SECURE EMAIL SYSTE M & DEVELOPING A SECURE CHAT

APPLICATION USING ASYMMETRIC AND SYMMETRIC ENCRYPTION PROJECT

CRYP TO G RAPH Y P RINCIPL ES A N D P R ACTIC ES

SECU RE EMAI L SY STEM

&

DEV ELO PING A SE CURE CH AT

APPLIC ATIO N USI NG ASYMMETRIC AND S YMMETRIC ENCR YPTIO N

PRO J ECT

PREPA RED BY

NOUR HUW IO | YA R A AL -JAMMAL | LA MA HAMAD

20200619 | 20200717 |2020 1100

SUPERV I SED BY

DR. MUST AFA AL - F AYOUM I

SECURE EMAIL SYSTE M & DEVELOPING A SECURE CHAT

APPLICATION USING ASYMMETRIC AND SYMMETRIC ENCRYPTION PROJECT

Introduction
In the current digital era, ensuring secure communication is vital due to increasing cyber threats. Protecting
sensitive data has become a top priority. Secure email systems utilize advanced encryption, strong
authentication, and rigorous security protocols to protect confidential communications. This introduction
discusses the essential features and advantages of secure email systems in preserving the integrity and
confidentiality of digital exchanges.

Task 1 – Setting Up The Environment

This task involved setting up the environment necessary for the secure email system project. Initially,
Mozilla Thunderbird, or another preferred PGP-compatible email client, was downloaded and installed by
the students.
SECURE EMAIL SYSTE M & DEVELOPING A SECURE CHAT

APPLICATION USING ASYMMETRIC AND SYMMETRIC ENCRYPTION PROJECT

Subsequently, an email account was configured for use in the project. This setup was essential to ensure
that all participants had the necessary tools and access to engage in the subsequent phases of the project,
focusing on encryption techniques and security testing.

First Party [nou@20200619@std.psut.edu.jo]

SECURE EMAIL SYSTE M & DEVELOPING A SECURE CHAT

APPLICATION USING ASYMMETRIC AND SYMMETRIC ENCRYPTION PROJECT

Second Party [yar20200717@std.psut.edu.jo]

SECURE EMAIL SYSTE M & DEVELOPING A SECURE CHAT

APPLICATION USING ASYMMETRIC AND SYMMETRIC ENCRYPTION PROJECT

Task 2 - Setting Up OpenPGP

PGP keys were created or imported using Thunderbird’s integrated OpenPGP feature or another chosen
tool. The process of key creation was documented, and public keys were exchanged among group members.
First Party [nou20200619@std.psut.edu.jo]

• OpenPGP Key Generation for The First Party

The Account Settings were accessed, and "End-to-End Encryption" was selected. The "Add Key"
button was clicked, followed by "Generate" and "New Key Pair." The name and email were
entered, the key type and length were chosen, an optional expiration date was set, and a strong
passphrase was created.
SECURE EMAIL SYSTE M & DEVELOPING A SECURE CHAT

APPLICATION USING ASYMMETRIC AND SYMMETRIC ENCRYPTION PROJECT

First Party [nou20200619@std.psut.edu.jo] – cont.

SECURE EMAIL SYSTE M & DEVELOPING A SECURE CHAT

APPLICATION USING ASYMMETRIC AND SYMMETRIC ENCRYPTION PROJECT

Second Party [yar20200717@std.psut.edu.jo]

• OpenPGP Key Generation For The Second Party

The Account Settings were accessed, and "End-to-End Encryption" was selected. The "Add Key"
button was clicked, followed by "Generate" and "New Key Pair." The name and email were entered,
the key type and length were chosen, an optional expiration date was set, and a strong passphrase
was created.
SECURE EMAIL SYSTE M & DEVELOPING A SECURE CHAT

APPLICATION USING ASYMMETRIC AND SYMMETRIC ENCRYPTION PROJECT

Second Party [yar20200717@std.psut.edu.jo] – cont.

SECURE EMAIL SYSTE M & DEVELOPING A SECURE CHAT

APPLICATION USING ASYMMETRIC AND SYMMETRIC ENCRYPTION PROJECT

Exporting The Public Keys Between Both Parties

The keys were exported in Thunderbird by accessing the OpenPGP Key Manager, selecting the
desired key, and choosing the export option. The keys were then saved to a file for distribution and
backup purposes.
SECURE EMAIL SYSTE M & DEVELOPING A SECURE CHAT

APPLICATION USING ASYMMETRIC AND SYMMETRIC ENCRYPTION PROJECT

Importing The Public Keys Between Both Parties

The keys were imported into Thunderbird by accessing the OpenPGP Key Manager, selecting the
import option, and choosing the key file from the storage location. The keys were successfully
added to Thunderbird for use in secure email communications.

