diff --git a/README.md b/README.md
index 27ae529..c3e3eae 100644
--- a/README.md
+++ b/README.md
@@ -23,7 +23,7 @@ The following is the draft timetable:
| 6 | 25 Feb 2022 | Key Exchange | Lab |
| 7 | 4 Mar 2022 | Digital Signatures and Certificates | Lab |
| 8 | 11 Mar 2022 | Revision lecture and Test 1/Coursework | Mini-project/Coursework |
-| 9 | 18 Mar 2022 | Test (Units 1-5) 40% of overall mark | |
+| 9 | 18 Mar 2022 | Test (Units 1-5) 40% of overall mark [here](https://github.com/billbuchanan/appliedcrypto/tree/main/z_assessments/test01) | |
| 10 | 25 Mar 2022 | Tunnelling | Lab |
| 11 | 1 Apr 2022 | Blockchain | Lab |
| 12 | 8 Apr 2022 | Future Cryptography | Lab |
diff --git a/unit05_key_exchange/lab/README.MD b/unit05_key_exchange/lab/README.MD
index 4013c1a..7fc7518 100644
--- a/unit05_key_exchange/lab/README.MD
+++ b/unit05_key_exchange/lab/README.MD
@@ -63,10 +63,10 @@ Do they match: [Yes] [No]
### B.1
Generate 768-bit Diffie-Hellman parameters:
```
-openssl dhparam -out dhparams.pem 768 -text
+openssl dhparam -out dhparams.pem -text 768
```
-View your key with:
+View your key exchange parameters with:
```
cat dhparams.pem
@@ -92,27 +92,27 @@ How would we change the g value?
### B.2
Let’s look at the Elliptic curves we can create:
-
+```
openssl ecparam -list_curves
-
+```
We can create our elliptic parameter file with:
-
+```
openssl ecparam -name secp256k1 -out secp256k1.pem
-
+```
Now view the details with:
-
+```
openssl ecparam -in secp256k1.pem -text -param_enc explicit -noout
-
+```
What are the details of the key?
Now we can create our key pair:
-
+```
openssl ecparam -in secp256k1.pem -genkey -noout -out mykey.pem
-
+```
Name three 160-bit curves:
diff --git a/unit06_trust_dig_cert/README.md b/unit06_trust_dig_cert/README.md
index 8538f86..8877b74 100644
--- a/unit06_trust_dig_cert/README.md
+++ b/unit06_trust_dig_cert/README.md
@@ -7,6 +7,8 @@ The key concepts are:
* Digital Certificate: Usage, formats, and PKI.
* Creation of the trust infrastructure.
+You can find examples of digital certificates [here](https://asecuritysite.com/digitalcert/).
+
## What you should know at the end of unit?
* Understand the trust infrastructures of PKI.
@@ -14,13 +16,14 @@ The key concepts are:
## Presentations
-* Unit 6 Presentation (PDF) - Digital Certs: [here](https://github.com/billbuchanan/esecurity/blob/master/unit06_trust_dig_cert/lab/new_lab06.pdf).
-* Unit 6 Presentation (lecture) - Digital Certs: [here](https://youtu.be/2ptgq8u0I5g).
-* Unit 6 Presentation (video) - Digital Certs: [here](https://youtu.be/ZJ2G8KC1zDs).
+* Week 7 Presentation (PDF) - Digital Certs: [here](https://asecuritysite.com/public/chapter06_digital_cert.pdf).
+* Week 7 Presentation (video) - Digital Certs: [here](https://youtu.be/ZJ2G8KC1zDs).
+* Doodle: [here](https://youtu.be/k1sCVNg3mho)
+
## Lab
-* Unit 6 Lab (PDF): [here](https://github.com/billbuchanan/esecurity/tree/master/unit06_trust_dig_cert/lab).
+* Unit 6 Lab (PDF): [here](https://github.com/billbuchanan/appliedcrypto/tree/master/unit06_trust_dig_cert/lab).
* Unit 6 Lab (video) - Digital Certs: [here](https://www.youtube.com/watch?v=-uNQFv0GTZc).
## Sample Exam Questions
diff --git a/unit06_trust_dig_cert/lab/README.MD b/unit06_trust_dig_cert/lab/README.MD
index 20ca995..5bdaf1e 100644
--- a/unit06_trust_dig_cert/lab/README.MD
+++ b/unit06_trust_dig_cert/lab/README.MD
@@ -1,4 +1,4 @@
-
+
# Lab 6: Trust and Digital Certificates
@@ -11,7 +11,7 @@ Objective: Digital certificates are used to define a trust infrastructure within
From this web link (Digital Certificate):
```
-http://asecuritysite.com/encryption/digitalcert
+http://asecuritysite.com/digitalcert/digitalcert
```
Open up Certificate 1 and identify the following:
@@ -21,7 +21,7 @@ Open up Certificate 1 and identify the following:
* Name:
* Issuer:
* What is CN used for:
-* What is ON used for:
+* What is OU used for:
* What is O used for:
* What is L used for:
@@ -89,7 +89,7 @@ Now we will create our own self-signed certificates.
### B.1
Create your own certificate from:
-Web link (Create Certificate): http://asecuritysite.com/encryption/createcert
+Web link (Create Certificate): [here](http://asecuritysite.com/digitalcert/createcert)
Add in your own details.
@@ -222,7 +222,7 @@ print ("State/province:", components['ST'])
print ("Country:", components['C'])
```
-Web link (CSR): [here](https://asecuritysite.com/encryption/csr)
+Web link (CSR): [here](https://asecuritysite.com/digitalcert/csr)
### D.8
Now check the signing on these certificate requests:
@@ -352,7 +352,7 @@ We have a root certificate authority of My Global Corp, which is based in Washin
### E.1 We will now view some PFX certificate files, and which are protected with a password:
-Web link (Digital Certificates): [here](http://asecuritysite.com/encryption/digitalcert2)
+Web link (Digital Certificates): [here](http://asecuritysite.com/digitalcert/digitalcert2)
* For Certificate 1, can you open it in the Web browser with an incorrect password:
* Now enter “apples” as a password, and record some of the key details of the certificate:
@@ -435,6 +435,67 @@ sudo /etc/init.d/apache2 restart
HTTPs should now be enabled with a self-signed certificate. If you try https://localhost, you will have to add an exception to view the page, as we are using a self-signed certificate:
+## Additional lab question
+The ECDSA signature is used in Bitcoin and Ethereum. Using the code [here](https://asecuritysite.com/ecdsa/ecdsa3):
+
+```python
+import sys
+import random
+import hashlib
+import libnum
+
+from secp256k1 import curve,scalar_mult,point_add
+
+msg="Hello"
+
+if (len(sys.argv)>1):
+ msg=(sys.argv[1])
+
+# Alice's key pair (dA,QA)
+dA = random.randint(0, curve.n-1)
+QA = scalar_mult(dA,curve.g)
+
+h=int(hashlib.sha256(msg.encode()).hexdigest(),16)
+
+k = random.randint(0, curve.n-1)
+
+rpoint = scalar_mult(k,curve.g)
+
+r = rpoint[0] % curve.n
+
+# Bob takes m and (r,s) and checks
+inv_k = libnum.invmod(k,curve.n)
+
+s = (inv_k*(h+r*dA)) % curve.n
+
+print (f"Msg: {msg}\n\nAlice's private key={dA}\nAlice's public key={QA}\nk= {k}\n\nr={r}\ns={s}")
+
+# To check signature
+
+inv_s = libnum.invmod(s,curve.n)
+c = inv_s
+u1=(h*c) % curve.n
+u2=(r*c) % curve.n
+P = point_add(scalar_mult(u1,curve.g), scalar_mult(u2,QA))
+
+res = P[0] % curve.n
+print (f"\nResult r={res}")
+
+if (res==r):
+ print("Signature matches!")
+```
+
+Run the code and answer the following questions:
+
+* How is the private key created?
+* How is the public key created?
+* Can you identify the nonce value used in the signature?
+* What are the two output values of the signature?
+* Which key (public or private key) is used to verify the signature?
+* Which key (public or private key) is used to verify the signature?
