Differences
This shows you the differences between two versions of the page.
|
cns:laboratoare:laborator-08 [2012/12/17 15:05] traian.popeea |
— (current) | ||
|---|---|---|---|
| Line 1: | Line 1: | ||
| - | ====== Lab 8 - Cryptography ====== | ||
| - | - [3p] Steganography | ||
| - | * Several tools can be used to hide files behind an image. Create a file ''Lab08.txt'' and add the following line: “Thank GOD that this lab is NOT part of the exam.” | ||
| - | * Use ''outguess'' to hide ''Lab08.txt'' behind a jpg file of your choice. Retrieve the contents from the jpg file. | ||
| - | * You can install ''outguess'' with ''apt-get install outguess''. | ||
| - | * Add ''fileype:jpg'' to your Google search to only show jpg results. | ||
| - | * Sometimes concatenating files is enough to hide them. Use ''zip'' and ''cat'' to hide ''Lab08.txt'' behind a JPG file of your choice. Use ''unzip'' to retrieve the file. | ||
| - | * ''unzip'' skips over junk found at the beginning of the file. | ||
| - | * Which of the two methods uses less space? Why is that? | ||
| - | - [+1p=4p] Write in a notepad your name using the Caesar cipher. The key is equal to the number of letter in your name. (use both first and last names) | ||
| - | - [+1p=5p] Use frequency analysis to decrypt {{:cns:laborator:encrypted.txt|this file}}. You can use any tool you want. | ||
| - | * The plaintext is in English and the Vigenere algorithm was used for encryption. | ||
| - | * More information about the Vigenere cipher can be found here: [[wp>Vigenère_cipher]]. | ||
| - | - [+2p=7p] You have to use the following algorithm((Interesting fact: this algorithm is used for type 7 decryption in Cisco IOS.)) to decrypt the message “08324F5C”. <code c> | ||
| - | const char *xlat = "dsfd;kfoA,.iyewrkldJKDHSUBsgvca69834ncxv"; | ||
| - | |||
| - | char *unseven(const char *hash) | ||
| - | { | ||
| - | unsigned int key, i, hlen = strlen(hash) - 2; | ||
| - | char *plain = (char*)malloc(hlen / 2 + 1); | ||
| - | |||
| - | if (hlen < 2 || hlen & 1) return NULL; | ||
| - | |||
| - | key = (hash[0] - '0') * 10 + hash[1] - '0'; | ||
| - | if (key > 15 || !isdigit(hash[0]) || !isdigit(hash[1])) return NULL; | ||
| - | |||
| - | hash += 2; | ||
| - | for (i = 0; i < hlen; ++i) if (!isxdigit(hash[i])) return NULL; | ||
| - | |||
| - | for (i = 0; i < hlen; i += 2) { | ||
| - | plain[i / 2] = ((hex2int(hash[i]) << 4) | hex2int(hash[i + 1])) ^ xlat[key++]; | ||
| - | if (key == 40) key = 0; | ||
| - | } | ||
| - | plain[hlen / 2] = 0; | ||
| - | |||
| - | return plain; | ||
| - | } | ||
| - | </code> | ||
| - | - Hint: http://www.asciitable.com/ | ||
| - | - Hint: http://www.cprogramming.com/tutorial/bitwise_operators.html | ||
| - | - [+1p=8p] RSA public/private key pairs can be used to encrypt, decrypt and sign data. The first step is to generate the key pair. | ||
| - | * Generate a private key first:<code> | ||
| - | openssl genrsa -out key.private 1024</code> | ||
| - | * Inspect the contents of the private key file:<code> | ||
| - | openssl rsa -in key.private -text</code> | ||
| - | * The private key file includes the **public key** (the public exponent and the modulus) and the **private key** (prime1 and prime2). | ||
| - | * Extract the public key:<code> | ||
| - | openssl rsa -in key.private -out key.public -pubout</code> | ||
| - | * The public key can be shared. | ||
| - | * Inspect the contents of the public key file:<code> | ||
| - | openssl rsa -pubin -in key.public -text</code> | ||
| - | * ''openssl'' assumes that input/output keys are private. To use a public key, you need to set the ''pubin'' or ''pubout'' flag. | ||
| - | * Note that certain elements (i.e. //prime1// and //prime2//) are missing from the output. | ||
| - | - [+1p=9p] Use ''openssl rsautl'' to encrypt a file of your choice using the public key:<code> | ||
| - | echo 'Hello, world!' > myfile.plaintext | ||
| - | openssl rsautl -encrypt -pubin -inkey key.public -in myfile.plaintext -out myfile.ciphertext | ||
| - | </code> | ||
| - | * The public key is used for **encryption**. The private key is used for **signing**. | ||
| - | * Use ''openssl rsautl'' to decrypt the file:<code> | ||
| - | openssl rsautl -decrypt -inkey key.private -in myfile.ciphertext -out myfile.decrypted | ||
| - | </code> | ||
| - | * You should obtain the initial plaintext file:<code> | ||
| - | diff myfile.decrypted myfile.plaintext | ||
| - | </code> | ||
| - | - [+2=11p] Encryption contest. Create a symmetric encryption algorithm that uses substitution/transposition method applied directly on a block. Start! | ||
