BAIT2023 Introduction

to Internet Security
Tutorial 5
1. What is R64 conversion?

R64 converts a raw 8-bit binary stream to a stream of printable

ASCII characters. Each group of three octets of binary data is
mapped into four ASCII characters.
2. Why is R64 conversion useful for an e-mail application?

When PGP is used, at least part of the block to be transmitted

is encrypted. If only the signature service is used, then the
message digest is encrypted (with the sender's private key). If
the confidentiality service is used, the message plus signature
(if present) are encrypted (with a one-time symmetric key).
Thus, part or the entire resulting block consists of a stream of
arbitrary 8-bit octets. However, many electronic mail systems
only permit the use of blocks consisting of ASCII text
3. Why is segmentation and reassembly function in PGP
needed?

E-mail facilities often are restricted to a maximum message

length.
4. What is MIME?

MIME is an extension to the RFC 822 framework that is

intended to address some of the problems and limitations of
the use of SMTP (Simple Mail Transfer Protocol) or some other
mail transfer protocol and RFC 822 for electronic mail.
5. What is S/MIME?

• S/MIME (Secure/Multipurpose Internet Mail Extension) is a

security enhancement to the MIME Internet e-mail format
standard, based on technology from RSA Data Security.
6. Pretty Good Privacy (PGP) provides FIVE (5) services that are essential to email
security. Briefly explain these FIVE (5) services and provide each with ONE (1) algorithm
example.

Authentication: The assurance that the communicating entity

is the one that it claims to be.
• Example: Digital Signature

Confidentiality: The protection of data from unauthorized

disclosure.
• Example: Message encryption
Compression: Compresses the message after applying the signature but
before encryption. This has the benefit of saving space both for e-mail
transmission & for file storage.
• Example: Zip file

E-mail compatibility: Many e-mail systems only permit the use of blocks
consisting of ASCII text. To accommodate this restriction, PGP provides
the service of converting its binary stream to a stream of printable ASCII
characters.
• Example: Radix-64 conversion

Segmentation & Reassembly: PGP automatically subdivides a message

that is too large into segments small enough to send via e-mail. This is to
ease the transmitting process of the message.
• Example: Done independently by PGP application.
7. Pretty Good Privacy (PGP) provides a confidentiality and authentication service that can be used
for e-mail and file storage applications. 5 operational services such as Authentication, Confidentiality,
Compression, Email-compatibility and Segmentation & Reassembly are important to PGP.
i. Give THREE (3) reasons to support the importance of
Segmentation & Reassembly in Pretty Good Privacy (PGP).

• E-mail facilities often are restricted to a maximum message

length of 50,000 octets.
• Longer messages must be broken up into segments, which is
mailed separately.
• PGP automatically subdivides a message that is too large into
segments small enough to send via e-mail.
• The segmentation is done after all of other processing,
including the radix-64 conversion.
• The receiver strips off all e-mail headers and reassemble the
block.
ii. Why does Pretty Good Privacy (PGP) generate a signature
before applying compression?

• The signature that embedded in the message is more secure.

• The size of the message with signature can be reduced after
compression