First Party [nou20200619@std.psut.edu.jo]

The First Party Imported The Second Party’s Public Key

Second Party [yar20200717@std.psut.edu.jo]

The Second Party Imported The First Party’s Public Key

SECURE EMAIL SYSTE M & DEVELOPING A SECURE CHAT

APPLICATION USING ASYMMETRIC AND SYMMETRIC ENCRYPTION PROJECT

The Public Keys Were Successfully Exchanged And Imported Between Both Parties
First Party [nou20200619@std.psut.edu.jo]
The Public Key Of The Second Party Was Imported

Second Party [yar20200717@std.psut.edu.jo]

The Public Key Of The First Party Was Imported
SECURE EMAIL SYSTE M & DEVELOPING A SECURE CHAT

APPLICATION USING ASYMMETRIC AND SYMMETRIC ENCRYPTION PROJECT

Task 3 - Sending and Receiving Encrypted Messages

Detailed Process of Encrypting, Sending, Receiving, and Signing Messages Using Thunderbird

Encrypt and Send Messages

From [nou20200619@std.psut.edu.jo]→[yar20200717@std.psut.edu.jo]

Writing and Sending an Encrypted and Signed Email

→ A new email was composed in Thunderbird by the first party

[nou20200619@std.psut.edu.jo].
→ The recipient’s email address was entered, and the subject and body of the email were
filled in as usual.
→ Before sending, both the encryption and signing options were selected, it was done by
clicking on the padlock icon for encryption and the pen icon for signing in the email
composition window.

→ The "Send" button was clicked

→ Thunderbird used the recipient’s [yar20200717@std.psut.edu.jo] public key to encrypt
the email and the sender’s [nou20200619@std.psu.tedu.jo] private key to digitally sign
the message automatically.
SECURE EMAIL SYSTE M & DEVELOPING A SECURE CHAT

APPLICATION USING ASYMMETRIC AND SYMMETRIC ENCRYPTION PROJECT

Receive and Decrypt Messages

Receiving and Decrypting the Email

→ The recipient [yar20200717@std.psut.edu.jo] received the encrypted and signed email

in their Thunderbird inbox. Upon opening the email, Thunderbird automatically used
the recipient’s [yar20200717@std.psut.edu.jo] private key to decrypt the message and
verified the digital signature using the sender’s [nou20200619@std.psut.edu.jo] public
key.
→ Since Thunderbird is configured to decrypt messages by default, the recipient saw the
decrypted content and the signature verification status without needing to take any
additional steps.

Sign and Verify Messages

Verifying the Signatures of Received Emails

→ The recipient [yar20200717@std.psut.edu.jo] received the signed and encrypted

email in Thunderbird. Upon opening the email, Thunderbird displayed a notification
indicating the validity of the signature, confirming that the email had not been
tampered with and that it indeed came from the stated sender
[nou20200619@std.psut.edu.jo].
SECURE EMAIL SYSTE M & DEVELOPING A SECURE CHAT

APPLICATION USING ASYMMETRIC AND SYMMETRIC ENCRYPTION PROJECT

→ To ensure the highest level of trust, the recipient [yar20200717@std.psut.edu.jo] used

the "Yes, I've verified in person this key has the correct fingerprint." option in
Thunderbird. This option confirms that the public key used to verify the signature is
genuinely associated with the sender [nou20200619@std.psut.edu.jo].
→ This step usually involves verifying the key's fingerprint through a secure channel,
such as an in-person meeting or a trusted phone call, to ensure the key has not been
compromised.

Through this process, secure and authenticated communication was achieved between the
sender [nou20200619@std.psut.edu.jo] and the receiver [yar20200717@std.psut.edu.jo].
Thunderbird facilitated the encryption, decryption, and signature verification seamlessly,
ensuring that sensitive information remained protected and the integrity and authenticity
of the emails were maintained.
SECURE EMAIL SYSTE M & DEVELOPING A SECURE CHAT

APPLICATION USING ASYMMETRIC AND SYMMETRIC ENCRYPTION PROJECT

Encrypt and Send Messages

From [yar20200717@std.psut.edu.jo]→[nou20200619@std.psut.edu.jo]

Writing and Sending an Encrypted and Signed Email

→ A new email was composed in Thunderbird by the first party

[yar20200717@std.psut.edu.jo].
→ The recipient’s email address was entered, and the subject and body of the email were
filled in as usual.
→ Before sending, both the encryption and signing options were selected, it was done by
clicking on the padlock icon for encryption and the pen icon for signing in the email
composition window
→ The "Send" button was clicked
→ Thunderbird used the recipient’s [nou20200619@std.psut.edu.jo] public key to encrypt
the email and the sender’s [yar20200717@std.psu.tedu.jo] private key to digitally sign
the message automatically.

Receive and Decrypt Messages

Receiving and Decrypting the Email

→ The recipient [nou20200619@std.psut.edu.jo] received the encrypted and signed email

in their Thunderbird inbox. Upon opening the email, Thunderbird automatically used
the recipient’s [nou20200619@std.psut.edu.jo] private key to decrypt the message and
verified the digital signature using the sender’s [yar20200717@std.psut.edu.jo] public
key.
→ Since Thunderbird is configured to decrypt messages by default, the recipient saw the
decrypted content and the signature verification status without needing to take any
additional steps.
SECURE EMAIL SYSTE M & DEVELOPING A SECURE CHAT

APPLICATION USING ASYMMETRIC AND SYMMETRIC ENCRYPTION PROJECT

Sign and Verify Messages

Verifying the Signatures of Received Emails

→ The recipient [nou20200619@std.psut.edu.jo] received the signed and encrypted

email in Thunderbird. Upon opening the email, Thunderbird displayed a notification
indicating the validity of the signature, confirming that the email had not been
tampered with and that it indeed came from the stated sender
[yar20200717@std.psut.edu.jo].

