Lab 4 - Cryptography and Cryptographic Algorithms
Exercise 4.1 Investigation of different hash algorithms
-
Create a text file using the following command [nano editor]
-
This will open nano editor. Type in any message you like, for example: “We will explore digests of different hash algorithms” and save the file
-
Let’s try ‘-shake128’ first
-
Create script to run all hash algorithms at same time over the content saved in plaintext.txt and print their digest
-
Make that Script Executable and run the script with plaintext.txt
┌──(neo㉿0xNeoShell)-[~]
└─$ ./hashingscript.sh plaintext.txt
-shake128
SHAKE-128(plaintext.txt)= 4c088df47ea01bdc428061a47947b7bb
-md4
MD4(plaintext.txt)= 72d261ca836ee15686b99fd293aa13b0
-md5
MD5(plaintext.txt)= a15c802fc6be5ab7cb7af21918174342
-sha1
SHA1(plaintext.txt)= d57bdfa9344dd0de430a0aaf85d2eb381c104b6b
-ripemd160
RIPEMD-160(plaintext.txt)= f37c3931e72797e5bdd27390f3e51e5d1ff9c190
-sha3-224
SHA3-224(plaintext.txt)= 246a04f90d345136832c17416753f7a52182ca1808281a6edbd6e8b0
-
sha224
dgst: Unknown option or message digest:
sha224
dgst: Use -help for summary.
001C748CFFFF0000:error:0308010C:digital envelope routines:inner_evp_generic_fetch:unsupported:../crypto/evp/evp_fetch.c:355:Global default library context, Algorithm (
sha224 : 0), Properties (<null>)
-sha512-224
SHA2-512/224(plaintext.txt)= 7d655a01a76d860e61667467abb562d29ea68fbb9cf8feee86bb512f
-shake256
SHAKE-256(plaintext.txt)= 7a4b363e27b32eebb9668c041aa21b92aaa2d77195efdfa15fee97d00dda44c1
-blake2s256
BLAKE2S-256(plaintext.txt)= b7ee50448bc116010cc2e197646d5f2e34b02acc2981dad9295075f292542e04
-sha3-256
SHA3-256(plaintext.txt)= c0d38519eb95a6719713f77f37fbc5170c4aedf26e66a3c9addcf6bfbe86d0f0
-sha512-
256
dgst: Unknown option or message digest: sha512-
256
dgst: Use -help for summary.
00EC428BFFFF0000:error:0308010C:digital envelope routines:inner_evp_generic_fetch:unsupported:../crypto/evp/evp_fetch.c:355:Global default library context, Algorithm (sha512-
256 : 0), Properties (<null>)
-sm3
SM3(plaintext.txt)= a5a76015e363ad7c122ed022f8b08b3c033455f58da0502120a8f885b6da271c
-sha256
SHA2-256(plaintext.txt)= 799576e92f5c7b6cf0aec426f8a26c1be5aaa8755731268bff38dc6a353a67e7
-sha384
SHA2-384(plaintext.txt)= 79a9e076e125e0a407c049e8f355d73f33e1adeaa19a03b55191f91498fef4fecf46d87b369e6e82ab0986521c17e75a
-sha512
SHA2-512(plaintext.txt)= 2dd564aa1471c5ca05a49b7bb38fb36d45ba9e09463d16410f7edade930705e0865f7df358887f504c47f44caae49982b2f93167580547e8a22fdaf18ef0e4a4
-sha3-512
SHA3-512(plaintext.txt)= d31bf720e1d103a7fe419922939efcc6b8bcab276280725b71af1fed959a369232be6d974533aeaa79242659314bb99d3eaaf3172fb74cd7fd1bf3999ca22761
-whirlpool
WHIRLPOOL(plaintext.txt)= d1f8786da2d6b8e77c6922f8f72cbf43318acb7d66cc490bfc5a4800fdda97935ac02f09c1f329b2373d87a97abcde8289122457a0565db1930afbbb7c81b95a
- Comparison of SHA256 hashes for the original and modified files to observe the impact of a minor change
The hashes of the two files are completely different, even though the files are very similar. This demonstrates the avalanche effect of cryptographic hash functions, where even a tiny change in the input (like adding a single character) results in a drastically different output. This property ensures the integrity and uniqueness of hashed data.
Exercise 4.2. Encrypting and Decrypting Data Using OpenSSL
Part 1: Encrypting Messages with OpenSSL
-
Create text file using nano and add text inside it
-
From the same terminal window, issue the command below to encrypt the text file. The command will use AES-256 to encrypt the text file and save the encrypted version as message.enc. OpenSSL will ask for a password and for password confirmation. Provide the password as requested and be sure to remember the password
Password : neo
-
When the process is finished, use the cat command again to display the contents of the message.enc file The contents of message.enc are encrypted binary data, starting with “Salted__,” likely indicating OpenSSL encryption with a salted password.
-
To make the file readable, run the OpenSSL command again, but this time add the -a option. The -a option tells OpenSSL to encode the encrypted message using Base64 coding before storing the results in a file
Yes, the message.enc file is now readable because it has been Base64-encoded, as indicated by the -a option in the OpenSSL command. The file contents are now a sequence of ASCII characters, making it easier to display and transmit over text-based systems without corruption.
