From 02317bfcf40c8df03e2a32ec6fa6819fcf05c4bb Mon Sep 17 00:00:00 2001
From: Bill Buchanan <w.buchanan@napier.ac.uk>
Date: Mon, 2 Feb 2026 11:24:07 +0000
Subject: [PATCH 1/4] Update README.md

---
 unit02_symmetric/lab/README.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/unit02_symmetric/lab/README.md b/unit02_symmetric/lab/README.md
index 45eca6a..d491717 100644
--- a/unit02_symmetric/lab/README.md
+++ b/unit02_symmetric/lab/README.md
@@ -15,7 +15,7 @@ Sample answers: [here](https://github.com/billbuchanan/appliedcrypto/blob/master
 | 1 | Log into vSoC 2, and select your Ubuntu host (or your own AWS EC2 instance or virtual machine). | What is your IP address? |
 | 2 | Use: ```openssl list -cipher-commands``` | Outline five encryption methods that are supported:   |
 | 3 | Use: ```openssl version``` | Outline the version of OpenSSL:    |
-| 4 | Using openssl and the command in the form: ```openssl prime -hex 1111``` | Check if the following are prime numbers: |  42 [Yes][No] 1421 [Yes][No] | 
+| 4 | Using openssl and the command in the form: ```openssl prime -hex 1111``` | Check if the following are prime numbers: <br> 42 [Yes][No] 1421 [Yes][No] | 
 | 5 | Now create a file named myfile.txt (either use nano or another editor). Next. encrypt with aes-256-cbc <br> ```openssl enc -aes-256-cbc -in myfile.txt -out encrypted.bin -pbkdf2``` and enter your password. | Use the following command to view the output file: ```cat encrypted.bin``` Is it easy to write out or transmit the output: [Yes][No]. What does the ```-pbkdf2``` part do? | 
 | 6 | Now repeat the previous command and add the –base64 option. <br>```openssl enc -aes-256-cbc -in myfile.txt -out encrypted.bin –base64 -pbkdf2``` | Use the following command to view the output file: ```cat encrypted.bin``` Is it easy to write out or transmit the output: [Yes][No]
 | 7 | Now repeat the previous command and observe the encrypted output. <br>```openssl enc -aes-256-cbc -in myfile.txt -out encrypted.bin –base64 -pbkdf2``` | Has the output changed? [Yes][No] Why has it changed? |

From 741a19dc17e2411eccb5dfb660bb7920c1859fd0 Mon Sep 17 00:00:00 2001
From: Bill Buchanan <w.buchanan@napier.ac.uk>
Date: Mon, 2 Feb 2026 11:25:12 +0000
Subject: [PATCH 2/4] Update README with symmetric key lab instructions

---
 unit02_symmetric/lab/README.md | 18 +++++++++---------
 1 file changed, 9 insertions(+), 9 deletions(-)

diff --git a/unit02_symmetric/lab/README.md b/unit02_symmetric/lab/README.md
index d491717..a663f5d 100644
--- a/unit02_symmetric/lab/README.md
+++ b/unit02_symmetric/lab/README.md
@@ -12,15 +12,15 @@ Sample answers: [here](https://github.com/billbuchanan/appliedcrypto/blob/master
 