→ To ensure the highest level of trust, the recipient [nou20200619@std.psut.edu.jo]

used the "Yes, I've verified in person this key has the correct fingerprint." option in
Thunderbird. This option confirms that the public key used to verify the signature is
genuinely associated with the sender [yar20200717@std.psut.edu.jo].
→ This step usually involves verifying the key's fingerprint through a secure channel,
such as an in-person meeting or a trusted phone call, to ensure the key has not been
compromised.
SECURE EMAIL SYSTE M & DEVELOPING A SECURE CHAT

APPLICATION USING ASYMMETRIC AND SYMMETRIC ENCRYPTION PROJECT

Task 4 - Security Analysis

Encryption and Signature Analysis

→ The process of securing email communications involves the use of both encryption and
digital signatures, each serving distinct purposes in ensuring the confidentiality, integrity, and
authenticity of the messages. Encryption transforms the message content into an unreadable
format for anyone who does not possess the appropriate decryption key, thus ensuring that the
message remains confidential during transit.
→ In the context of the secure email system project using Thunderbird and OpenPGP, messages
are encrypted using symmetric encryption (AES) for efficiency, while the symmetric keys are
securely exchanged using asymmetric encryption (RSA). This layered approach leverages the
strengths of both encryption types, with RSA providing a secure method for key exchange
and AES ensuring fast and secure encryption of the message content.
→ Digital signatures, on the other hand, provide a way to verify the authenticity and integrity of
the messages. When a message is signed, the sender’s private key is used to create a signature
based on the message content.
→ This signature can be verified by the recipient using the sender’s public key, ensuring that the
message has not been altered and confirming the sender’s identity. In the secure email system
project, Thunderbird automates this process, allowing users to digitally sign their messages
with their private keys and verify incoming messages using the sender’s public keys. This
dual use of encryption and digital signatures not only protects the message from unauthorized
access but also provides a robust mechanism to detect tampering and impersonation.

Analyze How Messages Are Secured Using Encryption and Digital Signatures

→ In the secure email system project, messages are secured through a combination of encryption
and digital signatures, effectively addressing both confidentiality and authenticity concerns.
When a user composes an email in Thunderbird and chooses to encrypt and sign it, the
application first generates a symmetric AES key to encrypt the message content.
→ This encrypted message is then accompanied by the AES key, which itself is encrypted using
the recipient’s public RSA key. This ensures that only the intended recipient, who possesses
the corresponding private RSA key, can decrypt the AES key and subsequently the message
content. This process ensures that the message remains confidential throughout its journey
across potentially insecure networks.
→ The digital signature process further enhances security by allowing the recipient to verify the
message’s origin and integrity. When the sender signs the message, Thunderbird creates a
hash of the message content and encrypts this hash with the sender’s private key to form a
digital signature. Upon receiving the email, Thunderbird uses the sender’s public key to
decrypt the hash and compares it with a newly computed hash of the received message. If the
hashes match, it confirms that the message has not been altered and verifies the sender’s
identity. This process ensures that the recipient can trust the content and source of the email,
protecting against tampering and impersonation.
→ By employing these cryptographic techniques, the secure email system project demonstrates a
comprehensive approach to safeguarding email communications against various security
threats.
SECURE EMAIL SYSTE M & DEVELOPING A SECURE CHAT

APPLICATION USING ASYMMETRIC AND SYMMETRIC ENCRYPTION PROJECT

Security Analysis Using Wireshark

Packet No. 1475, a "Client Hello" message to the imap.gmail.com server, represents the initiation of a
secure TLS connection for IMAP email retrieval. It showcases the client's attempt to establish a secure
session using TLS 1.3, ensuring encrypted communication between the email client and server. This step
is crucial for maintaining the confidentiality and integrity of email communications, aligning with the
goals of wer secure email system project.

→ Encryption and Secure Email Communication

This packet is critical in establishing a secure channel between our Thunderbird email client and the
Gmail IMAP server. By negotiating a TLS session, it ensures that any emails retrieved or sent via
IMAP are encrypted, protecting them from eavesdropping and tampering during transit.

→ OpenPGP and Message Security

While the "Client Hello" packet itself does not directly relate to OpenPGP encryption (which is
handled at the application layer within the email content), it is a foundational step in securing the
communication channel through which the encrypted emails are sent and received.

