1 / 19

Network Security: Lab#1

Network Security: Lab#1. J. H. Wang Apr. 14, 2011. Objectives. To learn to use one of the symmetric block cipher standards DES 3DES AES To learn to use random number generators To learn to use stream cipher methods RC4. Libraries Used in this Lab.

kay
Télécharger la présentation

Network Security: Lab#1

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Network Security: Lab#1 J. H. Wang Apr. 14, 2011

  2. Objectives • To learn to use one of the symmetric block cipher standards • DES • 3DES • AES • To learn to use random number generators • To learn to use stream cipher methods • RC4

  3. Libraries Used in this Lab • OpenSSL: an open source implementation of SSL and TLS protocols • Widely used on various platforms • UNIX-like: Linux, Solaris, Mac OS X, BSD • Windows • Symmetric encryption algorithms supported • DES, 3DES, AES • RC4

  4. AES • Applications – archive and compression tools • RAR: encryption algorithm for RAR3 is AES 128-bit • WinZip: encryption algorithm AES 128-bit and 256-bit • 7z: open source archive file format • Encryption with AES 256-bit • Libraries • C: OpenSSL • C++: Crypto++

  5. 7-Zip • Homepage: http://www.7-zip.org/ • Current version: 9.20 for Windows (open source) • Steps • Install • Compress • Decompress

  6. OpenSSL • Homepage: http://www.openssl.org/ • Current version: 1.0.0d (open source) • Source: • Unix/Linux: openssl-1.0.0d.tar.gz • Binary: • Win32 OpenSSL : http://www.slproweb.com/products/Win32OpenSSL.html • Win32 OpenSSL v1.0.0d • Visual C++ 2008 Redistributables • Steps • Install • OpenSSL command-line tool • OpenSSL library

  7. Installing OpenSSL in Linux/UNIX • Download the tarball: openssl-1.0.0d.tar.gz • Unpack the package • gunzip openssl-1.0.0d.tar.gz • Extracting files from the archive • tar xvf openssl-1.0.0d.tar • Install the package • cd openssl-1.0.0d • ./config • make • make test • make install

  8. Experiment Scenario • Prepare a file for testing, say “original.txt” • Also, prepare a key (for encryption and decryption) on your own • After encryption, we get an encrypted file “enc.txt” • Decrypting the encrypted file will give us another file “dec.txt” • Finally, we check if “original.txt” is the same as “dec.txt”

  9. OpenSSL Command-Line Tools • OpenSSL command-line tool • DES: • Encryption: openssl des -in <file1> -out <file2> • Decryption: openssl des -d -in <file1> -out <file2> • 3DES: • Encryption: openssl des3 -in <file1> -out <file2> • Decryption: openssl des3 -d -in <file1> -out <file2> • AES: • Encryption: openssl aes-128-cbc -in <file1> -out <file2> • Decryption: openssl aes-128-cbc -d -in <file1> -out <file2>

  10. OpenSSL Command-Line Tools • Alternative commands • DES: • Encryption: openssl enc -des -in <file1> -out <file2> • Decryption: openssl enc -des -d -in <file1> -out <file2> • 3DES: 2-, 3-key • Encryption: openssl enc -des3 -in <file1> -out <file2> • Decryption: openssl enc -des3 -d -in <file1> -out <file2> • AES: 128-, 192-, 256-bit • Encryption: openssl enc -aes-128-cbc -in <file1> -out <file2> • Decryption: openssl enc -aes-128-cbc -d -in <file1> -out <file2>

  11. OpenSSL Libraries for symmetric encryption • OpenSSL crypto library • DES, 3DES: • #include <openssl/des.h> • Set the parity of key to odd: DES_set_odd_parity() • Generation of DES_key_schedule from a key and check if it’s a weak key: DES_set_key_checked() • Encryption/decryption: • DES_ncbc_encrypt() • DES_ede2_cbc_encrypt() • DES_ede3_cbc_encrypt()

  12. OpenSSL Documents • http://www.openssl.org/docs/ • Manual pages • openssl(1) • crypto(3) • HOWTO docs • Under doc/HOWTO/ in OpenSSL distribution • keys.txt

  13. Random Number Generator • Application • OpenSSL command-line tool • openssl rand <num> • In C: • #include <stdlib.h> • srand(): initialize by a seed • rand(): generate a random number

  14. OpenSSL library for random numbers • OpenSSL crypto library • rand: • #include <openssl/rand.h> • RAND_seed() or RAND_add() • Generate a number of bytes: RAND_bytes()

  15. RC4 • Applications • WEP • Remote Desktop Protocol • PDF • Skype

  16. OpenSSL command-line tools • OpenSSL command-line tool • RC4: • Encryption: openssl rc4 -in <file1> -out <file2> • Decryption: openssl rc4 -d -in <file1> -out <file2> • Or • Encryption: openssl enc -rc4 -in <file1> -out <file2> • Decryption: openssl enc -rc4 -d -in <file1> -out <file2>

  17. OpenSSL Libraries for stream cipher • OpenSSL crypto library • RC4: • #include <openssl/rc4.h> • Key setup phase: RC4_set_key() • Encryption/decryption phase: RC4()

  18. OpenSSL Libraries for cryptographic functions • OpenSSL crypto library • EVP: high-level interface to cryptographic functions • #include <openssl/evp.h> • EVP_CIPHER_CTX_init(): to initialize cipher context • EVP_CipherInit(): to set up cipher context for encryption or decryption • EVP_CipherUpdate(): to encrypt or decrypt successive blocks of data • EVP_CipherFinal(): to finish the encryption or decryption • EVP_CIPHER_CTX_cleanup: to cleaup cipher context

  19. Summary • Encrypting a file • Decrypting a file • Generating a random number

More Related