-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
Showing
17 changed files
with
209 additions
and
1 deletion.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1 +1,56 @@ | ||
| # Task - 1 | ||
| # Task - 1 : AES encryption using different modes | ||
|
|
||
| The modes that will be used are : AES-128-CBC, AES-128-CFB, AES-128-ECB | ||
|
|
||
| The steps followed are : | ||
|
|
||
| 1. Create a text file and add some texts. | ||
| 2. `Encrypt` this file with `AES-128-CBC` using following command: | ||
|
|
||
| ``` | ||
| $ openssl enc -aes-128-cbc -e -in test.txt -out encrypt-aes-128-cbc.bin -k 00112233445566778889aabbccddeeff -iv 01020304050607080102030405060708 | ||
| ``` | ||
| Encrypted File : [encrypt-aes-128-cbc.bin](encrypt-aes-128-cbc.bin) | ||
| 3. `Decrypt` the encrypted file with `AES-128-CBC` using following command: | ||
| ``` | ||
| openssl enc -aes-128-cbc -d -in encrypt-aes-128-cbc.bin -out decrypt-aes-128-cbc.txt -k 00112233445566778889aabbccddeeff -iv 01020304050607080102030405060708 | ||
| ``` | ||
| Decrypted File : [decrypt-aes-128-cbc.txt](decrypt-aes-128-cbc.txt) | ||
| Similarly, we will encrypt and decrypt the file using two other modes. | ||
| ### AES-128-CFB | ||
| - Encryption | ||
| ``` | ||
| openssl enc -aes-128-cfb -e -in test.txt -out encrypt-aes-128-cfb.bin -k 00112233445566778889aabbccddeeff -iv 01020304050607080102030405060708 | ||
| ``` | ||
| Encrypted File : [encrypt-aes-128-cfb.bin](encrypt-aes-128-cfb.bin) | ||
| - Decryption | ||
| ``` | ||
| openssl enc -aes-128-cfb -d -in encrypt-aes-128-cfb.bin -out decrypt-aes-128-cfb.txt -k 00112233445566778889aabbccddeeff -iv 01020304050607080102030405060708 | ||
| ``` | ||
| Decrypted File : [decrypt-aes-128-cfb.txt](decrypt-aes-128-cfb.txt) | ||
| ### AES-128-ECB | ||
| In ECB mode, no iv (initialisation vector is needed) | ||
| - Encryption | ||
| ``` | ||
| openssl enc -aes-128-ecb -e -in test.txt -out encrypt-aes-128-ecb.bin -k 00112233445566778889aabbccddeeff | ||
| ``` | ||
| Encrypted File : [encrypt-aes-128-ecb.bin](encrypt-aes-128-ecb.bin) | ||
| - Decryption | ||
| ``` | ||
| openssl enc -aes-128-ecb -d -in encrypt-aes-128-ecb.bin -out decrypt-aes-128-ecb.txt -k 00112233445566778889aabbccddeeff | ||
| ``` | ||
| Decrypted File : [decrypt-aes-128-ecb.txt](decrypt-aes-128-ecb.txt) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,3 @@ | ||
| Information and Network Security course lab assignment - using openssl, hex editor and various encryption algorithm. | ||
|
|
||
| Goal is to perform various encryption and decryption task and compare among different algorithm. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,3 @@ | ||
| Information and Network Security course lab assignment - using openssl, hex editor and various encryption algorithm. | ||
|
|
||
| Goal is to perform various encryption and decryption task and compare among different algorithm. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,3 @@ | ||
| Information and Network Security course lab assignment - using openssl, hex editor and various encryption algorithm. | ||
|
|
||
| Goal is to perform various encryption and decryption task and compare among different algorithm. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Binary file not shown.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,3 @@ | ||
| Information and Network Security course lab assignment - using openssl, hex editor and various encryption algorithm. | ||
|
|
||
| Goal is to perform various encryption and decryption task and compare among different algorithm. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,46 @@ | ||
| # Task - 2 : Encryption mode - ECB vs CBC | ||
|
|
||
| ### AES ECB | ||
|
|
||
| 1. Download a .bmp file and name it. I named my file [penguin.bmp](penguin.bmp) | ||
| 2. Encrypt the image with ECB mode, using following command: | ||
|
|
||
| ``` | ||
| openssl enc -aes-128-ecb -e -in penguin.bmp -out encryptedECB.bmp -K 00112233445566778889aabbccddeeff | ||
| ``` | ||
| 3. For the .bmp file, the first 54 bytes contain the header information about the picture. But due to encryption, those 54 bytes changed. So, we have to replace the header of encrypted image with that of original image. | ||
| 4. To do that, open the original image in `HEX Workshop`. Copy the first 54 bytes. | ||
| 5. Now Open the encrypted image in `HEX Workshop`. Replace the first 54 bytes with the original image's header information. | ||
| 6. Now open the [encryptedECB.bmp](encryptedECB.bmp) with a picture viewing software to display it. Here, the shape of penguin can be understood, but penguin is not visible completely. | ||
| ### AES CBC | ||
| 1. Encrypt the image with CBC mode using following command : | ||
| ``` | ||
| openssl enc -aes-128-cbc -e -in penguin.bmp -out encryptedCBC.bmp -K 00112233445566778889aabbccddeeff -iv 20304050607082143234324324233333 | ||
| ``` | ||
| 2. Open the original image with `HEX Workshop` and copy the first 54 bytes. These are header information. | ||
| 3. Open the encrypted image with `HEX Workshop` and replace the first 54 bytes with the original header information. | ||
| 4. Open the [encryptedCBC.bmp](encryptedCBC.bmp) in any picture viewing software to display it. The image is not recognizable and shape of the penguin cannot be understood. | ||
| ### My Observation | ||
| 1. **ECB mode (Electronic Codebook):** | ||
| - Each block of plaintext is encrypted independently with the same key. | ||
| - Identical blocks of plaintext results in identical blocks of ciphertext. | ||
| - Less secure for image encryption as patterns, shape may be recognized from encrypted file. | ||
| 2. **CBC mode (Cipher Block Chaining):** | ||
| - Each block of plaintext is XORed with the previous ciphertext block before encryption. | ||
| - More resistant to patterns and repetition in the plaintext due to added diffusion. | ||
| - IV (Initialization Vector) is needed for the first block to start the chaining process. Hence, CBC is slower and more complex than ECB mode. | ||
| So, conclusion is `CBC is better than ECB for image encryption` as CBC is more resistant to pattern preservation and provides better security. | ||
Binary file not shown.