→ Security Analysis

Analyzing the packets can help verify that the email client is indeed using secure protocols and
adhering to best practices in cryptographic security. Ensuring that TLS 1.3 is used confirms that we
are utilizing the most up-to-date and secure version of the protocol.
SECURE EMAIL SYSTE M & DEVELOPING A SECURE CHAT

APPLICATION USING ASYMMETRIC AND SYMMETRIC ENCRYPTION PROJECT

Key Details Relevant to Thunderbird

This packet is a critical component in establishing a secure TLS session between Thunderbird and the
Gmail IMAP server. By initiating the TLS handshake with a "Client Hello" message, Thunderbird
ensures that subsequent email communications are encrypted, protecting the data from eavesdropping and
tampering. The SNI field confirms the target server (imap.gmail.com), and the use of port 993 indicates a
secure connection for retrieving emails via IMAP. The supported cipher suites and TLS versions show
Thunderbird's capability to negotiate secure parameters for the session.
SECURE EMAIL SYSTE M & DEVELOPING A SECURE CHAT

APPLICATION USING ASYMMETRIC AND SYMMETRIC ENCRYPTION PROJECT

This packet (Frame 1475) is critical for understanding how Thunderbird initiates secure communications
with the Gmail IMAP server. Here are the details specifically relevant to Thunderbird:

Details Specifically Relevant To Thunderbird

1. Establishing a Secure Connection (TLS Handshake)

TLS Handshake Protocol: Client Hello

• Purpose: This packet initiates the TLS handshake process to establish a secure, encrypted session
between Thunderbird and the Gmail IMAP server.
• TLS Version: TLS 1.3 (indicated in the record layer)
• Client Hello Message: This is the first step in the TLS handshake, where Thunderbird sends a
"Client Hello" message to the server.

2. Server Name Indication (SNI)

• SNI Field: imap.gmail.com

• Relevance: Indicates that Thunderbird is connecting to the Gmail IMAP server. This helps the
server present the appropriate SSL certificate for the domain imap.gmail.com.

3. Cipher Suites and Extensions

• Cipher Suites: Lists the cryptographic algorithms supported by Thunderbird for securing the
session.
• Supported Versions: TLS 1.3, TLS 1.2, TLS 1.1, TLS 1.0, SSL 3.0
• Relevance: Indicates Thunderbird's flexibility and support for multiple versions of the TLS
protocol, ensuring compatibility and security.

4. Network and Transport Layer Information

Source and Destination IP Addresses

• Source IP: 192.168.100.81 (Thunderbird client machine)

• Destination IP: 74.125.133.108 (Google's IMAP server)
• Relevance: Confirms that Thunderbird is attempting to communicate with the Gmail IMAP
server.

Source and Destination Ports

• Source Port: 51259 (Ephemeral port used by Thunderbird)

• Destination Port: 993 (IMAPS - secure IMAP)
• Relevance: Shows that Thunderbird is using the secure IMAP port (993) to retrieve emails.

TCP Flags

• PSH, ACK Flags: Indicates that the packet is pushing data to the server and acknowledging
receipt of data. It is a part of the normal functioning of TCP to ensure reliable delivery of data
SECURE EMAIL SYSTE M & DEVELOPING A SECURE CHAT

APPLICATION USING ASYMMETRIC AND SYMMETRIC ENCRYPTION PROJECT

1. TCP Handshake and Connection Establishment

• Packets 1473, 1474, 1475:

o SYN, SYN-ACK, ACK:
▪ These packets are part of the three-way TCP handshake necessary to establish a
TCP connection.
▪ SYN (packet 1473) is sent by the client (192.168.100.81) to the server
(74.125.133.108) to initiate the connection.
▪ SYN-ACK (packet 1474) is the server's response, acknowledging the SYN and
indicating it is ready to establish a connection.
▪ ACK (packet 1475) from the client completes the handshake, allowing data
transfer to begin.
▪ Relevance: Establishing a reliable TCP connection is critical for secure
communication over IMAP, ensuring that messages can be exchanged between
Thunderbird and the Gmail server.

2. TLS Handshake

• Packets 1477, 1478, and subsequent TLS packets:

o Client Hello (packet 1477):
▪ Initiates the TLS handshake, proposing encryption parameters to the server.
▪ Relevance: Essential for setting up a secure encrypted channel for email
communications, ensuring that sensitive data like emails and credentials are
encrypted.
o Server Hello, Certificate, Server Key Exchange, Server Hello
▪ The server's response to the Client Hello, establishing the parameters for
encryption.
o Client Key Exchange, Change Cipher Spec, Finished (following packets):
▪ Completing the TLS handshake from the client's side, agreeing on encryption
keys and parameters.
SECURE EMAIL SYSTE M & DEVELOPING A SECURE CHAT

APPLICATION USING ASYMMETRIC AND SYMMETRIC ENCRYPTION PROJECT

▪ Relevance: The TLS handshake ensures that all subsequent email data
transferred between Thunderbird and the Gmail server is encrypted, maintaining
confidentiality and integrity.

3. Encrypted Application Data

• Multiple TLSv1.3 packets marked as Application Data:

o These packets represent the encrypted email data being exchanged between Thunderbird
and the Gmail server.
o Relevance: Demonstrates the actual email data being securely transmitted. With TLS
established, this data is protected against eavesdropping and tampering.

Specific Packets of Interest

• Packet 1700:
o ACK: This acknowledges previous data, ensuring reliable transmission.
o Relevance: Maintaining a reliable TCP connection is crucial for ensuring that all parts of
the secure communication are received and acknowledged correctly.

