Lab Narrative 1

shoulderslyricalAI and Robotics

Nov 21, 2013 (3 years and 11 months ago)

68 views


Lab Narrative 1

ITEC 6323 Cryptography


Brian Compton






Lab 1 Narrative

ITEC 5321

Brian Compton


Contents

Title: Part Zero


Introduction to OpenSSL

................................
................................
................................
.........................

3

Title: Part

One
-

Symmetric Cryptography

................................
................................
................................
..........................

4

Title: Part One A


Symmetric Key and File Exchange, Symmetric Decryption

................................
................................
..

6

Lab Questions


Open
SSL, Symmetric Cryptography
................................
................................
................................
..........

8

Title: Netcat

................................
................................
................................
................................
................................
.........

9

Title: Cryptcat

................................
................................
................................
................................
................................
....

11

Analysis / Reflection:

................................
................................
................................
................................
.........................

12


Lab 1 Narrative

ITEC 5321

Brian Compton


Lab Narrative

1




ITEC
6323




Brian Compton

Title:
Part Zero


Introduction

to OpenSSL

Objectives:

1.

Use OpenSSL from command line

2.

Use OpenSSL help pages from command line

3.

Review online resourc
es for OpenSSL usage

4.

Obtain NIST cryptographic standards from internet

Tools:

1.

Knoppix Linux

2.

Open SSL

Procedures and Results:

The purpose of this lab section is to become familiar with the cryptographic application OpenSSL.
OpenSSL is an
open source tool t
hat can be used to establish secure network connections as well as general file encryption. Full
documentation is available from the OpenSSL website:



In order to familiarize ourselves with the various commands and properties of OpenSSL, several command

line
arguments were used query the program. The following screenshots reveal the numerous ciphers and commands that
OpenSSL is capable of executing.

Lab 1 Narrative

ITEC 5321

Brian Compton


Figure
1
. Available ciphers in OpenSSL



Figure
2
. O
penSSL version and standard commands


Title:
Part One
-

Symmetric Cryptography

Objectives:

1.

Generate a pseudo random number

2.

Generate DES keys

3.

Use DES to encrypt/decrypt documents

4.

Download and encrypt an RFC

5.

Type a file to command line using cat command

6.

Crea
te file hashes to demonstrate file integrity

Tools:

1.

Knoppix

2.

OpenSSL

Lab 1 Narrative

ITEC 5321

Brian Compton

Procedures and Results:


This lab section demonstrates the ability for OpenSSL to encrypt documents using the DES algorithm. The first
step is to obtain an RFC file from the IETF. This f
ile will be used as the subject of encryption
processes. After obtaining
the file, I used OpenSSL to create a randomly generated key file that will be used for later encryption steps.


Figure
3
. OpenSSL generated DES key

The next

step involved using the OpenSSL command interface to encrypt the downloaded RFC file using the newly
generated key file. Once the command was executed, proof of file encryption was provided by printing the encrypted
file to screen, with the following res
ult:


Figure
4
. Contects of encrypted RFC file

The next step involves using hash files to prove that the original unencrypted file and the decrypted file are both still
identical. By using the MD5 hash algorithm in OpenSSL, both
files should end up with the same hash values, since the
files are the same.


Figure
5
. The hash values for both files are identical.

Lab 1 Narrative

ITEC 5321

Brian Compton

To further prove the ability of hashing files to check integrity, I created a copy of
the decryp
ted file and simply removed
a single space from within the body text. After rehashing the files that are identical except for a single space, the files
produced different hashes.


Figure
6
. Different hashes for files with a one c
haracter difference.


Title: Part One

A


Symmetric Key and File Exchange, Symmetric Decryption

Objectives:

1.

Use Apache to distribute an encrypted document

2.

Use Net Cat to distribute your DES key

3.

User Wireshark to capture packets

4.

Prove file integrity through

file hashes

5.

Rebuild DES key from captured packets

Tools:

1.

Knoppix

2.

Apache

3.

Net Cat

4.

Wireshark

Procedures and Results:

This lab demonstrates how to exchange DES keys with a lab partner via the Apache web server. These keys will be used
to unencrypt files. T
he second portion of this lab will demonstrate how Wireshark can capture the packets involved in
the key exchange and then how the key can be rebuilt from those capture packets.

The first steps were to edit the home page for my local Apache web server. Th
is was necessary so that my lab partner
could easily download and file that I had encrypted with my own DES key. Each of us edited the default Apache home
page of our local Apache servers and then downloaded each other’s encrypted files. Later, we will e
xchange the keys
used to encrypt those files via Net Cat.

Lab 1 Narrative

ITEC 5321

Brian Compton


Figure
7
. Local Apache home page edited to server encrypted file to lab partner.

Prior to exchanging keys via Net Cat, Wireshark was launched so that the packets for the k
ey transfer could be captured.
After launching Wireshark, DES keys were exchanged via the Net Cat utility.


Figure
8
. Using Net Cat to exchange key files.

Using the exchanged keys, both my partner and I were able to decrypt one an
other’s encrypted files.

Next, using the capture packets in Wireshark, I was able to re
-
assemble the DES key that was transferred between the
two computers.


Figure
9
. Key captured via Wireshark.



Lab 1 Narrative

ITEC 5321

Brian Compton

Lab Questions


OpenSSL, Symmetr
ic Cryptography

1.

What is OpenSSL?

OpenSSL is an open source tool that can be used to establish secure network connections as well as general file
encryption.


2.

In Part Zero, describe the ssl ciphers that you saw.

DES was used to encrypt the files, MD5 was
used to create hashes to verify file integrity


3.

In you needed information about openssl online, other than OpenSSL.org, where would you look?

Wikipedia, built
-
in help file and manual,
http://openssl.governmentsecurity.org/
, google search


4.

