digital certified mail

Digital Certified Mail Group 9

Baek Soo Kwak Department of Computer

Engineering San Jose State University

[email protected]

Ikwhan Chang Department of Computer

Engineering San Jose State University

[email protected]

ABSTRACT

We investigated on digital certified mail system and pretty good privacy protocol which is applied to the email security. Both email securing methodologies are implemented by NodeJS and deployed the basic mechanism to exchange the messages. Key security parts of digital certified mail are by using the oblivious transfer protocol which does not necessarily specify selection of keys and messages. Furthermore, PGP applied to email system was studied to be compared with the digital certified mail.

KEYWORDS RSA, AES, Asymmetric, Oblivious Transfer Protocol, Digital Certified Mail, Pretty Good Privacy

1 INTRODUCTION Today email is the most used media in

exchanging messages and information between people and groups. However, there are not many known efficient ways of securing the email system, since it is also one of the challenging parts due to trade-off among performance and security. In this project, we have done research on the digitally certified mail up to implementing the base algorithm and then, went through more on pretty good privacy (PGP) applied to the email system.

2 BACKGROUND Digital certified mail is one of the

suggested methods before, and it was invented in a few decades ago so, it would not be fully utilizing now. This is using a base protocol called oblivious transfer protocol, and the story should be started from the situation where signing contract over the network.

The best way must be a physical solution where two parties are sitting together to sign the contracts at the same time, and then exchange the signed documents in that place. However, the scenario needs to be modified when it is happening over the network. In general, fair exchange of keys and messages between sender and receiver are desired, but probably fail all or success all. The base of digitally certified mail system is from oblivious transfer protocol, and we tried to implement this algorithm by using NodeJS.

3 OBLIVIOUS TRANSFER PROTOCOL Oblivious Transfer Protocol has a

mechanism that a receiver wants to have a specific message from a sender without notifying the selection to the sender, and the sender transmits all encrypted messages based on the protocol oblivious to what receiver get as she/he want. The key security characteristic comes from the facts that the receiver and sender do not need to specify selection and keys, but they can do exchange what they want to transfer. Here is the description of basic 1-2 Oblivious Transfer Protocol to go for digitally certified mail system.

Figure 1: The basic steps of oblivious transfer protocol


2

Above table shows the steps for 1-2 oblivious transfer protocol that the sender has two messages m0 and m1, and the receiver has a selection bit b. Here the receiver wants to receive mb, without the sender knowing b, while the sender wants to make sure that the receiver receives only one of the two messages. The protocol can be instantiated using RSA encryption.

4 PRETTY GOOD PRIVACY PGP is a popular program used to encrypt and decrypt Internet e-mail. It can also be used to send an encrypted digital signature that identifies the identity of the sender so that it can be assured that the message has not changed in transit. PGP is a freeware, low-cost commercial version, and is the most widely used confidentiality program by individuals and businesses. This program was developed by Philip R. Zimmermann in 1991 and became the de facto standard in e-mail security. PGP can also be used to encrypt and store files so that they cannot be read by other users or intruders.

4.1 How it works PGP uses a variant of the public key system. In a public-key system, each user has a publicly known cryptographic key and only a private key known only to that user. The user encrypts the message he or she wants to send using the recipient's public key. When the recipient receives it, they decrypt it with their private key. Because encrypting the entire message can take time, PGP uses a faster encryption algorithm to encrypt the message and then uses the public key to encrypt the short key that was used to encrypt the entire message. Both the encrypted message and the short key are sent to the recipient who first uses his private key to decrypt the short key and then uses the short key to decrypt the entire message. PGP comes in two public-key versions: RSA and Diffie-Hellman. In the RSA version, the IDEA algorithm is used to generate the short key used to encrypt the entire message, and RSA is used to encrypt the short key. The Diffie-Hellman version uses the CAST algorithm for short keys to encrypt the entire message and uses the Diffie-Hellman algorithm to encrypt the short keys.