Part 2: Decrypting Messages with OpenSSL
Was the file decrypted correctly?
- Yes, the file was decrypted correctly as the cat decrypted.txt command displayed the original plaintext message (We will use openssl library to encrypt and decrypt plain text). This confirms that the correct password was used for decryption, and the process restored the original data.
Why does the decryption command include the -a option?
- The -a option is included because the file (message.enc) was Base64-encoded during encryption. This option tells OpenSSL to first decode the Base64 data back into its raw binary form before performing the decryption process. Without -a, OpenSSL would attempt to decrypt the Base64 text directly, resulting in an error.
It is possible to encrypt and decrypt using openssl by including the key in the command line – how would you do
this?
- To encrypt and decrypt using OpenSSL by including the key in the command line, you can use the -pass option to derive the key from a password, like this: openssl aes-256-cbc -in plaintext.txt -out encrypted.enc -pass pass:neo for encryption and openssl aes-256-cbc -d -in encrypted.enc -out decrypted.txt -pass pass:neo for decryption.
Exercise 4.3 Generating RSA keys using OpenSSL
- Generate RSA private key using the openssl tool command
- Generate RSA public key using the openssl tool command
The file type PEM is designed to manage public/private key pairs. Use the cat command to display the contents of both keys
┌──(neo㉿0xNeoShell)-[~]
└─$ openssl rsa -text -in private.pem
Private-Key: (512 bit, 2 primes)
modulus:
00:ba:d6:f0:2a:4f:d7:c8:74:e4:c6:90:34:0c:11:
09:32:76:50:20:23:3d:16:04:07:54:b2:c7:ef:8d:
f8:7b:f6:e0:6b:f0:d2:9a:c2:37:49:b4:f2:6f:21:
47:bc:da:61:45:93:c2:21:36:f5:ff:5b:ab:6a:42:
1f:c6:d2:03:4f
publicExponent: 65537 (0x10001)
privateExponent:
00:9c:13:54:c8:63:ae:23:db:d2:08:35:09:e5:52:
8d:d6:43:93:27:65:88:6f:cd:a9:ba:0d:26:8b:6c:
93:38:29:51:cf:ee:23:66:be:a4:2a:53:cd:fa:45:
ed:0e:24:30:17:67:00:13:1b:c5:29:6b:52:61:45:
0f:53:48:07:81
prime1:
00:f0:19:87:0e:db:3a:54:f4:54:96:0e:c2:9b:13:
c1:95:2a:ef:3a:40:01:87:d7:8a:1c:a4:12:d0:a8:
ac:15:a1
prime2:
00:c7:36:7a:65:68:56:da:ee:6a:d3:1a:71:79:c6:
42:c4:ec:66:60:c2:34:e5:5d:0f:11:90:23:fd:71:
54:92:ef
exponent1:
00:97:84:a4:94:9d:88:ac:40:1c:79:2e:0b:65:6e:
0c:46:24:78:1f:dc:70:9a:d7:4c:93:52:7f:85:2a:
4c:9e:c1
exponent2:
00:9a:7d:5d:1e:17:74:84:04:31:43:d5:55:fb:22:
0d:d5:b9:9f:0b:9a:90:7a:ef:58:28:3e:a8:2a:7c:
21:22:71
coefficient:
14:57:f2:de:51:6e:8e:76:d7:d2:94:ee:52:e6:a3:
e1:a0:33:9e:fc:bf:fa:91:d0:76:6d:23:7e:1d:a9:
37:72
writing RSA key
-----BEGIN PRIVATE KEY-----
MIIBVgIBADANBgkqhkiG9w0BAQEFAASCAUAwggE8AgEAAkEAutbwKk/XyHTkxpA0
DBEJMnZQICM9FgQHVLLH7434e/bga/DSmsI3SbTybyFHvNphRZPCITb1/1urakIf
xtIDTwIDAQABAkEAnBNUyGOuI9vSCDUJ5VKN1kOTJ2WIb82pug0mi2yTOClRz+4j
Zr6kKlPN+kXtDiQwF2cAExvFKWtSYUUPU0gHgQIhAPAZhw7bOlT0VJYOwpsTwZUq
7zpAAYfXihykEtCorBWhAiEAxzZ6ZWhW2u5q0xpxecZCxOxmYMI05V0PEZAj/XFU
ku8CIQCXhKSUnYisQBx5LgtlbgxGJHgf3HCa10yTUn+FKkyewQIhAJp9XR4XdIQE
MUPVVfsiDdW5nwuakHrvWCg+qCp8ISJxAiAUV/LeUW6OdtfSlO5S5qPhoDOe/L/6
kdB2bSN+Hak3cg==
-----END PRIVATE KEY-----
┌──(neo㉿0xNeoShell)-[~]
└─$ cat public.pem
-----BEGIN PUBLIC KEY-----
MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALrW8CpP18h05MaQNAwRCTJ2UCAjPRYE
B1Syx++N+Hv24Gvw0prCN0m08m8hR7zaYUWTwiE29f9bq2pCH8bSA08CAwEAAQ==
-----END PUBLIC KEY-----
- Encryption and Decryption of a Short Message Using OpenSSL
Encryption
Decryption
Yes , it worked out
Exercise 4.4a Running RSA using Python
A note in security