• Multiple Application Data Packets (e.g., 1480, 1482, 1484, 1486, etc.):
o TLSv1.3 Application Data: These packets contain the encrypted payload of the emails
being sent and received.
o Relevance: Actual encrypted email content being securely transmitted. This highlights
the practical application of encryption in securing email communications within
Thunderbird.
SECURE EMAIL SYSTE M & DEVELOPING A SECURE CHAT

APPLICATION USING ASYMMETRIC AND SYMMETRIC ENCRYPTION PROJECT

Packet 1480

TLSv1.3 Record Layer: Application Data

When we expand the TLSv1.3 Record Layer: Application Data section within Wireshark, we'll find a
field labeled Encrypted Application Data. This field is crucial for understanding how Thunderbird secures
email data during transmission.

Role of Encrypted Application Data in Thunderbird

1. Securing Email Content:

• Encryption: Thunderbird uses TLS (Transport Layer Security) to encrypt the data being
transmitted between the client (Thunderbird) and the server (e.g., Gmail IMAP server). The
Encrypted Application Data field contains the actual email content, but it is encrypted using the
session keys established during the TLS handshake.
• Confidentiality: This encryption ensures that the email content remains confidential. Only the
intended recipient (the server and ultimately the user on the other end) can decrypt and read the
email.

2. Protecting Sensitive Information:

• Content Protection: Whether it's the body of the email, attachments, or metadata, all this
information is protected within the Encrypted Application Data field. This prevents eavesdroppers
or man-in-the-middle attackers from accessing the content.
• Authentication: Through the TLS handshake process, both the client and server authenticate
each other, ensuring that the communication is secure from impersonation attacks.

3. Integrity and Authentication:

• Integrity: TLS not only encrypts the data but also ensures its integrity. Any alteration of the data
in transit would be detected, as the decryption would fail, ensuring that the data received is
exactly what was sent.
• Authentication: By using certificates, TLS also authenticates the server to the client (and
optionally the client to the server), ensuring that Thunderbird is communicating with the genuine
email server and not an imposter.
SECURE EMAIL SYSTE M & DEVELOPING A SECURE CHAT

APPLICATION USING ASYMMETRIC AND SYMMETRIC ENCRYPTION PROJECT

How Thunderbird Utilizes This Encrypted Data

Sending Emails

• Compose and Encrypt: When we compose an email in Thunderbird and send it, Thunderbird
uses settings to determine whether to use TLS. Assuming TLS is enabled, Thunderbird establishes
a secure connection with the email server using the TLS handshake.
• Data Transmission: The composed email, including its body and attachments, is transmitted
within the Encrypted Application Data field. This data remains encrypted until it reaches the
intended recipient's email server.

Receiving Emails

• IMAP/POP3 over TLS: When Thunderbird retrieves emails from the server, it does so over a
secure connection (IMAP over TLS on port 993 or POP3 over TLS on port 995). The emails
received are contained within the Encrypted Application Data field during transmission.
• Decryption and Display: Once the encrypted data reaches Thunderbird, it is decrypted using the
session keys. Thunderbird then processes and displays the email content to the user in its
decrypted form.

The Process

1. User Sends an Email:

o Process: The user composes an email in Thunderbird.
o Encryption: Thunderbird encrypts the email content using the session keys negotiated
via the TLS handshake.
o Transmission: The encrypted email content is sent over the network. In Wireshark, this
appears in the Encrypted Application Data field within the TLSv1.3 Record Layer:
Application Data.
2. Server Receives the Email:
o Decryption: The server receives the encrypted data and decrypts it using the same
session keys.
o Storage/Forwarding: The server may store the email for later retrieval or forward it to
the recipient's server, depending on the email configuration.
3. User Receives an Email:
o Retrieval: Thunderbird connects to the email server and retrieves emails over a secure
connection.
o Decryption: The received data is decrypted by Thunderbird, and the email content is
displayed to the user.

The Encrypted Application Data field in the TLSv1.3 Record Layer: Application Data section is a key
component in ensuring the security of email communications in Thunderbird. It encapsulates all the
sensitive information, keeping it encrypted and secure during transmission. This mechanism is crucial for
maintaining the confidentiality, integrity, and authenticity of email data, aligning with the secure
communication goals of our project.
SECURE EMAIL SYSTE M & DEVELOPING A SECURE CHAT

APPLICATION USING ASYMMETRIC AND SYMMETRIC ENCRYPTION PROJECT

Potential Vulnerabilities and Enhancing Security in Thunderbird's Secure Email System

While Thunderbird provides robust features for secure email communication using OpenPGP, there are
potential weaknesses that can compromise the system's security. Identifying these weaknesses and
implementing strategies to mitigate them is essential to maintain the integrity and confidentiality of email
communications. This detailed analysis explores possible vulnerabilities and proposes ways to enhance
security.

