cs

CSE 3482
Introduction to Computer Security

Lab 3
Cryptography

The purpose of this lab is to demonstrate the basics principles and common uses of symmetric
and asymmetric cryptography. In Part 1, we will experiment with Caesar Cipher and look at the
use of letter-frequency analysis to facilitate the decryption of Caesar Cipher. In Parts 2, 3 and 4,
we will perform experimentation using TripleDES, RSA, and Hybrid RSA-AES
encryption/decryption, respectively.

Tools: CrypTool.

1. Frequency Analysis and Caesar Cipher [20 points]

Before you begin: In the C:\ drive of your VM, create a directory ‘3482’. In this newly created
C:\3482 directory, download Lab3.zip file from the course website on Moodle. By unzipping
Lab3.zip, a directory C:\3482\Lab3 will be created. Verify that this directory comprises three
subdirectories: Part 1, Part 2, and Part 4.

1. Open a Windows Explorer, browse to the folder C:\3482\Lab3\Part1. Open MysteryText.txt

by double-clicking on it. Examine the content of this file.
Are you able to comprehend what the file is about? ______________________

2. Now, launch CrypTool (https://www.cryptool.org/en/ct1/) application by double-clicking on

CrypTool yellow icon situated on the computer’s desktop.
3. Select File -> Open, and then navigate to C:\3482\Lab3\Part1 to open MysteryText.txt.
4. Select Encrypt/Decrypt -> Symmetric (classical) -> Caeser / Rot-13. Observe that in order to
decrypt a file, CrypTool requires that you provide a key either in the form of a letter or in the
form of a number.
5. Check Key entry as -> Number value. Enter 3. Press Decrypt.
Does K=3 appear to be the right encryption/decryption
key for MysteryText.txt? __________________

6. Close Caesar Decryption of <MysteryText>, key <D, KEY OFFSET: 0>.

7. Now, try decrypting MysteryText.txt using K=21.
Does K=21 appear to be the right encryption/decryption
key for MysteryText.txt? _________________

8. Close Caesar Decryption of <MysteryText>, key <V, KEY OFFSET: 0>.

After two failed brute-force approaches to decrypting MysteryText.txt, let us use a better
decrypting strategy.

9. In CrypTool click on Analysis -> Tools for Analysis -> Histogram. This will generate a graph
showing the relative frequency/representation of characters in MysteryText.txt.

The most ‘frequent’ character in MysteryText.txt is: ______________________

10. In the Windows Explorer double-click on C:\3482\Lab3\Part1\LetterFreq.jpg – an image file

that has been included in Lab3.zip. The graph in this image shows the letter frequency in
English language (based on a text of 1 million words).

The most ‘frequent’ character in English language is: _____________________

11. Based on 9. and 10., we are in a good position to be able to estimate the
encryption/decryption key for MysteryText.txt.

The most likely encryption/decryption key is: ___________________________

12. Use the key estimated in 11. to decrypt MysteryText.txt. Save this (decrypted) file as
MysteryText_decrypted.txt.

The first sentence in MysteryText_decrypted.txt is:

________________________________________________________________

15. Select Analysis -> Tools for Analysis -> Histogram to generate the histogram of
MysteryText_decrypted.txt. Compare this new histogram with the one obtained in 9..

What can you say about the histograms of MysteryText.txt and

MysteryText_decrypted? Explain!

________________________________________________________________

________________________________________________________________

________________________________________________________________
16. In CrypTool, close all windows but MysteryText_decrypted.txt and its respective
histogram. Select Encrypt/Decrypt -> Symmetric (classical) -> Vigenere1. Enter ABCDEFG
in the Key Entry, and then click Encrypt.

17. Apply Analysis -> Tools for Analysis -> Histogram to the newly (Vigenere) encrypted file.

How does this histogram compare to the histogram of MysteryText.txt?

_______________________________________________________________

_______________________________________________________________

16. Again, in CrypTool, close all windows but MysteryText_decrypted.txt. Now, encrypt
MysteryText_decrypted.txt two times in a row - the first time by applying Caesar
encryption with K1=5, and the second time by applying Caesar encryption with K2=8.

