Presentation is loading. Please wait.

Presentation is loading. Please wait.

Network Security: Lab#2 J. H. Wang Apr. 28, 2011.

Published byKarl Bridgman Modified over 9 years ago

Similar presentations

Presentation on theme: "Network Security: Lab#2 J. H. Wang Apr. 28, 2011."— Presentation transcript:

1 Network Security: Lab#2 J. H. Wang Apr. 28, 2011

2 Objectives To learn to use message digest –MD5 To learn to use secure hash functions –SHA-1, SHA-2 To learn to use one of the public-key cryptography standards –RSA To learn to use digital signatures

3 Libraries Used in this Lab OpenSSL: an open source implementation of SSL and TLS protocols –Widely used on various platforms UNIX-like: Linux, Solaris, Mac OS X, BSD Windows –Cryptographic algorithms supported MD5, SHA-1, SHA-2 RSA –(Installation skipped: the same as in Lab#1)

4 OpenSSL Command-Line Tools OpenSSL command-line tool –MD5: openssl md5 –SHA: (-224, -256, -384, -512) SHA: openssl sha SHA-1: openssl dgst -sha1

5 OpenSSL Command-Line Tools Alternative commands –MD5: openssl dgst -md5 –SHA: SHA: openssl dgst -sha SHA-1: openssl dgst -sha1

6 Experiment Scenario Prepare a file to be encrypted or signed, say “original.txt” First, we encrypt the file into encrypted file “enc.txt” (using receiver’s public key) Then, we decrypt it and get another file “dec.txt” (using receiver’s private key) Finally, we check if the decrypted file is the same as the original file

7 Limitations of the Tool File size: cannot be larger than 64 bytes –It depends on the key size (default: 512 bits) –We can set a larger key size E.g. for generating private key of 1024 bits: –openssl genrsa -out key.s 1024 –Still a serious limitation

8 Real Application Scenario For each person, a pair of keys is first generated To send a large file, it must be first divided into pieces before encryption (in a program) The decryption process is also followed by a merge of decrypted pieces

9 OpenSSL Command-Line Tools OpenSSL command-line tool for RSA –Notation: : secret key : public key –Key management: Private key generation: openssl genrsa -out To output public key: openssl rsa -in -pubout -out –Encryption/decryption: Encrypt with public key: openssl rsautl -encrypt -pubin -inkey -in -out Decrypt with private key: openssl rsautl -decrypt -inkey -in -out

10 OpenSSL Command-Line Tools Alternative commands for RSA: (using pkeyutl) –Encryption/decryption: Encrypt with public key: openssl pkeyutl -encrypt -pubin -inkey -in -out Decrypt with private key: openssl pkeyutl -decrypt -inkey -in -out

11 OpenSSL command-line tool for Digital Signature –Notation: : original file : signature file –Digital signature: Sign: openssl rsautl -sign -inkey -in -out Verify: openssl rsautl -verify -pubin -inkey -in –Alternative commands: Sign: openssl pkeyutl -sign -inkey -in -out Verify: openssl pkeyutl -verify -inkey -sigfile -in Recover: openssl pkeyutl -verifyrecover -pubin -inkey - in

12 OpenSSL Libraries for Message Digests OpenSSL crypto library –MD5: 128-bit #include Initialize a MD5_CTX structure: MD5_Init() MD5_Update() MD5_Final() Computes the message digest: MD5()

13 OpenSSL Libraries for Secure Hash Functions –SHA1: 160-bit #include Initialize a SHA_CTX structure: SHA1_Init() SHA1_Update() SHA1_Final() Computes the message digest: SHA1() –EVP: high-level interface to cryptographic functions #include EVP_Digest…() functions: message digests

14 OpenSSL Libraries for Public-Key Cryptography –RSA: #include RSA structure RSA_...() functions –EVP: high-level interface to cryptographic functions #include EVP_Seal…(), EVP_Open…(): public key encryption/decryption EVP_PKEY…() functions: asymmetric algorithms

15 OpenSSL Libraries for Digital Signature –EVP: high-level interface to cryptographic functions #include EVP_Sign…(), EVP_Verify…(): digital signature

16 Summary Key generation Encrypting a file (using public-key cryptography) Decrypting a file (using public-key cryptography) Signing a file Verifying a file

Download ppt "Network Security: Lab#2 J. H. Wang Apr. 28, 2011."