 | No | Description | Result | 
 |-------|--------|---------|
-| 1 | Log into vSoC 2, and select your Ubuntu host (or your own AWS EC2 instance or virtual machine). | What is your IP address? |
-| 2 | Use: ```openssl list -cipher-commands``` | Outline five encryption methods that are supported:   |
-| 3 | Use: ```openssl version``` | Outline the version of OpenSSL:    |
-| 4 | Using openssl and the command in the form: ```openssl prime -hex 1111``` | Check if the following are prime numbers: <br> 42 [Yes][No] 1421 [Yes][No] | 
-| 5 | Now create a file named myfile.txt (either use nano or another editor). Next. encrypt with aes-256-cbc <br> ```openssl enc -aes-256-cbc -in myfile.txt -out encrypted.bin -pbkdf2``` and enter your password. | Use the following command to view the output file: ```cat encrypted.bin``` Is it easy to write out or transmit the output: [Yes][No]. What does the ```-pbkdf2``` part do? | 
-| 6 | Now repeat the previous command and add the –base64 option. <br>```openssl enc -aes-256-cbc -in myfile.txt -out encrypted.bin –base64 -pbkdf2``` | Use the following command to view the output file: ```cat encrypted.bin``` Is it easy to write out or transmit the output: [Yes][No]
-| 7 | Now repeat the previous command and observe the encrypted output. <br>```openssl enc -aes-256-cbc -in myfile.txt -out encrypted.bin –base64 -pbkdf2``` | Has the output changed? [Yes][No] Why has it changed? |
-| 8 | Now let’s decrypt the encrypted file with the correct format: ```openssl enc -d -aes-256-cbc -in encrypted.bin -pass pass:napier -base64 -pbkdf2``` Has the output been decrypted correctly? | What happens when you use the wrong password? |
-| 9 | If you are working in the lab, now give your secret passphrase to your neighbour, and get them to encrypt a secret message for you.  To receive a file, you listen on a given port (such as Port 1234) ```nc -l -p 1234 > enc.bin``` And then send to a given IP address with: ```nc -w 3 [IP] 1234 < enc.bin``` | Did you manage to decrypt their message? [Yes][No] | 
+|  | Log into vSoC 2, and select your Ubuntu host (or your own AWS EC2 instance or virtual machine). | What is your IP address? |
+| 1 | Use: ```openssl list -cipher-commands``` | Outline five encryption methods that are supported:   |
+| 2 | Use: ```openssl version``` | Outline the version of OpenSSL:    |
+| 3 | Using openssl and the command in the form: ```openssl prime -hex 1111``` | Check if the following are prime numbers: <br> 42 [Yes][No] 1421 [Yes][No] | 
+| 4 | Now create a file named myfile.txt (either use nano or another editor). Next. encrypt with aes-256-cbc <br> ```openssl enc -aes-256-cbc -in myfile.txt -out encrypted.bin -pbkdf2``` and enter your password. | Use the following command to view the output file: ```cat encrypted.bin``` Is it easy to write out or transmit the output: [Yes][No]. What does the ```-pbkdf2``` part do? | 
+| 5 | Now repeat the previous command and add the –base64 option. <br>```openssl enc -aes-256-cbc -in myfile.txt -out encrypted.bin –base64 -pbkdf2``` | Use the following command to view the output file: ```cat encrypted.bin``` Is it easy to write out or transmit the output: [Yes][No]
+| 6 | Now repeat the previous command and observe the encrypted output. <br>```openssl enc -aes-256-cbc -in myfile.txt -out encrypted.bin –base64 -pbkdf2``` | Has the output changed? [Yes][No] Why has it changed? |
+| 7 | Now let’s decrypt the encrypted file with the correct format: ```openssl enc -d -aes-256-cbc -in encrypted.bin -pass pass:napier -base64 -pbkdf2``` Has the output been decrypted correctly? | What happens when you use the wrong password? |
+| 8 | If you are working in the lab, now give your secret passphrase to your neighbour, and get them to encrypt a secret message for you.  To receive a file, you listen on a given port (such as Port 1234) ```nc -l -p 1234 > enc.bin``` And then send to a given IP address with: ```nc -w 3 [IP] 1234 < enc.bin``` | Did you manage to decrypt their message? [Yes][No] | 
 
 
 10.  With OpenSSL, we can define a fixed salt value that has been used in the ciphering process. For example, in Linux:

From 5d292eb50d52eb88db7c8c5f30391b8d7a8a368d Mon Sep 17 00:00:00 2001
From: Bill Buchanan <w.buchanan@napier.ac.uk>
Date: Mon, 2 Feb 2026 11:26:12 +0000
Subject: [PATCH 3/4] Reorganize OpenSSL lab instructions in README

---
 unit02_symmetric/lab/README.md | 14 +++++++-------
 1 file changed, 7 insertions(+), 7 deletions(-)

