HW02-EncryptedEMail.pdf - CIS350 HW 02 Encrypted and...

This preview shows page 1 - 3 out of 21 pages.

CIS350 HW 02Encrypted and Authenticated Email using Thunderbird, Enigmail, and OpenPGPOverviewThe prevalence of the Internet has given rise to an array of hackers and phishers who couldillegitimatelymake use of your information. As you make electronic purchases or access your accountthrough onlinebanking, you could be at risk of identity theft, loss of privacy (if you have any or if youcare aboutprivacy), or worse. Even information stored locally on your personal computer, laptop,tablet, or phonecould be vulnerable.However, one way to minimize these risks is to use encryption and authentication techniques. A public-key (or asymmetric) encryption system, that uses a public-private key pair, is probably the mostcommon such approach.We will talk in much more detail about these encryption technologies later in the semester. But fornow, it is sufficient to know that the person who has a public-private key-pair must at almost all costsmake sure that their private key is kept private and secret from everyone else.HOW DOES ENCRYPTION WORK?If someone (say it is Alice) shares her public key with someone else (say it is Bob), then Bob can useAlice’s public key to encrypt information and send it securely to Alice. Bob and Alice can also use theirprivate keys, along with some other techniques, to send authentication information so that therecipientis confident that the information they have received came from the source they think it camefrom andthat it was not changed while in transit. In all cases, each person keeps their private key secretfrom *everyone* else. Public keys can be shared in many ways, printed on business cards, included one-mailsignatures, posted on web sites, and published in publicly-accessible databases sometimesknown as keyservers, for example.In this assignment, you will practice using secure and authenticated e-mail using the RSA public-key(asymmetric) encryption system ((algorithm)).This is an individual assignment.The information below provides a step-by-step guide on how to:1.Set up an email account in Thunderbird - an email application that accommodates encryption2.Create a key pair (public and private)3.Create a revocation certificate – to revoke your keys if necessary4.Save the public and private keys, and revocation certificate to a backup location - in case youneedto recover your encrypted account or keys5.Upload a public key to the keyserver - so others can encrypt their messages to you
6.Send an encrypted emailThere are a lot of detailed steps in this assignment, and can be easy to make mistakes at any one or moresteps along the way.If you do make mistakes, in the worst case things will not work, and in the best case youmay have to redo all or part of what you have done up to that point. So pay attention to the details, You mustget everything right before completing this assignment. (If you do not get it completed fully and correctly

Upload your study docs or become a

Course Hero member to access this document

Upload your study docs or become a

Course Hero member to access this document

End of preview. Want to read all 21 pages?

Upload your study docs or become a

Course Hero member to access this document

Term
Summer
Professor
NoProfessor
Tags
E mail

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture