Most problems in this homework require the use of simple cryptographic tools. Many of them can be found in CrypTool, which is an open source software to learn cryptography and can be downloaded from http://www.cryptool.org. There are multiple versions of CrypTool and you might want to experiment with different version to identify the most appropriate one for each problem.
- (20 points,AES) The content in the binary file AES-ciphertext.bin has been encrypted via AES-128 in CBC mode under the key “YELLOW SUBMARINE” (case-sensitive, without the quotes, exactly 16 characters in ASCII coding, resulting in 16 x 8 = 128 bit key).
- Decrypt it using CrypTool.
- Can you decrypt it using Openssl tools? (Openssl is an open source toolkit that implements security protocols such as SSL but also includes a general purpose cryptography library which you will use. Openssl is usually part of most of the recent linux distributions. You can find more information online. What is the command? )
- (20 points, Modes of Operation) The image file apple.bmp contains a bitmap file of the logo of Apple. Open the file in Cryptool and encrypt it using DES with ECB mode. Replace the first 118 bytes of the ciphertext with that from the original bmp file, which is the bitmap file header. This will actually turn the ciphertext into a bmp file. Display this file using any image display program. What do you see? Does DES protect the confidentially of the image file? Repeat the experiment using DES with CBC mode. Can you explain the difference? Include screenshots of both images in your writeup.
- (20 pints) The SHA-1 cryptographic hash function produces a 160-bit hash for any given input. Since 160 bits is 20 bytes, there must be many files that have the same hash.Using the OpenSSL toolkit, you can compute the SHA-1 hash of any string:
- Compute the SHA-1 hash of the string “William Paterson University”.
- Given the length is 21 bytes, how many different files can you have?
- Given a file A that is 21 bytes in length, at least how many other 21-byte files will produce the same SHA-1 hash as A? ( Hints: how many pigeons? How many holes?)
- (20 points, RSA fundamentals) Perform encryption and decryption using the RSA algorithm for the following:
- p=3; q=11; e=7; M=5
- p=5, q=11; e=3; M=9
- (20 points, RSA Demo) Please go through all steps of the RSA Demonstration in Cryptool (native windows, not Java), available under Indiv. Procedures => RSA Cryptosystem => RSA Demonstration. Assuming p and q are of equal length, perform this procedure for at least the following sizes of the RSA keys: 8 bits (default), 128 bits and 1024 bits. For each case, record values of A) all components of a public key, B) all components of a private key, C) message, D) ciphertext.
$ echo “WPU” | openssl dgst –sha1
(stdin)= dc2d7be5dc9c996aa88d9d1c6167e99eb6cfbc91
Answer the following questions:
(For example, there are different files if the length of the file is 1 byte)
Try to encrypt 1, 2, N-1 and N-2, where N is the modulus and see if the results match your expectations. Record and discuss your findings.