Transcription of Secret-Key Encryption Lab
1 SEED Labs Secret-Key Encryption Lab1 Secret-Key Encryption Lab 1 Overview The learning objective of this lab is for you to become familiar with symmetric key Encryption and some of the common attacks on symmetric Encryption . You will have hands-on experience with symmetric Encryption algorithms, Encryption modes, and message padding. Yo u will be able to use tools and write programs to encrypt/decrypt messages. The pen icon appears in the left margin to indicate the questions you should answer in your .pdf lab report. The point value for the answer appears below the icon. Programming Encryption algorithms and modes is a very tricky business since the slightest error can weaken the strength of the Encryption , cause its Encryption to be impossible for other implementations to decrypt, or, worst of all, allow the Encryption to proceed while leading to subtle vulnerabilities. This lab will expose you to some of these mistakes, and show you how to launch attacks to exploit those vulnerabilities.
2 This lab covers the following topics: Secret-Key Encryption Substitution cipher and frequency analysis Encryption modes, IV, and paddings Common mistakes in using Encryption algorithms Programming using the crypto library Lab Environment. This lab has been tested on our pre-built Ubuntu VM, which can be downloaded from the SEED website. * Adapted by Charles C. Palmer for use in COSC 055 Fall 2018 Wenliang Du, All rights reserved. Free to use for non-commercial educational purposes. Commercial uses of the materials are prohibited. The SEED project was funded by multiple grants from the US National Science Labs Secret-Key Encryption Lab2Ta s k 1: Frequency Analysis A monoalphabetic substitution cipher (also known as monoalphabetic cipher) is not secure , because the ciphertext it produces can broken using frequency analysis. In this lab, you are given a ciphertext that is encrypted using a monoalphabetic cipher; namely, each letter in the original text is replaced by another letter, where the replacement does not vary ( , a letter is always replaced by the same letter during the Encryption ).
3 Your job is to recover the original text using frequency analysis. It is known that the original text is in English. In the following, we describe how to encrypt an article, and what simplification we have made. Step 1: We convert all upper case characters to lower case, and then remove all punctuation and numbers. We keep the spaces between words, so you can still see the boundaries of the words in the ciphertext. In an actual use of a monoalphabetic cipher, spaces are removed. We keep the spaces to simplify the task. Here are the commands we used to do this step: Step 2: Next we generate the Encryption key, , the substitution table. We will permute the alphabet from a to z using Python, and use the permuted alphabet as the key. See the following program. Step 3: Finally, we use the tr command to do the Encryption . We only encrypt letters, while leaving the space and return characters alone. We have created a ciphertext using a different Encryption key (not the one described above).
4 You can download the ciphertext here. Your job is to use frequency analysis to figure out the Encryption key and the original plaintext and explain your process. You should not use any tool or app that solves substitution ciphers. Guidelines. Using the frequency analysis, you can find out the plaintext for some of the characters quite easily. For those characters, you may want to change them back to its plaintext, as you may be able to get more clues. It is better to use capital letters for plaintext, so for the same letter, we know which is plaintext and which is ciphertext. Yo u can use the tr command to do this. For example, in the following, we replace letters a, e, and t in with letters X, G, E, respectively; the results are saved in $ tr aet XGE < > There are many online resources that you can use. We list four useful links in the following: $ tr [:upper:] [:lower:] < > $ tr -cd '[a-z][\n][:space:]' < > $ python >>> import random >>> s = "abcdefghijklmnopqrstuvwxyz" >>> list = (s, len(s)) >>> ''.
5 Join(list) 'sxtrwinqbedpvgkfmalhyuojzc'$ tr 'abcdefghijklmnopqrstuvwxyz' 'sxtrwinqbedpvgkfmalhyuojzc' \ < > Labs Secret-Key Encryption Lab3 : This website can produce the statis- tics fro a ciphertext, including the single-letter frequencies, bigram frequencies (2-letter sequence), and trigram frequencies (3-letter sequence), etc. : This Wikipedia page pro- vides frequencies for a typical English plaintext. : Bigram frequency. : Trigram frequency. Ta s k 2: Encryption using Different Ciphers and Modes In this task, we will explore various Encryption algorithms and modes. You can use the following openssl enc command to encrypt/decrypt a file. Type man openssl and man enc for details. Replace the {ciphertype} with a specific cipher type, such as aes-128-cbc, aes-128-cfb, etc. In this task, you should try at least 3 different ciphers. You can find the meaning of the command-line options and all the supported cipher types by typing "man enc". Note any differences in Encryption speed or results.