Which key should we use to decrypt a message (M)

encrypted in such a way - E(K2, E(K1,M))? __________________
Verify your answer!

1
Vigenere is an encryption method that involves a series of different Caesar ciphers. For more see:
http://en.wikipedia.org/wiki/Vigenere_cipher.
2. TripleDES Encryption [20 points]

Triple DES (Data Encryption Algorithm) is a symmetric-key block cipher, which applies the
standard/original DES cipher algorithm three times to each data block. The original DES
cipher’s key size of 56 bits was generally sufficient when that algorithm was first designed. But,
the availability of increasing computational power made brute-force attacks feasible. Triple DES
provides a relatively simple method of increasing the key size of DES, without the need to
design a completely new block cipher algorithm.

1. In CrypTool, close all windows but MysteryText_decrypted.txt. Click on Analysis -> Tools
for Analysis -> N-Gram. The obtained table is a numerical representation of the histogram
from 1.15., and it should look like shown below. After inspection, take a snapshot of the N-
gram window and paste it as an image in Paint for later use. Close the N-gram window.

2. For MysteryText_decrypted.txt, select Encrypt/Decrypt -> Symmetric (modern) -> Triple-

DEC (CBC). Use 12 34 AB CD 00 00 00 00 00 … as the key (see below), and click Encrypt.

4. Save the newly encrypted file as C:\3482\Part3\MysteryText_3DES.hex. Generate the N-

Gram for this file by selecting Analysis -> Tools for Analysis -> N-Gram.
Is the N-Gram for MysteryText_3DES.hex different from the one generated for
MysteryText_decrypted.txt? How? Explain!
 _______________________________________________________________

_______________________________________________________________

_______________________________________________________________

Now, the encryption key that we have used in 2. is relatively weak. Let us assume that,
somehow, the adversary has learned all but the first four characters of the key.

5. For MysteryText_3DES.txt, select Analysis -> Symmetric Encryption (modern) -> Triple-
DEC (CBC). In the ‘Brute-Force Analysis of DEC (CBC)’ window enter ** ** AB CD 00 00 00
00 as the key (see below). Click Start.

What is the estimated/remaining brute-force decryption time displayed in the

status box?

_______________________________________________________________

7. Cancel the Brute-Force Analysis. This will generate a list of preliminary decryption results,
as shown below. The first of the enlisted results is readable. Click on Accept selection.
3. Digital Signatures using RSA [20 points]

RSA is one of the first practicable public-key (asymmetric) cryptosystems. It involves two
different types of keys: a public key and a private key. The public key can be known by
everyone and is used for encrypting messages. The messages encrypted with the public key
can only be decrypted in a reasonable amount of time using the private key. The RSA key
generation involves prime number manipulation.

Digital signature is a mathematical scheme for demonstrating the authenticity of a digital

message or document. A valid digital signature gives a recipient reason to believe that: 1) the
message was created by a known sender (authentication), and 2) that the message was not
altered in transit (integrity). The second goal is achieved by generating a hash value of the given
digital document, and the first goal by signing the generated hash with the sender’s private key.
The process of producing and verifying a digital signature is shown in the figure below.

In this part of the lab, you will create an RSA key-pair in Cryptool, and then use that key-pair to
sign and verify our MisteryText_decrypted.txt.

1. In CrypTool, close all windows but MysteryText_decrypted.txt. Click on Digital

Signatures/PKI -> PKI -> Generate/Import Keys ….
2. Keep RSA Algorithm option. Under User data enter the following:
Last name: Smith
First name: Alice
Key identifier: Alice Key
PIN code: cryptool
PIN: cryptool
Click on Generate new key pair … button.

3. The below window will show up. Click OK.

4. Click on Show Key Pair. You will obtain a list of asymmetric key pairs that are available
within CripTool. Select the key that we have just been created, and click on Show Public
Parameters.