To send a digital signature, PGP uses an efficient algorithm to generate a hash code from the user's name and other signature information. This hash code is encrypted with the sender's private key. The recipient uses the sender's public key to decrypt the hash code. If it matches a hash code sent as an electronic signature for the message, the recipient can be assured that the message arrived safely from the sender who signed it. The RSA version of PGP uses the MD5 algorithm to generate hash codes. The Diffie-Hellman version of PGP uses the SHA-1 algorithm to generate hash codes. To use PGP, you must download it or purchase it and install it on your computer system. In general, it includes a user interface that works with your favorite e-mail program. Users need to register their public key with their PGP public key server so that people who will exchange messages with them will be able to find their public keys. Network Associates maintains an LDAP / HTTP public key server with 300,000 registered public keys. This server is mirrored to other sites around the world.

4.2 Where can I use PGP? Originally, the US government limited the export of PGP technology. However, PGP-encrypted e-mail today can also be exchanged with users outside the United States if they have the correct version of PGP on both sides. The international version of PGP is as secure as the national version used in the US, unlike most other encryption products. It is illegal to use freely available PGP freeware for commercial purposes, in which case you must purchase a commercial version from Network Associates (formerly PGP, Inc.). There are several versions of PGP currently in use. Additional programs are available to keep the new RSA version compatible with previous versions. However, PGP's Diffie-Hellman and RSA versions do not work together because they use different algorithms. This term was originally written by Sabrina Dei Giudici of Web Marketing, based in Western Australia. William Stallings's paper "Getting Cryptic - PGP or You and Me" is a great resource. PGP's homepage is now at Network Associates.

Digital Certified Mail San Jose State University, CMPE 209 Project,

Group 9

3

For more information about PGP, or to download the latest version, please visit International PGP Page.

5 IMPLEMENTATION 5.1. SW Specification - Backend/Frontend: Node.js v7.7.4 - Language: JavaScript - DBMS: Mongo DB v3.4.4 - Public Repository: https://github.com/IkwhanChang/certified-mail 5.2. How to run 1) Copy the source code: git clone https://github.com/IkwhanChang/certified-mail 2) Install the dependencies: npm install 3) Install MongoDB by using instruction manual: https://docs.mongodb.com/manual/installation/ 4) Run the MongoDB: sudo mongod and create the database of “Mail” 5) Run the server: node receiver.js 6) Connect the GUI: http://localhost:5001 7) Compose any email and see the console output 5.3 SW Architecture

Figure 2. Software Architecture

In our project, we used node.js and express.js To use the RSA algorithm; we use the node-rsa (https://github.com/rzcoder/node-rsa) 5.4 User Interface We have three GUI user interface: 1) Inbox: to see every email that received from the start 2) Compose: to compose the email with WYSIWYG text editor 3) View: to see specific email

Figure 3. Inbox

Figure 4. Compose Email

Figure 5. View Mail

5.5 Algorithms and Code - Step 1 – Alice send the N, e, x1, x2

Table 1. Step 1


4

In this logic, Alice will create the RSA key pair and send the public portion (N, e) and two random messages generated by Alice to the Bob. Thus, Bob will receive (N, e) and x0 and x1 Related Source Code function alice_1(msg) { console.log("\n\n============= ALICE STEP #1 ================"); console.log("============= MSG : "+msg.trim() + "================"); m0 = a2hex(msg.trim().split(' ')[0]); m1 = a2hex(msg.trim().split(' ')[1]); console.log(""); console.log("m0 : "+m0); console.log("m1 : "+m1); var key = new NodeRSA({b: 16}); var bit = 2048; var exp = 65537; console.log(""); console.log("Bit: "+ bit); console.log("Exp: "+ exp); key.generateKeyPair(bit, exp); console.log(""); console.log("=> PUBLIC/PRIVATE KEY"); console.log(key.exportKey('pkcs1')); console.log(key.exportKey('components')); private_D =key.exportKey('components').d; public_N = key.exportKey('components').n; public_E = key.exportKey('components').e; // Alice's public N, e => Bob console.log(""); console.log("[TRANSFER] Alice's public N, e => Bob"); return bob_1(key.exportKey('components').n, key.exportKey('components').e); } In above code, the message will be split by space (e.g. original message: Hello World, split message: Hello / World) Then, we will convert that message from ASCII to Hex for calculating. Afterward, RSA key pair will be generated by using the node-RSA library and the definition of bit and exponent (in this example, 65537 of the exponent) Finally, Alice is ready to send the public key pairs.