Identified Weaknesses and Security Enhancements

1. Weak Key Generation

• Weakness: If cryptographic keys are not generated securely, they can be easily compromised,
making encrypted communications vulnerable to interception and decryption.
• Enhancement: Ensure that Thunderbird uses a strong random number generator (RNG) for key
generation. Users should be encouraged to generate keys using modern, recommended algorithms
and adequate key lengths (e.g., RSA-4096 or ECC). Regularly update the key generation
protocols to adhere to the latest cryptographic standards.

2. Insecure Key Storage

• Weakness: Private keys stored insecurely on devices are susceptible to theft by attackers, leading
to potential unauthorized access to encrypted emails.
• Enhancement: Private keys should be stored in secure environments such as hardware security
modules (HSMs) or encrypted storage using strong, user-defined passphrases. Implementing
multi-factor authentication (MFA) for accessing private keys adds an additional layer of security.

3. Improper Key Verification

• Weakness: Relying solely on the web of trust without thorough verification can result in trusting
compromised keys, thereby undermining the security of the system.
• Enhancement: Implement a strict key verification process that includes checking key
fingerprints through secure channels (e.g., in-person verification, secure communication).
Encourage users to validate keys against a trusted key server or authority.

4. Revocation Issues

• Weakness: Difficulty in revoking compromised or obsolete keys can leave the system vulnerable
to unauthorized decryption of messages.
• Enhancement: Establish a reliable and efficient key revocation mechanism. Regularly update
key servers with the latest revocation lists and ensure users are notified promptly of revoked keys.
Automate the key revocation process within Thunderbird to simplify user management of keys.
SECURE EMAIL SYSTE M & DEVELOPING A SECURE CHAT

APPLICATION USING ASYMMETRIC AND SYMMETRIC ENCRYPTION PROJECT

5. Signature Verification

• Weakness: Inadequate verification of digital signatures can allow forged messages to appear
legitimate, leading to potential security breaches.
• Enhancement: Thunderbird should enforce strict digital signature verification processes. This
includes verifying the signature against the sender’s public key and checking the key’s validity
and trust level. Display clear warnings to users when signatures cannot be verified.

6. User Practices

• Weak Passwords: Users selecting weak passwords for their private keys can result in easy
compromise.
o Enhancement: Enforce strong password policies, requiring a combination of uppercase
and lowercase letters, numbers, and special characters. Provide user education on the
importance of strong passwords.
• Phishing Attacks: Users may fall victim to phishing attacks designed to steal their private keys
or passphrases.
o Enhancement: Implement anti-phishing measures such as email filtering, warning users
of suspicious links, and educating users on recognizing phishing attempts. Encourage the
use of MFA to protect against unauthorized access even if passwords are compromised.

7. Software Vulnerabilities

• Outdated Client Software: Using outdated versions of Thunderbird may expose the system to
known vulnerabilities.
o Enhancement: Ensure that Thunderbird is regularly updated to the latest version. Enable
automatic updates to minimize the window of exposure to vulnerabilities.
• PGP Implementation Bugs: Flaws in the PGP implementation within Thunderbird can be
exploited if not regularly updated.
o Enhancement: Maintain the PGP implementation by applying patches and updates
promptly. Participate in and contribute to the open-source community to help identify and
fix bugs quickly.

Conclusion

Maintaining the security of Thunderbird’s secure email system requires continuous attention to potential
weaknesses and proactive measures to address them. By strengthening key generation and storage,
enhancing key verification and revocation processes, improving signature verification, educating users on
best practices, and keeping software up-to-date, the overall security posture can be significantly
improved. These enhancements will ensure that Thunderbird remains a reliable and secure platform for
email communications, safeguarding users' sensitive information against evolving threats.
SECURE EMAIL SYSTE M & DEVELOPING A SECURE CHAT

APPLICATION USING ASYMMETRIC AND SYMMETRIC ENCRYPTION PROJECT

Simulating Potential Attacks and Analyzing System Defenses

→ Man-In-The-Middle Attack Simulation

In our efforts to assess the security robustness of the email communication system, we simulated a
Man-in-the-Middle (MITM) attack. During this attack, an attacker intercepts the communication
between two parties and alters one party's public key with their own key. Consequently, the emails
intended to be encrypted with the legitimate user's public key are instead encrypted using the
attacker's public key. This allows the attacker to decrypt and potentially manipulate the messages,
thus compromising the confidentiality and integrity of the communication.

In this attack we have used two machines, kali Linux as attacker and windows 10 as the victim.
The following figure shows that the ipconfig command was put in order to get the IP address of
the victim’s machine.
SECURE EMAIL SYSTE M & DEVELOPING A SECURE CHAT

APPLICATION USING ASYMMETRIC AND SYMMETRIC ENCRYPTION PROJECT

When we executed the ipconfig and arp -a commands on the system, we identified the IP address and the
MAC address of the attacker on the Kali machine. The ipconfig command provided the network
configuration details, revealing the local IP address (192.168.153.130) and the default gateway
(192.168.153.2). The arp -a command displayed the ARP table, which included mappings of IP addresses
to their corresponding MAC addresses.

From the ARP table, we observed the following relevant entries

• The default gateway, with an IP address of 192.168.153.2, is mapped to the MAC address 00-50-
56-f9-8c-ff.
• Another device on the network, potentially the attacker’s machine, has an IP address of
192.168.153.254 and a MAC address of 00-50-56-fe-87-91.

