Jeremy Gutierrez CST-312: Network Security March 8, 2014 Lab 4 Task 1 What do you observe? There is a difference between the text editor and what is shown on the command. The text editor show a mismatch of numbers and characters. What in your key is of length 1024-bits? In my key the modulus and the private exponent appear to be 1024-bits. Are they similar in any way? The only similarity that I can see is the length of the different categories (i.e. exponent, prime1, ...) appear to be the same length. Which numbers to you image are used to decrypt using CRT? I believe that the prime numbers are used to decrypt using CRT. Make a hypothesis about which components of key.pri need to be kept secret and which can be made public? From the components of key.pri I believe that the prime number needs to be kept private. The other components are not as vital to keeping the secret. Was you previous hypothesis correct? Yes, my hypothesis was correct, but the exponent and coefficients were also kept secret. Is this what you expected? This is more or less what I expected to see, with the exception of the exponents and co-efficient were also included. I hadn't thought to include it. Why were you able to create key.pub from key.pri? You were able to create key.pub from key.pri becausekey.pub is an a file that was created from the command line requesting for all the public information. Could we have created key.pri from the key.pub? No, you would not be able to create the key.pri file from key.pub as the private information needed to create key.pri is not in it. To who did you just encrypt this file? This file was just encrypted using a public key and meant for a specific individual. What must a recipient of the cipher text have in order to decrypt it? In order to decrypt this file you would need the private key associated with it. Is this "textbook" RSA? Yes, the function is requiring a minimum and maximum amount of space and it uses padding to fulfill these requirements. Do you get the same thing? No, I am unable to get the same thing because the file has had padding added to it making it too big for the encryption algorithm. What length must the message be to use raw mode? In order for raw mode to be used the message must be 128bytes. Compare these differences, What do you notice? The file encrypted with raw mode requires an message length of an exact size, while the file with the padding can vary in length. Task 2 What do you observe? The command returns with the company information as well as the public key information. What fields are there? The command returns with the fields: Company info, Name, email, Address, Certificate information, length of validation, public key info including modulus, exponent, serial number, and the algorithm that was used to create it. What do you observe in this certificate? The certificate displays all the information that I keyed in for the fake website. Where did the serial number of the certificate come from? The serial number was issued by the certificate authority of the program when it was added. What capabilities have you just given an entity by signing their public key? By signing their public key you have given the entity knowledge as to who has accessed their certificate. What prevents anyone from impersonating Google or other well-known service in this way? To help prevent impersonations services such as Google use a trusted third part CA to digitally sign and verify their certificates. Task 3 What do you observe? The page looks legitimate. Given all that you've done, is there any way for the user or the web browser to know you're not at the real google.com? The only way that I noticed was the page was not running https, but http. Google runs on https. What changes would you need to make to fix any problems you observe? You would need to add https, to correct the problem. How do the results compare? Block Size vs. Throughput 300000 250000 200000 150000 100000 50000 0 16 64 256 128-cbc 192-cbc 1024 8192 256-cbc Key Size vs. Throughput 0.045 0.04 0.035 0.03 0.025 0.02 0.015 0.01 0.005 0 512 1024 Sign 2048 Verify 4096