Figure 6. Console result of step 1

- Step 2: Bob select b and either x0 or x1, generate v and send v to the Alice

Table 2. Step 2

In this step, first Bob need to select either x0 or x1 that received from Alice. Once Bob select, the selected xb will be used for creating the v by using equation of v = (xb + k^e) mod N. Finally, the N will be sent to the Alice. Related Source Code function bob_1(public_N, public_E){ console.log("\n\n============= BOB STEP #1 ================"); console.log("[RECEIVED] public_N: "+public_N.readInt32BE()); console.log("[RECEIVED] public_E': "+public_E); //var private_D =key.exportKey('components').d; // BOB //var public_N = key.exportKey('components').n; //var public_E = key.exportKey('components').e; var x0 = makeid(); var x1 = makeid(); console.log("\nx0: "+ x0); console.log("x1: "+ x1);


Group 9

5

var xb; var b = Math.random() < 0.5 ? 1 : 0; console.log("\nChoose b in {0,1}: "+ b); if(b === 0){ xb = x0; console.log("Xb: x0"); }else{ xb = x1; console.log("Xb: x1"); } var k = 1;//Math.floor(Math.random() * 20)/100; //console.log(parseInt(xb, 16)); var v = (parseInt(xb, 16) + math.mod(Math.pow(k, public_E), public_N.readInt32BE())); console.log("\nv: "+v); console.log("\n[TRANSFER] Bob's v, x0, x1 => Alice"); return alice_2(v, x0, x1); } In the above code, we used static k of 1 because since we have a large number of the exponent (in this example 65531), it took a long time to calculate the v . Plus, we used the HEX to calculate every key since we have a large number of the original message.


- Step 3: Alice generate k0 and k1, send them to the Bob, and get the original split message

Table 3. Step 3

In this final step, Alice will create k0 and k1 by using the v that received in the previous step. Once Alice calculates k0 and k1, then m'0 and m'1 can be created. Then, Alice sends those extra messages to the Bob. Once Bob received the k0 and k1, Bob can simply compare with k that he randomly selected in the previous step. If either m'0 or m'1 is null or infinity number, then we can simply know which m is the original message. Finally, Bob can know the original split message. Related Source Code function alice_2(v, x0, x1) { console.log("\n\n============= ALICE STEP #2 ================"); console.log("[RECEIVED] v: "+v); console.log("[RECEIVED] x0': "+x0); console.log("[RECEIVED] x1': "+x1); // ALICE //var public_N = key.exportKey('components').n; var k0 = Math.pow((v - parseInt(x0, 16)), private_D.readInt32BE()); var k1 = Math.pow((v - parseInt(x1, 16)), private_D.readInt32BE()); console.log("\nprivate_D "+private_D.readInt32BE()); console.log("k0: "+k0); console.log("k1: "+k1); var m0_ = parseInt(m0, 16) + parseInt(k0, 16); var m1_ = parseInt(m1,16) + parseInt(k1, 16); console.log(" \nm0': "+m0_); console.log("m1': "+m1_); //console.log(m0_); //console.log((m1_ - parseInt(k1, 16)).toString(16)); console.log("\n[TRANSFER] Alice's created m0', m1' => Bob");