6 You do not need to provide the full results of the encryptions. Here are some common options for the openssl enc command: Ta s k 3: Encryption Mode ECB vs. CBC The file can be downloaded from this lab s webpage. It contains a simple picture. We would like to encrypt this picture so that without the Encryption keys someone cannot know what is in the picture. Please encrypt the file using the AES algorithm in ECB (Electronic Code Book) and save it as pic_ecb and then encrypt the again in CBC (Cipher Block Chaining) mode and save it as pic_cbc. Then do the following: wish to treat the encrypted pictures as regular pictures and use picture viewing software to display them. However, for the file, The first 54 bytes of a .bmp file contain information about the picture, so our encrypted files need to begin with the same header information so they will appear to the viewing software as legitimate .bmp files.
7 You should should replace the first 54 bytes of the encrypted picture with the 54 byte header of the of the original picture. You can use the bless hex editor tool (already installed on our VM) to directly modify binary files. We can also use the head, tail, and cat commands to get the first 54 bytes of , the data from (from offset 55 to the end of the file), and then combine the header and data together into a new file. Do the same for the pic_cbc file. the encrypted pictures using a picture viewing program (we have installed an image viewer program called eog on our VM). Can you derive any useful information about the original picture from the encrypted picture? Explain your observations. $ openssl enc -{ciphertype} -e -in -out \ -K 00112233445566778889aabbccddeeff \ -iv 0102030405060708input file output file encrypt decrypt key/iv in hex is the next argument print the iv/key (then exit if -P)-in <file> -out <file> -e -d -K/-iv -[pP]111 SEED Labs Secret-Key Encryption Lab4 3.
8 Select a picture of your choice, repeat the experiment above, and report your observations. Ta s k 4: Padding For block ciphers, when the size of a plaintext is not a multiple of the block size, padding may be required. All the block ciphers normally use PKCS#5 padding, which is known as standard block padding. We will conduct the following experiments to understand how this type of padding works. AES ECB, CBC, CFB, and OFB modes to encrypt a file (you can pick any blocksize any file with length not a multiple of the blocksize used). Report which modes use padding and which ones do not. us create three files, which contain 5 bytes, 10 bytes, and 16 bytes, respectively. We can use the "echo -n" command to create such files. We then use "openssl enc -aes-128-cbc -e" to encrypt these three files using 128-bit AES with CBC mode. Report the size of the encrypted files. We would like to see what is added to the padding during the Encryption . To achieve this goal, we will decrypt these files using "openssl enc -aes-128-cbc -d".
9 Unfortunately, decryption by default will automatically remove the padding, making it impossible for us to see the padding. However, the openssl command does have a -nopad option which disables the padding. That means that during the decryption, the command will not remove the padded data. Therefore, by looking at the -nopad decrypted data we can see what data are used in the padding. Use this technique to report what paddings are added to the three files. It should be noted that padding data may not be printable, so you need to use a tool like hexdump to display the content. Ta s k 5: Error Propagation Corrupted Cipher Te x t To understand the error propagation property of various Encryption modes, we will do the following exercise: a text file that is at least 1000 bytes long. the file using the AES-128 cipher using ECB, CBC, CFB, and OFB ( , four separate encryptions) the bless hex editor to simulate the corruption ("flip") of a single bit of the 55th byte in each encrypted file.
10 Flip the same bit in each file. the corrupted ciphertext file using the correct key and IV. How much information can you recover by decrypting the corrupted file, if the Encryption mode is ECB, CBC, CFB, or OFB, respectively? Explain (hint, look at how the modes work). 12222 SEED Labs Secret-Key Encryption Lab5Ta s k 6: Initial Ve c t o r (IV) and Common Mistakes Most of the Encryption modes require an initial vector (IV). Properties of an IV depend on the cryptographic scheme used. If we are not careful in selecting IVs, the data encrypted by us may not be secure at all, even though we are using a secure Encryption algorithm and mode. The objective of this task is to help you understand the problems if an IV is not selected properly. Ta s k A basic requirement for IV is uniqueness, which means that no IV may be reused under the same key. To discover why, encrypt the same plaintext with the same key and .. yielding ciphertext C1 (a different IV) yielding ciphertext C2 (the first IV again) Describe your observations and think of reasons why IV needs to be unique.