Binary file not shown.
Binary file not shown.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,51 @@ | ||
| # Task - 5 : Generating Message Digest | ||
|
|
||
| Following steps are followed to generate hash value of a file: | ||
|
|
||
| 1. Create a text file and add some text. I named it [text.txt](text.txt) | ||
| 2. Use the `SHA-256` (Secure Hashing Algorithm) hashing algorithm by the following command: | ||
|
|
||
| ``` | ||
| openssl dgst -sha256 text.txt | ||
| ``` | ||
| Generated Hash: | ||
| ``` | ||
| 2862d2fda986953340b9ad696afb168a6bd02eaa04efaea80452278f5852d416 | ||
| ``` | ||
| 3. Use the `SHA-1` hashing algorithm by the following command: | ||
| ``` | ||
| openssl dgst -sha1 text.txt | ||
| ``` | ||
| Generated Hash: | ||
| ``` | ||
| 8f0e7d6587f3d754343ead29c2115174891a6c1e | ||
| ``` | ||
| 4. Use the `MD-5` (Message Digest) hashing algorithm by the following command: | ||
| ``` | ||
| openssl dgst -md5 text.txt | ||
| ``` | ||
| Generated Hash: | ||
| ``` | ||
| 4ef7690f6ba6af63db4de8e29da21bd9 | ||
| ``` | ||
| ### Observations | ||
| 1. **SHA-256** | ||
| - Produces longer hash value (256bit, 32-byte) compared to MD5 and SHA-1. | ||
| - Provides better security against collisions and widely used in modern cryptographic application including digital signatures, certificate authorities, password hashing, and blockchain technology. | ||
| 2. **SHA-1** | ||
| - Produces 160 bit (20 byte) hash value. | ||
| - Considered weak and vulnerable to collision attacks. | ||
| 3. **MD5** | ||
| - Produces 128 bit (16 byte) hash value. | ||
| - Fast and commonly used for checksums and data integrity verification. | ||
| - Vulnerable to collision attacks. | ||
| So, `SHA-256 is the most secure one.` MD5, thought fast, considered insecure. SHA-1 is stronger than MD5 but also vulnerable to collision attacks and less secure than SHA-256. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1 @@ | ||
| This is for checking one way hash algorithm such as md5, sha1, sha256. So, I opened a text file and generated hash for each algorithm and the commands to do that. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,37 @@ | ||
| # Task - 6 : Keyed hash and HMAC | ||
|
|
||
| The following steps are followed to generate Keyed Hash and HMAC: | ||
|
|
||
| 1. Create a text file and add some text. I named it [text.txt](text.txt) | ||
| 2. Generate a keyed hash using `HMAC-MD5` algorithm by the following command | ||
| ``` | ||
| openssl dgst -md5 -hmac "key for hash based mac" text.txt | ||
| ``` | ||
| Generated Hash: | ||
| ``` | ||
| 0eecf7180df087de9b3c42cbc0961243 | ||
| ``` | ||
| 3. Generate a keyed hash using `HMAC-SHA1` algorithm by the following command | ||
| ``` | ||
| openssl dgst -sha1 -hmac "key for hash based mac" text.txt | ||
| ``` | ||
| Generated Hash: | ||
| ``` | ||
| 9935d4ad0a05a67b6bf1e2f57e936a6a00703a72 | ||
| ``` | ||
| 4. Generate a keyed hash using `HMAC-SHA256` algorithm by the following command | ||
| ``` | ||
| openssl dgst -sha256 -hmac "key for hash based mac" text.txt | ||
| ``` | ||
| Generated Hash: | ||
| ``` | ||
| 85805be3217d735e2c998bca83457f208aa19eb7866b17f4da4bd97eab29ab38 | ||
| ``` | ||
| ### Key size in HMAC | ||
| - HMAC does not require a key with a fixed size. It can accept keys of any length. | ||
| - The key size should be chosen based on the security requirements of the application and the cryptographic algorithm being used. | ||
| - However, for HMAC, it's `recommended to use keys that are at least as long as the block size` of the underlying hash function. Such as 16 bytes for HMAC-MD5, 20 bytes for HMAC-SHA1, 32 bytes for HMAC-SHA256. | ||
| - If the provided key is shorter than the block size of the hash function, it is usually padded to match the block size using appropriate padding schemes | ||
| - Using longer keys can provide better security against brute-force attacks, but excessively long keys may not necessarily enhance security significantly and can incur additional overhead in terms of processing and storage. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1 @@ | ||
| In this file, we are trying to generate a keyed hash for a file. In cryptography, an HMAC is a specific type of message authentication code (MAC) involving a cryptographic hash function and a secret cryptographic key. So, after creating a file with some text in it, we are using HMAC-MD5, HMAC-SHA256, HMAC-SHA1 to generate a keyed hash for each algorithm. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1 @@ | ||
| # Task - 7 : |