+
+
+
## What I should have learnt from this lab?
The key things learnt:
diff --git a/unit06_trust_dig_cert/lecture/README.md b/unit06_trust_dig_cert/lecture/README.md
index 2ee0ca5..ccedd49 100644
--- a/unit06_trust_dig_cert/lecture/README.md
+++ b/unit06_trust_dig_cert/lecture/README.md
@@ -15,8 +15,10 @@ The key concepts are:
## Presentations
* Week 7 Presentation (PDF) - Digital Certs: [here](https://asecuritysite.com/public/chapter06_digital_cert.pdf).
-* Week 7 Presentation (lecture) - Digital Certs: [here](https://youtu.be/2ptgq8u0I5g).
* Week 7 Presentation (video) - Digital Certs: [here](https://youtu.be/ZJ2G8KC1zDs).
+* Doodle: [here](https://youtu.be/k1sCVNg3mho)
+
+
diff --git a/z_assessments/test01/README.md b/z_assessments/test01/README.md
index d749dff..ab02ba6 100644
--- a/z_assessments/test01/README.md
+++ b/z_assessments/test01/README.md
@@ -1,11 +1,9 @@
# Test 1
-There will be four main questions in the exam: Symmetric Key (Unit 2), Hashing (Unit 3), Public Key (Unit 4), and Key Exchange (Unit 5). An outline is [here](https://www.youtube.com/watch?v=Oj3T2UO1WDw&feature=emb_title), and some learning outcomes are [here](https://github.com/billbuchanan/appliedcrypto/blob/master/z_assessments/test01/learning_outcomes.md). A PDF version of the questions is [here](https://github.com/billbuchanan/appliedcrypto/blob/master/z_assessments/test01/2021_fake_exam_questions.pdf) and a fake example paper is [here](https://github.com/billbuchanan/appliedcrypto/blob/master/z_assessments/test01/fake_exam_paper.md).
+There will be four main questions in the exam: Symmetric Key (Unit 2), Hashing (Unit 3), Public Key (Unit 4), Key Exchange (Unit 5) an Digital Certicates (Unit 6). An outline is [here](https://www.youtube.com/watch?v=Oj3T2UO1WDw&feature=emb_title), and some learning outcomes are [here](https://github.com/billbuchanan/appliedcrypto/blob/master/z_assessments/test01/learning_outcomes.md). A PDF version of the questions is [here](https://github.com/billbuchanan/appliedcrypto/blob/master/z_assessments/test01/2021_fake_exam_questions.pdf) and a fake example paper is [here](https://github.com/billbuchanan/appliedcrypto/blob/master/z_assessments/test01/fake_exam_paper.md).
-**Test date:** 18 March 2022 (open book test, taken over Moodle).
-
-** Test time: ** TBC
+**Test date:** 5pm, 18 March 2022 (open book test, taken over Moodle).
Some test details are:
@@ -85,3 +83,7 @@ Key topics: Diffie-Hellman, Simple DH calculations, ECDH operation, Passing with
* With Diffie-Hellman, G is 1579, and N is 7561. Bob selects 13 and Alice selects 14. Prove that the shared key is 868. [Ref: Key Exchange]
* Eve says that she sees the values passed within ECDH by Bob and Alice, and that she can crack the key. By explaining the ECDH key exchange method, outline how it would likely to be difficult for Eve to determine the shared key.
+### 5. Digital Ceritifcates
+* For PKI, briefly outline how Alice knows that she is using the correct version of Bob's public key.
+
+
diff --git a/z_assessments/test01/learning_outcomes.md b/z_assessments/test01/learning_outcomes.md
index 610ab9f..272e231 100644
--- a/z_assessments/test01/learning_outcomes.md
+++ b/z_assessments/test01/learning_outcomes.md
@@ -22,6 +22,7 @@ Students should:
1. Explain how the e and d values are determined within the RSA method. Where would I find this info? There are some examples [here](https://asecuritysite.com/log/rsa_examples.pdf).
1. Understand how the Diffie-Hellman process works, with a simple example.
1. Understand how the Elliptic Curve Diffie Hellman works, with a simple example.
+1. Understand the operation of PKI, and how Alice can get a trusted version of Bob's public key.
Remember to review sample paper [here](https://github.com/billbuchanan/appliedcrypto/blob/master/z_assessments/test01/fake_exam_paper.md) for some sample questions.