6

return bob_2(m0_, m1_, k0, k1); } function bob_2(m0_, m1_, k0, k1){ console.log("\n\n============= ALICE STEP #2 ================"); console.log("[RECEIVED] m0': "+m0_); console.log("[RECEIVED] m1': "+m1_); var mb; //console.log(mb); if(isNaN(m0_)){ mb = (m1_ - parseInt(k1, 16)).toString(16); }else{ mb = (m0_ - parseInt(k0, 16)).toString(16); } console.log("\nmb: "+m1_); console.log("\nmb.toString() (Bob's decrypted message) : "+hex2a(mb)); //console.log(hex2a(mb)); return hex2a(mb); } The final result is hex2a(mb) (hex2a() is convert from hex to ASCII)


Appendix A. Full Source Code

Frontend Script.js $(document).ready(function(){ 'use strict'; $("#btn_send").click(function(e){ //alert($("#email-editor").html()); //alert($("#email-editor").code()); $.get("/send", { subject: $("#subject").val(), text: $("#email-editor").code() }, function(response){ location.href = '/'; }); e.preventDefault(); }); $.get("/getAll", function(response){ console.log(response); $.each(response, function(key, value){ $(".email-list").append('<div class="item" onclick="location.href=\'/view/'+value._id+'\'"><div><div class="am-checkbox"><input id="check3" type="checkbox"><label for="check3"></label></div></div><div><span class="date pull-right"><i class="icon s7-paperclip"></i>'+value.published_date.substring(0,10)+'</span><h4 class="from">Alice Lee</h4><p class="msg">'+value.subject+'</p></div></div>'); }); }); }); Backend Server.js var express = require('express'); var app = express(); var mongoose = require('mongoose'); var NodeRSA = require('node-rsa'); // DEFINE MODEL var Mail = require('./mail'); var math = require('mathjs'); // CONNECT TO MONGODB SERVER var db = mongoose.connection; db.on('error', console.error); db.once('open', function(){ // CONNECTED TO MONGODB SERVER


Group 9

7

console.log("Connected to mongod server"); }); mongoose.connect('mongodb://localhost/Mail'); app.set('port', (process.env.PORT || 5001)); app.use(express.static(__dirname + '/public')); // views is directory for all template files app.set('views', __dirname + '/views'); app.set('view engine', 'ejs'); app.get('/', function(request, response) { response.render('pages/inbox'); }); app.get('/compose', function(request, response) { response.render('pages/compose'); }); app.get('/view/:id', function(request, response) { Mail.findOne({_id: request.params.id}, function(err, email){ if(err) return res.status(500).send({error: 'database failure'}); console.log(email.subject); response.render('pages/view', {subject: email.subject, text: email.text}); //response.json(mails); }) }); app.get('/getAll', function(request, response) { Mail.find(function(err, mails){ if(err) return res.status(500).send({error: 'database failure'}); response.json(mails); }) }); var private_D, public_N, public_e; var m0, m1; function alice_1(msg) { console.log("\n\n============= ALICE STEP #1 ================");

console.log("============= MSG : "+msg.trim() + "================"); m0 = a2hex(msg.trim().split(' ')[0]); m1 = a2hex(msg.trim().split(' ')[1]); console.log(""); console.log("m0 : "+m0); console.log("m1 : "+m1); var key = new NodeRSA({b: 16}); var bit = 2048; var exp = 65537; console.log(""); console.log("Bit: "+ bit); console.log("Exp: "+ exp); key.generateKeyPair(bit, exp); console.log(""); console.log("=> PUBLIC/PRIVATE KEY"); console.log(key.exportKey('pkcs1')); console.log(key.exportKey('components')); private_D =key.exportKey('components').d; public_N = key.exportKey('components').n; public_E = key.exportKey('components').e; // Alice's public N, e => Bob console.log(""); console.log("[TRANSFER] Alice's public N, e => Bob"); return bob_1(key.exportKey('components').n, key.exportKey('components').e); } function bob_1(public_N, public_E){ console.log("\n\n============= BOB STEP #1 ================"); console.log("[RECEIVED] public_N: "+public_N.readInt32BE()); console.log("[RECEIVED] public_E': "+public_E); //var private_D =key.exportKey('components').d; // BOB //var public_N = key.exportKey('components').n; //var public_E = key.exportKey('components').e; var x0 = makeid(); var x1 = makeid(); console.log("\nx0: "+ x0);