diff --git a/unit02_symmetric/lab/README.md b/unit02_symmetric/lab/README.md
index a663f5d..1e67405 100644
--- a/unit02_symmetric/lab/README.md
+++ b/unit02_symmetric/lab/README.md
@@ -14,13 +14,13 @@ Sample answers: [here](https://github.com/billbuchanan/appliedcrypto/blob/master
 |-------|--------|---------|
 |  | Log into vSoC 2, and select your Ubuntu host (or your own AWS EC2 instance or virtual machine). | What is your IP address? |
 | 1 | Use: ```openssl list -cipher-commands``` | Outline five encryption methods that are supported:   |
-| 2 | Use: ```openssl version``` | Outline the version of OpenSSL:    |
-| 3 | Using openssl and the command in the form: ```openssl prime -hex 1111``` | Check if the following are prime numbers: <br> 42 [Yes][No] 1421 [Yes][No] | 
-| 4 | Now create a file named myfile.txt (either use nano or another editor). Next. encrypt with aes-256-cbc <br> ```openssl enc -aes-256-cbc -in myfile.txt -out encrypted.bin -pbkdf2``` and enter your password. | Use the following command to view the output file: ```cat encrypted.bin``` Is it easy to write out or transmit the output: [Yes][No]. What does the ```-pbkdf2``` part do? | 
-| 5 | Now repeat the previous command and add the –base64 option. <br>```openssl enc -aes-256-cbc -in myfile.txt -out encrypted.bin –base64 -pbkdf2``` | Use the following command to view the output file: ```cat encrypted.bin``` Is it easy to write out or transmit the output: [Yes][No]
-| 6 | Now repeat the previous command and observe the encrypted output. <br>```openssl enc -aes-256-cbc -in myfile.txt -out encrypted.bin –base64 -pbkdf2``` | Has the output changed? [Yes][No] Why has it changed? |
-| 7 | Now let’s decrypt the encrypted file with the correct format: ```openssl enc -d -aes-256-cbc -in encrypted.bin -pass pass:napier -base64 -pbkdf2``` Has the output been decrypted correctly? | What happens when you use the wrong password? |
-| 8 | If you are working in the lab, now give your secret passphrase to your neighbour, and get them to encrypt a secret message for you.  To receive a file, you listen on a given port (such as Port 1234) ```nc -l -p 1234 > enc.bin``` And then send to a given IP address with: ```nc -w 3 [IP] 1234 < enc.bin``` | Did you manage to decrypt their message? [Yes][No] | 
+|  | Use: ```openssl version``` | Outline the version of OpenSSL:    |
+| 2 | Using openssl and the command in the form: ```openssl prime -hex 1111``` | Check if the following are prime numbers: <br> 42 [Yes][No] 1421 [Yes][No] | 
+| 3 | Now create a file named myfile.txt (either use nano or another editor). Next. encrypt with aes-256-cbc <br> ```openssl enc -aes-256-cbc -in myfile.txt -out encrypted.bin -pbkdf2``` and enter your password. | Use the following command to view the output file: ```cat encrypted.bin``` Is it easy to write out or transmit the output: [Yes][No]. What does the ```-pbkdf2``` part do? | 
+| 4 | Now repeat the previous command and add the –base64 option. <br>```openssl enc -aes-256-cbc -in myfile.txt -out encrypted.bin –base64 -pbkdf2``` | Use the following command to view the output file: ```cat encrypted.bin``` Is it easy to write out or transmit the output: [Yes][No]
+| 5 | Now repeat the previous command and observe the encrypted output. <br>```openssl enc -aes-256-cbc -in myfile.txt -out encrypted.bin –base64 -pbkdf2``` | Has the output changed? [Yes][No] Why has it changed? |
+| 6 | Now let’s decrypt the encrypted file with the correct format: ```openssl enc -d -aes-256-cbc -in encrypted.bin -pass pass:napier -base64 -pbkdf2``` Has the output been decrypted correctly? | What happens when you use the wrong password? |
+| 7 | If you are working in the lab, now give your secret passphrase to your neighbour, and get them to encrypt a secret message for you.  To receive a file, you listen on a given port (such as Port 1234) ```nc -l -p 1234 > enc.bin``` And then send to a given IP address with: ```nc -w 3 [IP] 1234 < enc.bin``` | Did you manage to decrypt their message? [Yes][No] | 
 
 
 10.  With OpenSSL, we can define a fixed salt value that has been used in the ciphering process. For example, in Linux:

From 2f53efcc3d6ebe4534ab0e9df873711ffe4fcbd8 Mon Sep 17 00:00:00 2001
From: Bill Buchanan <w.buchanan@napier.ac.uk>
Date: Mon, 2 Feb 2026 11:38:10 +0000
Subject: [PATCH 4/4] Revise possible_ans.md with OpenSSL Q&A

Updated OpenSSL commands and added questions with examples.
---
 unit02_symmetric/lab/possible_ans.md | 101 +++++++++++++++++++++------
 1 file changed, 81 insertions(+), 20 deletions(-)

diff --git a/unit02_symmetric/lab/possible_ans.md b/unit02_symmetric/lab/possible_ans.md
index 8f39553..efdae75 100644
--- a/unit02_symmetric/lab/possible_ans.md
+++ b/unit02_symmetric/lab/possible_ans.md
@@ -1,41 +1,102 @@
 ## A OpenSSL
 ### A.1 - A.7
 
-A.1) 
+## Q2
+```
+% openssl version
+OpenSSL 3.3.1 4 Jun 2024 (Library: OpenSSL 3.3.1 4 Jun 2024)
+```
 
-     openssl list -cipher-commands
+## Q3
+```
+% openssl prime -hex 1111 
+1111 (1111) is not prime
 
-     openssl version
+```
 
-A.2) 
+## Q4
+```
+% openssl enc -aes-256-cbc -in myfile.txt -out encrypted.bin -pbkdf2
+enter AES-256-CBC encryption password:
+Verifying - enter AES-256-CBC encryption password:
+% cat encrypted.bin 
+Salted__?P*?!\ ???	8???]?\[?B%   
+```
 
-     openssl prime –hex 1111
+## Q5
 
-A.3)
+```
+% openssl enc -aes-256-cbc -in myfile.txt -out encrypted.bin -base64 -pbkdf2
+enter AES-256-CBC encryption password:
+Verifying - enter AES-256-CBC encryption password:
+% cat encrypted.bin 
+U2FsdGVkX18fxEIzLHSfpYfpaLajibZ7ScHDCqemSEw=
+```
 
-     openssl enc -aes-256-cbc -in myfile.txt -out encrypted.bin
+## Q6
+```
+% openssl enc -aes-256-cbc -in myfile.txt -out encrypted.bin -base64 -pbkdf2
+enter AES-256-CBC encryption password:
+Verifying - enter AES-256-CBC encryption password:
+% cat encrypted.bin
+U2FsdGVkX19d2L46jUg46+IO1WOOAjKJ/0O473YMxlI=
+```
 
-A.4)
+We use a random salt value each time, as we have now specified a salt value.
 
-     openssl enc -aes-256-cbc -in myfile.txt -out encrypted.bin -base64
+## Q7
+```
+% openssl enc -d -aes-256-cbc -in encrypted.bin -pass pass:napier -base64 -pbkdf2
+My message
+```
+## Q8
 
-A.6)
+```
+echo -n "Hello" | openssl enc -aes-256-cbc -pass pass:"paris" -e -base64 -S 241fa86763b85341 -pbkdf2
+tZCdiQE4L6QT+Dff82F5bw==
+```
 
-If you used ***napier*** as the password, you can decrypt the file using:
 
-     openssl enc -d -aes-256-cbc -in encrypted.bin -pass pass:napier -base64
+## Q9
 
-A.7)
+```
+echo tZCdiQE4L6QT+Dff82F5bw== | openssl enc -aes-256-cbc -pass pass:paris"" -d  -base64 -S 241fa86763b85341 -pbkdf2
+Hello
+```
 
-Encrypt the file using blowfish:
+## Q10
 
-     openssl enc -blowfish -in myfile.txt -out encrypted.bin -base64
-     
-If you used ***napier*** as the password, you can decrypt the file using:
+```
+echo -n "Hello" | openssl enc -aes-128-cbc -pass pass:"london" -e -base64 -S 241fa86763b85341 -pbkdf2
+echo -n "Hello" | openssl enc -aes-128-cbc -pass pass:"london" -e -base64 -salt -pbkdf2
 
-     openssl enc -d -blowfish -in encrypted.bin -pass pass:napier -base64 
-     
-**NOTE:** if you get an empty output, ensure that you have added a super secret message in the *myfile.txt* and execute again the previous commands.
+9Z+NtmCdQSpmRl+eZebFXQ==
+U2FsdGVkX1/8ajTn5wyaPAk2PBG/n+nJ38w1N/vZt38=
+
+echo -n "Hello" | openssl enc -aes-128-cbc -pass pass:"london" -e -base64 -S 241fa86763b85341 -pbkdf2
+echo -n "Hello" | openssl enc -aes-128-cbc -pass pass:"london" -e -base64 -salt -pbkdf2
+
+9Z+NtmCdQSpmRl+eZebFXQ==
+U2FsdGVkX1/VCIe2O1KaYL4NhwY5lpAPO9wMtyWc9Xo=
+```
+
+With the first command, we use the same salt value each time, but the second command uses a random salt value, so it will change each time. 
+
+## Q11
+
+Part 1 (password is glasgow):
+```
+echo "U2FsdGVkX1+7VpBGwevibQGgescaz5nsArtGLNqFaXk="  | openssl enc -d -aes-128-cbc  -pass pass:glasgow -base64 -pbkdf2
+banana
+
+```
+
+Part 2 (password is edinburgh): 
+```
+echo "U2FsdGVkX18vpjgccu7VkPZrkncqADuy1kVKU9LbLec=" | openssl enc -d -aes-128-cbc  -pass pass:edinburgh -base64 -pbkdf2
+kiwi
+
+```
 
 ## D Python Coding (Encrypting)
 ### D.1