Scribd
Upload
49 views7 pages

INTE2625 Week 5 Lab Manual

Uploaded by

SaidurRahman
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
49 views7 pages

INTE2625 Week 5 Lab Manual

Uploaded by

SaidurRahman
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 7

INTE2625 Introduction to Cyber Security

Week 5 Lab Manual

Objectives
In this Lab, you are going to learn asymmetric/public key encryption and decryption using
an open-source tool called GnuPG. We assume that you have already practiced symmetric key
encryption using GPG in Week 4. Please refer to Week 4 lab if you have not practiced that yet.
For more information on GPG, please visit: https://www.gnupg.org/

At the end of the Lab, we will learn the following:


 Asymmetric or public key Encryption and Decryption using GPG in Kali Linux

Task-1: Asymmetric/Public Key Encryption using GPG

In this task, you will use two users of Kali Linux: kali (the default user) and alice (that you have
already created in Week 2 lab). If you have not created any user in your Kali Linux yet, refer to
Week 2 lab and create one.

We will consider the following scenario:


 There are two users in your Kali Linux: kali and alice.
 The user kali is the sender and alice is the recipient.
 The user kali has a file “test.txt” that contains a secret message “Top Secret”.
 The user kali encrypts the file “test.txt” using alice’s RSA public-key using GPG.
 The encrypted file is then sent to the user alice.
 The user alice decrypts the encrypted file using alice’s RSA private key.

Task-1.1: Create text file.


Login as a Kali user and create a file “test.txt” in the Desktop directory and put the text “Top
Secret” in the file. We are skipping the details as we it is already discussed previously.

Check if the file has been created:

1
Task-1.2: Generate RSA key-pair in GPG for the recipient Alice.
As discussed in the lecture, public-key encryption algorithm requires two keys: public and
private keys.
Login as the user alice (see previous labs). Use the following command in the Kali Linux
terminal to generate a key pair for the user alice:

You will be prompted to provide different information. You should provide as follows:

1. Type 1 and press Enter to select RSA and RSA

2. Enter key size 1024 bits and press Enter

3. Type 0 and press Enter to set no key expiry:

Confirm it by typing y:

4. Now, provide the following information:

2
You may be asked for a passkey. If so, provide one:

You should see the similar output as below:

Note: Please ignore other messages if you see any.

The keys are generated in a hidden directory /root/.gnupg which in the user root’s home
directory as the key was created using sudo privilege. You can view it by navigating to the user
root’s home directory by typing sudo ls -a /root.

3
Task-1.3: Making RSA Public key of Alice available to other users.

To communicate with others, public key of alice should be exported. Use the following
command to export the public key in text format (the default is binary format):

Here,

 --export: This option tells gpg to export the public key. By default, this will export the
public key in binary format unless additional options are provided.
 --armor: This option tells gpg to create ASCII-armored output instead of binary. ASCII
armor is a text-based encoding that allows the public key to be easily shared via email or
text files.
[email protected]: This specifies the user ID of the key to be exported. GPG uses
email addresses or other identifiers to locate the key within the keyring.
 alice_public.gpg: This is the name of the file where the exported public key will be
saved. The > alice_public.gpg part of the command ensures that the output is written to
this file.

Now, share the public key file ‘alice_public.gpg’ with the user kali (refer to Week 4 lab for file
sharing between users).

Task-1.4: Importing RSA Public key of alice by the user ‘kali’.

Login as the user kali (provide kali’s password when prompted):

We are assuming that you have shared the public key file to the user kali and the file is
currently in the home directory (/home/kali or ~). Now, use the following command to import
the public key file in the user kali’s key-ring:

You should see the following output:

4
Check if it’s in the user kali’s key-ring:

You should find it in the list as below:

Alice’s public key has been imported to Kali’s key-ring.

Task-1.5: File encryption by the user ‘kali’.

Now, the user kali will encrypt the file ‘test.txt’ using alice’s public key (accessed using Alice’s
key-id: [email protected]) and generate an encrypted file with a name ‘encrypted_test.txt’.
The command is as below:

Here,
 --encrypt: This option tells gpg to encrypt the specified file.
 --output encrypted_test.txt: This specifies the name of the file where the encrypted
output will be saved. In this case, the encrypted content will be written to
encrypted_test.txt.
 --recipient [email protected]: This option specifies the recipient of the encrypted
file. GPG will look for the public key associated with [email protected] in your
keyring and use it to encrypt the file. Only the private key corresponding to this
public key can decrypt the file.
 test.txt: This is the name of the file to be encrypted. GPG will read the contents of
this file, encrypt it, and then write the encrypted data to the output file specified by
the --output option.

Now, check if the encrypted file has been created or not. You should see the following output by
running ls command:

5
You may check the contents of the encrypted file using cat command:

Now, share the encrypted file ‘encrypted_test.txt’ to the user alice.

Task-1.6: File Decryption by the user ‘alice.

Login as user alice. Now, run the following command at the user alice’s side to decrypt the file
‘encrypted_test.txt’:

Here,
 --output decrypted_test.txt: This specifies the name of the file where the decrypted
output will be saved. In this case, the decrypted content will be written to
decrypted_test.txt.
 --decrypt: This option tells gpg to decrypt the specified file. GPG will use the
appropriate private key from your keyring to decrypt the file.
 encrypted_test.txt: This is the name of the file to be decrypted. GPG will read the
contents of this encrypted file, decrypt it, and then write the decrypted data to the
output file specified by the --output option.

A passphrase may be asked. This is the passphrase that alice used during the creation of the
key:

6
File has been decrypted which can be checked as follows:

The content of the decrypted file can be checked using the cat command:

Congratulations! You have now completed the public-key encryption and decryption using GPG.

You might also like