We're Open
+44 7340 9595 39
+44 20 3239 6980

CRYPTOGRAPHIC OPERATIONS WITH OPENSSL

  100% Pass and No Plagiarism Guaranteed

CRYPTOGRAPHIC OPERATIONS WITH OPENSSL

Question 3. Cryptographic Operations with OpenSSL

Objective: understand and apply different cryptographic primitives, use common encryption software (OpenSSL), and demonstrate secure procedures for key management.

Your task is to use OpenSSL to perform a set of cryptographic operations. When performing cryptographic operations you must be very careful, as a small mistake (such as a typo) may mean the result is an insecure system. Read the instructions carefully, understand the examples, and where possible, test your approach (e.g. if you encrypt a file, test it by decrypting it and comparing the original to the decrypted).

Perform the following steps:

(a)Generate your own RSA 4096-bit key pair. Use the public exponent of 65537. Save your key pair as keypair.pem.

(b)Extract your public key and save it as pubkey.pem.

(c)Create a Bash shell script that contains all OpenSSL commands you used on the terminal in the previous steps, as well as the following steps, and save them in a text file called commands.bash. You should copy-and-paste the actual commands you used from the terminal as they may be used to test your submission. As this script contains commands from steps (a), (b), (d), (e), (f) and (g), you should run those commands first and then put them in your script file, then do them again using the final script.

(d)Sign your Bash shell script using SHA1, saving the signature as signature.bin.

(e)Generate a 256 bit random value using OpenSSL. This value will be used as a secret key. Store the key as a 64 hex digit string in a file key.txt.

(f)Encrypt your Bash shell script using AES-256-CBC and the key generated in step (e).

Use and IV of all 0’s (that is, 32 0’s). Save the ciphertext as ciphertext.bin.

(g)Encrypt your key.txt file using RSA so that only the Unit Coordinator can view the contents. Save the encrypted key as secretkey.bin.

Multiple files are output from the above steps. You must submit the following on Moodle:

keypair.pem

pubkey.pem

commands.bash

signature.bin

key.txt

ciphertext.bin

secretkey.bin

The file names must be exactly as listed above. Use lowercase for all files and double-check the extensions (be careful that Windows doesn’t change the extension).

Examples of the OpenSSL operations needed to complete this task, as well as a Bash script, are on Moodle.

Advanced Network Security

Page 6 of 8

COIT20262

Assignment 1

Term 1, 2017

Marking Scheme

Once files are submitted, they will be decrypted/verified using the reverse operations of what you were expected to do.

If your files successfully decrypt/verify, and the commands (commands.bash) submitted are correct, then you will receive 9 marks.

If your files successfully decrypt/verify, but the commands contain errors, then you will receive between 6 and 8 marks, depending on the severity of the errors (e.g. small typo vs wrong command).

If your files do NOT successfully decrypt/verify, then your commands will be reviewed to determine what mistakes you made. You will receive between 0 and 7 marks, depending on the severity of the errors.

Up to 6 marks may be deducted for incorrect submissions (e.g. not all files submitted, additional files submitted, wrong files submitted, wrong filenames).

Advanced Network Security

Page 7 of 8

COIT20262

Assignment 1

Term 1, 2017

Question 4. Malware Research

Objective: research real malware and gain an understanding of the techniques used in the malware and countermeasures

Ransomware attacks are increasingly publicised. In addition it is estimated there are many more ransomware attacks not being made public, e.g. companies and users paying a ransom but not disclosing the attack. The prevalence of ransomware, and the impact it has on organisations, has led to the discussion of ransomware insurance. Your task is to study what is ransomware, what are the challenges and possible countermeasures, and report on it in an easy-to-understand manner. You must write a short report on ransomware that addresses at least the following issues/topics:

(a)What is ransomware?

(b)What are examples of ransomware attacks? For example, names of malware, organisations attacked.

(c)What are common methods of infection by ransomware?

(d)What is the payload in ransomware? What cryptographic techniques are commonly used?

(e)How is the ransom obtained? What is the role of Bitcoin (or other cryptocurrencies)?

(f)What are the options for users once infected?

(g)What countermeasures should users and organisations take to prevent ransomware attacks?

The above is a guide of what should be covered. You may also address other issues, and you don’t have to address them in the order listed.

There is no minimum/maximum length of the report. As a guide 1 to 2 pages of text (not including pictures) may be appropriate. In addition you may include your own pictures (not pictures from other sources) if they are useful in explaining ransomware. Including pictures from other sources, or including pictures that do not help with the explanation will not gain marks and may lead to reduced marks.

You may assume the audience of the report has similar background on network security as you. You should refer to techniques and concepts covered in the unit, and give sufficient technical detail to demonstrate you understand ransomware.

At least five (5) references should be included and follow the Harvard (author-date) style. References may be a mix of websites, textbooks and conference/journal articles.

Marking Scheme

1 mark will be given for each of the seven (7) topics/issues ((a) to (g)) if they are satisfactorily explained.

1 mark will be given if the report is well presented, including: well formatted, few spelling/grammar mistakes.

1 mark will be given if the references are sufficient and appropriate. Inclusion of inappropriate/irrelevant references will result in 0 marks.

Up to 6 marks may be deducted if the report is difficult to read (e.g. due to grammar), includes information irrelevant to the question, and/or includes material (pictures, quotes) taken from other sources.


100% Plagiarism Free & Custom Written,
Tailored to your instructions


International House, 12 Constance Street, London, United Kingdom,
E16 2DQ

UK Registered Company # 11483120


100% Pass Guarantee

STILL NOT CONVINCED?

View our samples written by our professional writers to let you comprehend how your work is going to look like. We have categorised this into 3 categories with a few different subject domains

View Our Samples

We offer a £ 2999

If your assignment is plagiarised, we will give you £ 2999 in compensation

Recent Updates

Details

  • Title: CRYPTOGRAPHIC OPERATIONS WITH OPENSSL
  • Price: £ 109
  • Post Date: 2024-08-28T18:23:38+00:00
  • Category: Assignment
  • No Plagiarism Guarantee
  • 100% Custom Written

Customer Reviews

 CRYPTOGRAPHIC OPERATIONS WITH OPENSSL CRYPTOGRAPHIC OPERATIONS WITH OPENSSL
Reviews: 5

A masterpiece of assignment by , written on 2020-03-12

The writer 0223 is really helpful. He gave me the best essay ever. Love you loads for such a great job and thanks again.
Reviews: 5

A masterpiece of assignment by , written on 2020-03-12

Now I am happy that I made the right decision of coming to Insta Research for help. My term paper was so technical and analytical at the same time. I got really confused about what to do but got relaxed when I was given such a humble writer. He clarified my concepts with the best explanations and discussions. I almost interacted with him on daily basis within the writing process. The best feature of this site is quick delivery as I got the work before my deadline. Additionally, the term paper is written skillfully and handled quite professionally. Now I am able to take a deep sigh of relief and thank you all for such speedy help. The quality of the work made my day.