These details are crucial for identifying and verifying the attacker’s presence on the network, as they
provide the necessary information to trace network traffic and correlate it with specific devices. The
figure below illustrates the output of the executed commands, highlighting the identified IP and MAC
addresses of the attacker.

Following that, we identified the IP address (192.168.153.128) and MAC address (00:0c:29:04:a5:42) of
the attacker on the Kali machine, as shown in the figure below.
SECURE EMAIL SYSTE M & DEVELOPING A SECURE CHAT

APPLICATION USING ASYMMETRIC AND SYMMETRIC ENCRYPTION PROJECT

To discover the users in the network the netdiscover command was executed.

Wireshark was run on the attacker’s machine in order to keep eyes on the changes.
SECURE EMAIL SYSTE M & DEVELOPING A SECURE CHAT

APPLICATION USING ASYMMETRIC AND SYMMETRIC ENCRYPTION PROJECT

Sequentially, the Arpspoof command was executed.

The ARP table was checked from the windows machine.

Now the MAC address is being spoofed in the windows device.

SECURE EMAIL SYSTE M & DEVELOPING A SECURE CHAT

APPLICATION USING ASYMMETRIC AND SYMMETRIC ENCRYPTION PROJECT

In the Wireshark packet capture shown in the figure, we successfully executed an attack by
switching the router's IP address with the attacker's IP address. Consequently, all packets sent
from the victim to the router are now directed to the attacker and vice versa. When the victim
attempts to send their public key to the router for communication with the other party, the
attacker intercepts this transmission. The attacker then captures the victim's public key and sends
their own public key to the intended recipient, thereby compromising the secure communication.

However, we were unable to reach the point where we could capture the victim's public key and
manipulate it with our public key (attacker's public key).
SECURE EMAIL SYSTE M & DEVELOPING A SECURE CHAT

APPLICATION USING ASYMMETRIC AND SYMMETRIC ENCRYPTION PROJECT

Developing a Secure Chat Application using Symmetric and Asymmetric Encryption

Introduction And Objective

Our objective for this project is to create a secure communication tunnel between the server and client
using AES encryption method and RSA for key exchange between the parties.

Architecture

→ The chat application's architecture includes two primary parts, which are the client and the
server. The public key of the client must be sent to the server in order for it to create a public-
private key pair using RSA.
In addition to using RSA, the server creates a public-private key pair and provides the client with its
public key.

→ After obtaining each other's public keys, the client and server can safely exchange an AES
key through RSA. Using the public key of the server, the client encrypts data using a
randomly generated AES key. Following that, the server uses its private key to decrypt the
encrypted AES key. Messages can now be safely encrypted and decrypted using the AES key
by both the server and the client.

Key Management And How It Works

→ The chat application's key management involves using RSA to safely transfer the AES key
between the client and server. Using the public key of the server, the client encrypts data
using a randomly generated AES key. After that, the server uses its private key to decrypt the
encrypted AES key, then the communications between the client and server are encrypted and
decrypted using the AES key.

→ A secure key exchange protocol, like Diffie-Hellman key exchange, should be used by the
client and server to ensure secure key management. Over a vulnerable communication
channel, two parties can safely generate a shared secret key by using the Diffie-Hellman key
exchange protocol.
SECURE EMAIL SYSTE M & DEVELOPING A SECURE CHAT

APPLICATION USING ASYMMETRIC AND SYMMETRIC ENCRYPTION PROJECT

The Client-Server Code And How They Function

→ The Client Side And Its Output
SECURE EMAIL SYSTE M & DEVELOPING A SECURE CHAT

APPLICATION USING ASYMMETRIC AND SYMMETRIC ENCRYPTION PROJECT

SECURE EMAIL SYSTE M & DEVELOPING A SECURE CHAT

APPLICATION USING ASYMMETRIC AND SYMMETRIC ENCRYPTION PROJECT

The Way The Code Works

The Code Imports The Necessary Libraries
→ socket for creating a socket to communicate with the server
→ Crypto.PublicKey and Crypto.Cipher for cryptographic operations (RSA and AES)
→ Crypto.Random for generating random bytes
→ Crypto.Util.Padding for padding and unpadding data
→ base64 for encoding and decoding data
→ pickle for serializing and deserializing data

Generating RSA Keys

The code generates a pair of RSA keys using the RSA.generate() function:
→ key is the private key
→ private_key is the private key in PEM format
→ public_key is the public key in OpenSSH format
→ The public key is printed to the console.

Connecting to the server

The code creates a socket using socket.socket() and connects to the server at 127.0.0.1:12347.

Handling Server Communication

When the client connects to the server, it does the following;
→ Receives the server's public key using client_socket.recv().
→ Sends its public key to the server using client_socket.send().
→ Receives the encrypted AES key using client_socket.recv().
→ Decrypts the AES key using its private key and PKCS1_OAEP decryption.
→ Prompts the user to enter a message to send to the server.
→ Encrypts the message using the AES key and aes_encrypt() function.
→ Sends the encrypted message to the server using client_socket.send().
→ Receives an encrypted message from the server using client_socket.recv().
→ Decrypts the message using the AES key and aes_decrypt() function.