8

console.log("x1: "+ x1); var xb; var b = Math.random() < 0.5 ? 1 : 0; console.log("\nChoose b in {0,1}: "+ b); if(b === 0){ xb = x0; console.log("Xb: x0"); }else{ xb = x1; console.log("Xb: x1"); } var k = 1;//Math.floor(Math.random() * 20)/100; //console.log(parseInt(xb, 16)); var v = (parseInt(xb, 16) + math.mod(Math.pow(k, public_E), public_N.readInt32BE())); console.log("\nv: "+v); console.log("\n[TRANSFER] Bob's v, x0, x1 => Alice"); return alice_2(v, x0, x1); } function alice_2(v, x0, x1) { console.log("\n\n============= ALICE STEP #2 ================"); console.log("[RECEIVED] v: "+v); console.log("[RECEIVED] x0': "+x0); console.log("[RECEIVED] x1': "+x1); // ALICE //var public_N = key.exportKey('components').n; var k0 = Math.pow((v - parseInt(x0, 16)), private_D.readInt32BE()); var k1 = Math.pow((v - parseInt(x1, 16)), private_D.readInt32BE()); console.log("\nprivate_D "+private_D.readInt32BE()); console.log("k0: "+k0); console.log("k1: "+k1); var m0_ = parseInt(m0, 16) + parseInt(k0, 16); var m1_ = parseInt(m1,16) + parseInt(k1, 16); console.log(" \nm0': "+m0_); console.log("m1': "+m1_); //console.log(m0_); //console.log((m1_ - parseInt(k1, 16)).toString(16));

console.log("\n[TRANSFER] Alice's created m0', m1' => Bob"); return bob_2(m0_, m1_, k0, k1); } function bob_2(m0_, m1_, k0, k1){ console.log("\n\n============= ALICE STEP #2 ================"); console.log("[RECEIVED] m0': "+m0_); console.log("[RECEIVED] m1': "+m1_); var mb; //console.log(mb); if(isNaN(m0_)){ mb = (m1_ - parseInt(k1, 16)).toString(16); }else{ mb = (m0_ - parseInt(k0, 16)).toString(16); } console.log("\nmb: "+m1_); console.log("\nmb.toString() (Bob's decrypted message) : "+hex2a(mb)); //console.log(hex2a(mb)); return hex2a(mb); } var public_key; app.get('/send', function(request, response) { //response.render('pages/inbox'); //console.log(request.query.subject); // Original Message var msg = request.query.text; var decrypted_msg = alice_1(msg); var mail = new Mail({ subject: request.query.subject, text: decrypted_msg }); mail.save(function(err){ if(err){ console.error(err); response.json({ msg: "ERR"}); return; }


Group 9

9

response.json({ msg: "OK"}); }); }); function makeid() { var text = ""; var possible = "ABCDEFGabcdef0123456789"; for( var i=0; i < 2; i++ ) text += possible.charAt(Math.floor(Math.random() * possible.length)); return text; } function a2hex(str) { var arr = []; for (var i = 0, l = str.length; i < l; i ++) { var hex = Number(str.charCodeAt(i)).toString(16); arr.push(hex); } return arr.join(''); } function hex2a(hexx) { var hex = hexx.toString();//force conversion var str = ''; for (var i = 0; i < hex.length; i += 2) str += String.fromCharCode(parseInt(hex.substr(i, 2), 16)); return str; } app.listen(app.get('port'), function() { console.log('Node app is running on port', app.get('port')); });

REFERENCES [1] Michael O. Rabin. 1981. How to exchange secrets by

oblivious transfer. Technical Report TR-81, Aiken Computation Laboratory, Harvard University

[2] S. Even, O. Goldreich, and A. Lempel. 1985. A Randomized Protocol for Signing Contracts, Communications of the ACM, Volume 28, Issue 6, pg. 637–64

[3] Zimmermann, Philip R. 1999. Why I Wrote PGP. Essays on PGP. Philip Zimmermann