Similar presentations

Chapter 3 Public Key Cryptography and Message authentication.

Chapter 3 Public Key Cryptography and Message authentication.
Spring 2000CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.

Spring 2000CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
SSL Implementation Guide Onno W. Purbo

SSL Implementation Guide Onno W. Purbo
Presented by Fengmei Zou Date: Feb. 10, 2000 The Secure Sockets Layer (SSL) Protocol.

Presented by Fengmei Zou Date: Feb. 10, 2000 The Secure Sockets Layer (SSL) Protocol.
Digital Signatures and Hash Functions. Digital Signatures.

Digital Signatures and Hash Functions. Digital Signatures.
An Introduction to Security Concepts and Public Key Infrastructure (PKI) Mary Thompson.

An Introduction to Security Concepts and Public Key Infrastructure (PKI) Mary Thompson.
Java Security Model Lab#1 I. Omaima Al-Matrafi. Safety features built into the JVM Type-safe reference casting Structured memory access (no pointer arithmetic)

Java Security Model Lab#1 I. Omaima Al-Matrafi. Safety features built into the JVM Type-safe reference casting Structured memory access (no pointer arithmetic)
Lesson Title: Introduction to Cryptography Dale R. Thompson Computer Science and Computer Engineering Dept. University of Arkansas

Lesson Title: Introduction to Cryptography Dale R. Thompson Computer Science and Computer Engineering Dept. University of Arkansas
EEC 693/793 Special Topics in Electrical Engineering Secure and Dependable Computing Lecture 6 Wenbing Zhao Department of Electrical and Computer Engineering.

EEC 693/793 Special Topics in Electrical Engineering Secure and Dependable Computing Lecture 6 Wenbing Zhao Department of Electrical and Computer Engineering.
Public-key Cryptography Montclair State University CMPT 109 J.W. Benham Spring, 1998.

Public-key Cryptography Montclair State University CMPT 109 J.W. Benham Spring, 1998.
Security Chapters 14,15. The Security Environment Threats Security goals and threats.

Security Chapters 14,15. The Security Environment Threats Security goals and threats.
Cryptography Basic (cont)

Cryptography Basic (cont)
Symmetric Key Distribution Protocol with Hybrid Crypto Systems Tony Nguyen.

Symmetric Key Distribution Protocol with Hybrid Crypto Systems Tony Nguyen.
Kemal AkkayaWireless & Network Security 1 Department of Computer Science Southern Illinois University Carbondale CS 591 – Wireless & Network Security Lecture.

Kemal AkkayaWireless & Network Security 1 Department of Computer Science Southern Illinois University Carbondale CS 591 – Wireless & Network Security Lecture.
Henric Johnson1 Chapter3 Public-Key Cryptography and Message Authentication Henric Johnson Blekinge Institute of Technology, Sweden

Henric Johnson1 Chapter3 Public-Key Cryptography and Message Authentication Henric Johnson Blekinge Institute of Technology, Sweden
Chapter 3 Encryption Algorithms & Systems (Part C)

Chapter 3 Encryption Algorithms & Systems (Part C)
Feb 19, 2002Mårten Trolin1 Previous lecture Practical things about the course. Example of cryptosystem — substitution cipher. Symmetric vs. asymmetric.

Feb 19, 2002Mårten Trolin1 Previous lecture Practical things about the course. Example of cryptosystem — substitution cipher. Symmetric vs. asymmetric.
Overview of Digital Signatures Introduction To Networks and Communications (CS 555) Presented by Bharath Kongara.

Overview of Digital Signatures Introduction To Networks and Communications (CS 555) Presented by Bharath Kongara.
Linux Cryptography overview and How-to’s using OpenSSL

Linux Cryptography overview and How-to’s using OpenSSL
Chapter 8.  Cryptography is the science of keeping information secure in terms of confidentiality and integrity.  Cryptography is also referred to as.

Chapter 8.  Cryptography is the science of keeping information secure in terms of confidentiality and integrity.  Cryptography is also referred to as.

Similar presentations

Ads by Google