Then it prints the decrypted message to the console.

Error Handling
The code catches any exceptions that occur during server handling and prints an error message to the
console.

AES Encryption And Decryption Functions

The code defines two functions for AES encryption and decryption:
→ aes_encrypt(key, plaintext): Encrypts the plaintext using the AES key in CBC mode. It returns
the encrypted ciphertext as a base64-encoded string.
→ aes_decrypt(key, ciphertext): Decrypts the ciphertext using the AES key in CBC mode. It returns
the decrypted plaintext as a byte string.
→ These functions use the AES class from the Crypto.Cipher module to perform the encryption and
decryption operations.
SECURE EMAIL SYSTE M & DEVELOPING A SECURE CHAT

APPLICATION USING ASYMMETRIC AND SYMMETRIC ENCRYPTION PROJECT

Main Function
The code defines a client() function that generates RSA keys, connects to the server, and handles server
communication. The if __name__ == "__main__": block calls the client() function when the script is run
directly.

The Output
SECURE EMAIL SYSTE M & DEVELOPING A SECURE CHAT

APPLICATION USING ASYMMETRIC AND SYMMETRIC ENCRYPTION PROJECT

The Server Side And Its Output

SECURE EMAIL SYSTE M & DEVELOPING A SECURE CHAT

APPLICATION USING ASYMMETRIC AND SYMMETRIC ENCRYPTION PROJECT

The Way This Code Works

The code starts by importing the necessary libraries
→ socket for creating a socket to communicate with the client
→ Crypto.PublicKey and Crypto.Cipher for cryptographic operations (RSA and AES)
→ Crypto.Random for generating random bytes
→ Crypto.Util.Padding for padding and unpadding data
→ base64 for encoding and decoding data
→ pickle for serializing and deserializing data
Then We Started Generating RSA Keys
The code generates a pair of RSA keys using the RSA.generate() function, where:
→ key is the private key
→ private_key is the private key in PEM format
→ public_key is the public key in OpenSSH format
Then the public key is printed to the console and sent to the client.
SECURE EMAIL SYSTE M & DEVELOPING A SECURE CHAT

APPLICATION USING ASYMMETRIC AND SYMMETRIC ENCRYPTION PROJECT

For setting up the server, the code sets up a server socket using socket.socket() and binds it to
127.0.0.1:12347. The server listens for incoming connections using server_socket.listen(1).

When A Client Connects, The Server:

→ Sends its public key to the client using client_socket.send().
→ Receives the client's public key using client_socket.recv().
→ Generates a random AES key using get_random_bytes().
→ Encrypts the AES key using the client's public key and PKCS1_OAEP encryption.
→ Sends the encrypted AES key to the client using client_socket.send().
→ Receives an encrypted message from the client using client_socket.recv().
→ Decrypts the message using the AES key and aes_decrypt() function.
→ Prints the decrypted message to the console.
→ Prompts the user to enter a message to send to the client.
→ Encrypts the message using the AES key and aes_encrypt() function.
→ Sends the encrypted message to the client using client_socket.send().

Error Handling:
The code catches any exceptions that occur during client handling and prints an error message to the
console.

Then The Code Defines Two Functions For AES Encryption And Decryption:
→ aes_encrypt(key, plaintext): Encrypts the plaintext using the AES key in CBC mode. It
returns the encrypted ciphertext as a base64-encoded string.
→ aes_decrypt(key, ciphertext): Decrypts the ciphertext using the AES key in CBC mode. It
returns the decrypted plaintext as a byte string.

These functions use the AES class from the Crypto.Cipher module to perform the encryption and
decryption operations.

Main Function
The code defines a server() function that sets up the server and handles client connections. The if
__name__ == "__main__": block calls the server() function when the script is run directly.
SECURE EMAIL SYSTE M & DEVELOPING A SECURE CHAT

APPLICATION USING ASYMMETRIC AND SYMMETRIC ENCRYPTION PROJECT

The Output
SECURE EMAIL SYSTE M & DEVELOPING A SECURE CHAT

APPLICATION USING ASYMMETRIC AND SYMMETRIC ENCRYPTION PROJECT

Conclusion
Through the use of AES encryption and RSA key exchange, we were able to successfully construct a secure
client-server communication system in this project. The method of communication makes it possible for a
client and a server to communicate in a private, guaranteeing the security of the data they exchange.

Confidentiality, authentication, and tamper-proofing are just a few of the security advantages that come
with using AES encryption and RSA key exchange. The system makes sure that the identities of the client
and the server can be confirmed and that any data that is sent between them cannot be intercepted or read
by unauthorized parties.

The project serves as an example of how crucial key management is to maintaining system security,
including key generation, interchange, and storage. It also emphasizes how crucial it is to carefully evaluate
cryptographic parameters, such as the key length and the way it was encrypted, to ensure the security of the
system.

To sum up, the project shows how to use cryptographic techniques to secure communication over an
unreliable channel and offers a dependable and secure solution for client-server communication.