The first 20 digits of Alice’s modulus are: ______________________________

The exponent of Alice’s public key is: _________________________________

5. Back in the list of available asymmetric key pairs, click on Show Certificate to view Alice
Smith’s certificate.

Alice’s certificate has the following serial number: _______________________

Alice’s certificate is valid for the following period: _______________________

6. Close both dialogs – Certificate Data and Available Asymmetric Key Pairs.

7. To sign our MysteryText_decrytpted.txt, select Digital Signature/PKI -> Sign Document.

Choose Alice’s key to be used when signing. Enter the following:
Choose hash function: RIPEMD-160
Choose signature algorithm: RSA
Choose a key/PSE to be used when signing: Smith Alice
PIN code for chosen PSE: cryptool
Click on Sign button. The signed document appears. The signature is placed at the start of
the document, followed by the actual document that has been signed (in this case, followed
by MysteryText_decrypted.txt).

8. To obtain a more clear presentation, with the separation of the signature and the document,
click on Digital Signature/PKI -> Extract Signature. After inspection, close Extracted
Signature window.

9. To check that the signed MysteryText_decripted.txt has not been altered, select Digital
Signature/PKI -> Verify Signature. Select Smith Alice from the list of signatures and click on
the Verify Signature button. The following dialog appears.
10. Now, in the RSA (RIPEMD160) signature of <MysteryText_decrypted> window modify the
message by deleting the word fox. Select Signature/PKI -> Verify Signature. Select Smith
Alice from the list of signatures and click on Verify Signature button. A dialog box appears.

The message in the dialog box is: ____________________________________

4. Hybrid RSA-AES Encryption/Decryption [40 points]

4.1 Hybrid RSA-AES Encryption (Concept of Digital Envelope)

Symmetric encryption is generally much faster than asymmetric encryption. However, one of the
main challenges of symmetric encryption is a secure exchange of encryption keys.

A combined (i.e., hybrid) symmetric-asymmetric encryption overcomes this problem, as

illustrated in the below figure. Namely, in the hybrid symmetric-asymmetric encryption, the
originator encrypts the data using an internally generated symmetric key. The result of this step
is known as the data block. Next, the originator takes the symmetric key and encrypts it using
an asymmetric algorithm and the end user’s (i.e., recipient’s) public key. The result of this
operation is known as a key block. Finally, the originator bundles the data block and the key
block into a single file, and communicates this file to the end user.

With a combined symmetric-asymmetric encryption, we are able to achieve two important goals:
a) Fast encryption of the actual document/data that is to be sent; and
b) Secure delivery of the symmetric key, together with the encrypted document.

In this part of the lab, you will perform hybrid RSA-AES encryption of
MysteryText_encrypted.txt.

1. In CrypTool, close all windows but MysteryText_decrypted.txt. Click on Encrypt/Decrypt->

Hybrid -> RSA-AES Encryption …. The following diagram appears.
2. Click on Generate session key, and then on Session key.

The generated session key is: _______________________________________

3. Click on Encrypt document symmetry, and then on Encrypted document. The encrypted
document (data block) will appear in the lower window.

4. Now, click on Select asymmetr, key. Select Bob RSA-512 key. Click OK.

5. In the visualization window, click on Asymmetr. key.

The first 20 digits of Bob’s modulus are: _______________________________

The exponent of Bob’s public key is: __________________________________

6. Back in the visualization window, click on Encrypt session key asymmetry., and then on
Encrypted session key.

The first 10 hex values of encrypted session key are: _____________________

7. Click Save. A window containing encrypted message together with encrypted session key
will appear. Save this document as MysteryText_hybrid_encryption.hex.

4.1 Hybrid RSA-AES Decryption

In the Windows Explorer, browse to the folder C:\3482\Lab3\Part4. Open Secret.hex. This
document contains a message encrypted with hybrid RSA-AES encryption, using Bob’s public
key (PIN: 1234). Extract the actual content of the message from the given file and write it below:

_____________________________________________________________________