applied-cryptography/appliedcrypto
1
0
Fork 0
mirror of https://github.com/billbuchanan/appliedcrypto.git synced 2026-02-21 11:18:02 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge remote-tracking branch 'refs/remotes/origin/main'

Browse Source
This commit is contained in:
billbuchanan
2026-02-02 11:41:34 +00:00
parent 5d25c88e4a 2f53efcc3d
commit 1534b8edce
2 changed files with 90 additions and 29 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
unit02_symmetric/lab/README.md
View File

@@ -12,15 +12,15 @@ Sample answers: [here](https://github.com/billbuchanan/appliedcrypto/blob/master
| No | Description | Result |
|-------|--------|---------|
| 1 | Log into vSoC 2, and select your Ubuntu host (or your own AWS EC2 instance or virtual machine). | What is your IP address? |
| 2 | Use: ```openssl list -cipher-commands``` | Outline five encryption methods that are supported: |
| 3 | Use: ```openssl version``` | Outline the version of OpenSSL: |
| 4 | Using openssl and the command in the form: ```openssl prime -hex 1111``` | Check if the following are prime numbers: | 42 [Yes][No] 1421 [Yes][No] |
| 5 | Now create a file named myfile.txt (either use nano or another editor). Next. encrypt with aes-256-cbc <br> ```openssl enc -aes-256-cbc -in myfile.txt -out encrypted.bin -pbkdf2``` and enter your password. | Use the following command to view the output file: ```cat encrypted.bin``` Is it easy to write out or transmit the output: [Yes][No]. What does the ```-pbkdf2``` part do? |
| 6 | Now repeat the previous command and add the base64 option. <br>```openssl enc -aes-256-cbc -in myfile.txt -out encrypted.bin base64 -pbkdf2``` | Use the following command to view the output file: ```cat encrypted.bin``` Is it easy to write out or transmit the output: [Yes][No]
| 7 | Now repeat the previous command and observe the encrypted output. <br>```openssl enc -aes-256-cbc -in myfile.txt -out encrypted.bin base64 -pbkdf2``` | Has the output changed? [Yes][No] Why has it changed? |
| 8 | Now lets decrypt the encrypted file with the correct format: ```openssl enc -d -aes-256-cbc -in encrypted.bin -pass pass:napier -base64 -pbkdf2``` Has the output been decrypted correctly? | What happens when you use the wrong password? |
| 9 | If you are working in the lab, now give your secret passphrase to your neighbour, and get them to encrypt a secret message for you. To receive a file, you listen on a given port (such as Port 1234) ```nc -l -p 1234 > enc.bin``` And then send to a given IP address with: ```nc -w 3 [IP] 1234 < enc.bin``` | Did you manage to decrypt their message? [Yes][No] |
| | Log into vSoC 2, and select your Ubuntu host (or your own AWS EC2 instance or virtual machine). | What is your IP address? |
| 1 | Use: ```openssl list -cipher-commands``` | Outline five encryption methods that are supported: |
| | Use: ```openssl version``` | Outline the version of OpenSSL: |
| 2 | Using openssl and the command in the form: ```openssl prime -hex 1111``` | Check if the following are prime numbers: <br> 42 [Yes][No] 1421 [Yes][No] |
| 3 | Now create a file named myfile.txt (either use nano or another editor). Next. encrypt with aes-256-cbc <br> ```openssl enc -aes-256-cbc -in myfile.txt -out encrypted.bin -pbkdf2``` and enter your password. | Use the following command to view the output file: ```cat encrypted.bin``` Is it easy to write out or transmit the output: [Yes][No]. What does the ```-pbkdf2``` part do? |
| 4 | Now repeat the previous command and add the base64 option. <br>```openssl enc -aes-256-cbc -in myfile.txt -out encrypted.bin base64 -pbkdf2``` | Use the following command to view the output file: ```cat encrypted.bin``` Is it easy to write out or transmit the output: [Yes][No]
| 5 | Now repeat the previous command and observe the encrypted output. <br>```openssl enc -aes-256-cbc -in myfile.txt -out encrypted.bin base64 -pbkdf2``` | Has the output changed? [Yes][No] Why has it changed? |
| 6 | Now lets decrypt the encrypted file with the correct format: ```openssl enc -d -aes-256-cbc -in encrypted.bin -pass pass:napier -base64 -pbkdf2``` Has the output been decrypted correctly? | What happens when you use the wrong password? |
| 7 | If you are working in the lab, now give your secret passphrase to your neighbour, and get them to encrypt a secret message for you. To receive a file, you listen on a given port (such as Port 1234) ```nc -l -p 1234 > enc.bin``` And then send to a given IP address with: ```nc -w 3 [IP] 1234 < enc.bin``` | Did you manage to decrypt their message? [Yes][No] |
10. With OpenSSL, we can define a fixed salt value that has been used in the ciphering process. For example, in Linux:

101
unit02_symmetric/lab/possible_ans.md
View File

@@ -1,41 +1,102 @@
## A OpenSSL
### A.1 - A.7
A.1)
## Q2
```
% openssl version
OpenSSL 3.3.1 4 Jun 2024 (Library: OpenSSL 3.3.1 4 Jun 2024)
```
openssl list -cipher-commands
## Q3
```
% openssl prime -hex 1111
1111 (1111) is not prime
openssl version
```
A.2)
## Q4
```
% openssl enc -aes-256-cbc -in myfile.txt -out encrypted.bin -pbkdf2
enter AES-256-CBC encryption password:
Verifying - enter AES-256-CBC encryption password:
% cat encrypted.bin
Salted__?P*?!\ ??? 8???]?\[?B%
```
openssl prime hex 1111
## Q5
A.3)
```
% openssl enc -aes-256-cbc -in myfile.txt -out encrypted.bin -base64 -pbkdf2
enter AES-256-CBC encryption password:
Verifying - enter AES-256-CBC encryption password:
% cat encrypted.bin
U2FsdGVkX18fxEIzLHSfpYfpaLajibZ7ScHDCqemSEw=
```
openssl enc -aes-256-cbc -in myfile.txt -out encrypted.bin
## Q6
```
% openssl enc -aes-256-cbc -in myfile.txt -out encrypted.bin -base64 -pbkdf2
enter AES-256-CBC encryption password:
Verifying - enter AES-256-CBC encryption password:
% cat encrypted.bin
U2FsdGVkX19d2L46jUg46+IO1WOOAjKJ/0O473YMxlI=
```
A.4)
We use a random salt value each time, as we have now specified a salt value.
openssl enc -aes-256-cbc -in myfile.txt -out encrypted.bin -base64
## Q7
```
% openssl enc -d -aes-256-cbc -in encrypted.bin -pass pass:napier -base64 -pbkdf2
My message
```
## Q8
A.6)
```
echo -n "Hello" | openssl enc -aes-256-cbc -pass pass:"paris" -e -base64 -S 241fa86763b85341 -pbkdf2
tZCdiQE4L6QT+Dff82F5bw==
```
If you used ***napier*** as the password, you can decrypt the file using:
openssl enc -d -aes-256-cbc -in encrypted.bin -pass pass:napier -base64
## Q9
A.7)
```
echo tZCdiQE4L6QT+Dff82F5bw== | openssl enc -aes-256-cbc -pass pass:paris"" -d -base64 -S 241fa86763b85341 -pbkdf2
Hello
```
Encrypt the file using blowfish:
## Q10
openssl enc -blowfish -in myfile.txt -out encrypted.bin -base64
If you used ***napier*** as the password, you can decrypt the file using:
```
echo -n "Hello" | openssl enc -aes-128-cbc -pass pass:"london" -e -base64 -S 241fa86763b85341 -pbkdf2
echo -n "Hello" | openssl enc -aes-128-cbc -pass pass:"london" -e -base64 -salt -pbkdf2
openssl enc -d -blowfish -in encrypted.bin -pass pass:napier -base64
**NOTE:** if you get an empty output, ensure that you have added a super secret message in the *myfile.txt* and execute again the previous commands.
9Z+NtmCdQSpmRl+eZebFXQ==
U2FsdGVkX1/8ajTn5wyaPAk2PBG/n+nJ38w1N/vZt38=
echo -n "Hello" | openssl enc -aes-128-cbc -pass pass:"london" -e -base64 -S 241fa86763b85341 -pbkdf2
echo -n "Hello" | openssl enc -aes-128-cbc -pass pass:"london" -e -base64 -salt -pbkdf2
9Z+NtmCdQSpmRl+eZebFXQ==
U2FsdGVkX1/VCIe2O1KaYL4NhwY5lpAPO9wMtyWc9Xo=
```
With the first command, we use the same salt value each time, but the second command uses a random salt value, so it will change each time.
## Q11
Part 1 (password is glasgow):
```
echo "U2FsdGVkX1+7VpBGwevibQGgescaz5nsArtGLNqFaXk=" | openssl enc -d -aes-128-cbc -pass pass:glasgow -base64 -pbkdf2
banana
```
Part 2 (password is edinburgh):
```
echo "U2FsdGVkX18vpjgccu7VkPZrkncqADuy1kVKU9LbLec=" | openssl enc -d -aes-128-cbc -pass pass:edinburgh -base64 -pbkdf2
kiwi
```
## D Python Coding (Encrypting)
### D.1