Lab Assignment: Introduction to Computer and Network Security
Objective: Experiment with symmetric key encryption.
1. In this lab, we will use the openssl and GHex programs. Ensure that the programs are correctly installed on your virtual machine by running the following commands:
cct@cct-vm:$ dpkg -s openssl cct@cct-vm:$ dpkg -s ghex
If you wish to update the software installed on your VM to the latest version, you may do so with the following command (Note - you will be prompted for the cct user password to obtain elevated privileges for the software update):
cct@cct-vm:$ sudo apt-get update
If the programs are NOT installed on your VM, you may install them with the following commands:
cct@cct-vm:$ sudo apt-get install openssl cct@cct-vm:$ sudo apt-get install ghex
2. We will first experiment with openssl. All commands will be entered in the terminal. To get more information about openssl command, type "man openssl".
3. To encrypt or decrypt a file, refer the following sample commands where ciphertype, in- file, out-file, key and iv_used are replaced with the appropriate values. (">>" indicates a command to be executed; do not actually type ">>" into the terminal.) Note the differences between encrypting with the "-e" flag, and decrypting with the "-d" flag.
>> openssl enc ciphertype -e -in in-file -out out-file -K key -iv iv_used
>> openssl enc ciphertype -d -in in-file -out out-file -K key -iv iv_used
4. We first see the options when we are encrypting a file. Execute the example encryption command listed above, substituting in the following values for the respective parameters. Check with the TA if you are unsure if you are doing it correctly.
• ciphertype: -aes-128-cbc
• in-file: text.txt (create your own file with a few of lines of text)
• out-file: cipher.bin (no need to do anything; will be created automatically)
• key: 12345
• iv_used: 0123
Question 1. Copy the contents of the text.txt and cipher.bin into your report. Can you see any relationship between the two files?
Question 2. Now try creating different versions of text.txt, e.g. minor differences, very different, different characters, etc.. What can you see about the relationship between these different cipertext?
5. Now we will decrypt the file you encrypted earlier. We will use the following parameters. Make sure you can get back what you encrypted.
• ciphertext: -aes-128-cbc
• in-file: cipher.bin
• out-file: answer.txt (named something different from text.txt so as to compare)
• key: 12345
• iv_used: 0123
Question 3. Attempt to decrypt the cipher.bin using a different iv_used value. What happens to the plain text you get back? Try with different iv_used values and present the results in your report.
Question 4. What happens when you attempt to decrypt a file using the correct key and iv value, but using a different encryption mode, such as -aes-128-ecb, -aes-256-cbc, and/or -dec-cbc?