been relaxed).The investigation lasted three years,but was finally dropped without filing charges. In early 1996,Zimmermann founded PGP Inc.and released an updated version of PGP and some additional related products.That company was acquired by Network Associates(NAl)in December 1997,and Zimmermann stayed on for three years as a Senior Fellow.NAl decided to drop the product line and in 2002. PGP was acquired from NAl by a new company called PGP Corporation. Zimmermann now serves as a special advisor and consultant to that firm. Zimmermann is also a fellow at the Stanford Law School's Center for Internet and Society.He was a principal designer of the cryptographic key agreement protocol (the "association model")for the Wireless USB standard mn量 2022/10/9 现代密码学理论与实践-15:电子邮件的安全 4/61
2022/10/9 现代密码学理论与实践-15:电子邮件的安全 4/61 About Phil Zimmermann ⚫ He was born in Camden, New Jersey. His father was a concrete mixer truck driver. Zimmermann received a B.S. degree in computer science from Florida Atlantic University in Boca Raton in 1978, and currently lives in the San Francisco Bay Area. ⚫ In 1991, he wrote the popular Pretty Good Privacy (PGP) program, and made it available (together with its source code) through public FTP for download, the first widely available program implementing public-key cryptography. Shortly thereafter, it became available overseas via the Internet, though Zimmermann has said he had no part in its distribution outside the US. ⚫ After a report from RSA Data Security, Inc., who were in a licensing dispute with regard to use of the RSA algorithm in PGP, the Customs Service started a criminal investigation of Zimmermann, for allegedly violating the Arms Export Control Act. The US Government had long regarded cryptographic software as a munition, and thus subject to arms trafficking export controls. At that time, the boundary between permitted ("low-strength") cryptography and impermissible ("high-strength") cryptography placed PGP well on the too-strong-to-export side (this boundary has since been relaxed). The investigation lasted three years, but was finally dropped without filing charges. ⚫ In early 1996, Zimmermann founded PGP Inc. and released an updated version of PGP and some additional related products. That company was acquired by Network Associates (NAI) in December 1997, and Zimmermann stayed on for three years as a Senior Fellow. NAI decided to drop the product line and in 2002, PGP was acquired from NAI by a new company called PGP Corporation. Zimmermann now serves as a special advisor and consultant to that firm. Zimmermann is also a fellow at the Stanford Law School's Center for Internet and Society. He was a principal designer of the cryptographic key agreement protocol (the "association model") for the Wireless USB standard
海全系 15.1 PGP(Pretty Good Privacy) 15 。Philip R.Zimmerman的主要工作 ● 选择了最好的加密算法作为基础构件 ● 集成加密算法,形成通用的应用程序 ● 制作软件包和文档,包括源码,免费提供 ● 提供完全兼容的低价格的商用版本 ·PGP快速发展和流行的原因 。免费获得,运行于不同平台的多个版本 建立在普遍认为非常安全的算法的基础上,算法的安全性已 经得到了充分的论证,如公钥加密包括RSA、DSS、Diffie- Hellman,单钥加密包括CAST-128、IDEA、3DES、AES, 以及SHA-1散列算法 应用范围广泛,适用性强 不受任何组织和政府控制 2022/10/9 现代密码学理论与实践-15:电子邮件的安全 5/61