What does NIST me
an by the title “FIPS”?

FIPS stands for Federal Information Processing Standards, which are standards and guidelines created by the NIST
for federal use. They create FIPS when there are no sufficient pre
-
existing standards for a process.


5.

In Part One, des
cribe the security services and associated methods you employed to facilitate those services.

We addressed file integrity and confidentiality. Using DES to encrypt a file offers confidentiality. Using MD5 to hash
a file helps to ensure integrity.


6.

Briefl
y describe the key management problem associated with symmetric cryptography.

The problem with secret keys is keeping those keys secret. In order for symmetric crypto to occur, the keys used to
encrypt data have to be exchanged without revealing those key
s.


7.

Explain why most commercial crypto systems combine both
symmetric

and
asymmetric

technologies in a hybrid
technology.

Both forms of cryptography have pros and cons.
Symmetric

is quicker, but the secret key exchange
becomes a liability. Asymmetric mi
tigates this problem with combinations of public/private keys.

Hybrid systems
can take a private key (symmetric) and encrypt that key using a public key (asymmetric) thereby creating a safer
method for private key exchange.


8.

Compare and contrast symmetric

and
asymmetric

key lengths.

Symmetric methods use shorter keys. Asymmetric methods use much longer keys.


9.

Compare and contrast symmetric and asymmetric
speeds
.

Symmetric cryptography is much faster than asymmetric. This is in part due to the much shorte
r length of
symmetric keys when compared to asymmetric keys.


10.

What is FIPS 140
-
2
certification?

This is the NIST accreditation for qualifying cryptographic methods.


11.

Is OpenSSL still FIPS certified?

Yes


12.

What algorithm is the current FIPS
symmetric

standar
d? Include the key and block lengths in your answer.

AES is the current standard, with a block size of 128
bits

and a choice of key sizes:

128, 192, 256 bits


13.

What algorithm is currently the most popular asymm
etric algorithm?

RSA


14.

Describe a digital signature.

Digital signatures are an asymmetric cryptography method used to provide authenticity and non
-
repudiation to
message. Users can create public keys that verify that they are the ones who have “signed” a m
essage. This unique
identifier is created using a private key and an asymmetric algorithm.

Lab 1 Narrative

ITEC 5321

Brian Compton

15.

Can any cryptographic algorithm be proven to be unbreakable?

As far as I know, theoretically one time pad is unbreakable. All other algorithms can eventually be br
ute forced with
enough time and money.


16.

Compare and contrast block and stream cipher modes. Which is best for hardware implementation? Which is best for
software implementation?

Block ciphers operate best in software. They encrypt/decrypt data in set bloc
k sizes. The size of each block depends
on method. Steam cipher works best in hardware, and encrypts/decrypts data one bit at a time.


Title:
Netcat

Objectives:

1.

Learn the basic operations of the Netcat utility

Tools:

1.

Knoppix

2.

Netcat

Procedures and Result
s:


The Netcat utility can be used to read and write data across networks via TCP or UDP protocols. This program is
executed from a Linux command line.

Netcat’s command and syntax are displayed below.


Figure
10
. Netcat syntax an
d help information

Netcat has the ability to perform a banner grab. This is where the utility sends a message to a target computer and
listens for open ports. It can then grab specific information from those ports. In this case, a banner grab against my
p
artners lab machine revealed the following information:

Lab 1 Narrative

ITEC 5321

Brian Compton


Figure
11
. Partner's information obtained via Netcat banner grab.


Figure
12
. Netcat banner grab against the lan
-
inc.com domain

Figure 12 shows the

information obtained when the domain lan
-
inc.com is queried by Netcat. This information would
provide a potential attacker with software platform and version information that could be used to find a vulnerability to
exploit.

The next portion of the lab d
emonstrates how Netcat can transfer files and information between two machines. By
placing one machine into listen mode, a second machine can push a message to the listening PC. This connection can
allow for simple command line message or entire files to

be transferred.


Figure
13
. Message received via Netcat from partner PC.

Netcat can also write to output into a file.

Lab 1 Narrative

ITEC 5321

Brian Compton


Figure
14
. A file generated via Netcat
containing

ifconfig information.


Title: Cryp
tcat

Objectives:

1.

Use cryptcat as an alternative to Netcat

Tools:

1.

Knoppix

2.

Cryptcat

Procedures and Results:

Like Netcat, Cryptcat can transfer data via TCP or UDP protocols. However, unlike Netcat, Cryptcat encrypts the data
before it is transmitted. The
file is encrypted during the transfer and unencrypted on the receiving end.


Figure
15
5. Using Cryptcat to transfer a file.


Lab 1 Narrative

ITEC 5321

Brian Compton

Analysis / Reflection:

The cryptography portion of this lab served to demonstrate how basic cryptography f
unctions. I am not sure how I could
personally apply some of the tools demonstrated in this lab in the “real world,” but the lab does stand as a good learning
tool. The biggest thing to take from the cryptography portion of the lab is the ability to some
one to reconstruct secret
data from packets obtained via a sniffer. This example serves as a good reminder as to how vulnerable network
technology can be. The cryptography section also served to improve my understanding of basic crypto theory and how
key
s are used to encrypt data. The difficulty in sharing secret keys for symmetric crypto is also well demonstrated in this
lab.

The Netcat portion is useful in that the lab makes it apparent that Netcat can be used as an investigative tool. A network
or se
curity professional can use this tool to query unknown or suspicious addresses in an attempt to identify some
unknown presence.
Familiarity of the tool is also important so that I am aware that critical information can be obtained
from a web server or comp
uter via Netcat unless steps are taken to disable a computer’s response to a Netcat query.
Understanding the tools a hacker uses helps to create a better defense.