User Account

All Pages

CCM4332 Network Security Assignment

Assignment Help Computer Network Security
Reference no: EM132854270

CCM4332 Network Security - Middlesex University London

Public-Key Encryption Laboratory

To explore this system in more depth, you will be exchanging encrypted messages with a partner. Choose your partner now.

1. Launch Microsoft Excel and open the spreadsheet

You may see a warning message informing you that the workbook contains macros. Since you will not need these macros to use the workbook (they are left over from an older and less efficient version of this lab), click on the button.

2. This spreadsheet makes use of some specialized functions that are not part of the standard function set in Microsoft Excel. However, they are included in an extra set of functions called the Analysis Toolpak. From the Tools menu, choose Add-Ins.... In the dialogue box, click on the check box to the left of the entry Analysis Toolpak. When a checkmark appears, click on OK.

3. If necessary, click on the tab for the Key Selection worksheet. Use a random process to choose two different prime numbers p and q between 137 and 311 (displayed in a list in cells g5:I15). Enter these primes in cells B6 and B7. Be sure that cells C6 and C7 both display the message "OK". The spreadsheet automatically computes the modulus (the product p*q) in cell B8 and the Euler totient (the product (p-1)*(q-1)) in cell B9. Note that the Euler totient would be difficult to determine from the modulus by itself; one needs to know the two primes. Write your two primes, your modulus, and your Euler totient below:

p:       q:

modulus:         Euler totient:

4. Choose a small number (no more that two digits) that has no factors (except 1) in common with the Euler totient. Enter this number as your public key and enter it in cell B15. If cell C15 displays the message Invalid Public Key, you need to select a different public key. When you have chosen a valid public key, the message OK will appear in cell C15. The spreadsheet will automatically compute your private key in cell B20. The private key is chosen so that (Public Key)*(Private Key) leaves a remainder of one when divided by the Euler totient. (This would not be possible if the private had a factor other than 1 in common with the Euler totient.) Write your public and private keys below:

5. Once both you and your partner have each created a modulus and pair of keys, you are ready to exchange encrypted messages. Give your modulus and public key to your partner. Do not give your partner your private key or Euler totient. In return, your partner will give you her/his public key and modulus.

6. Click on the tab for the Encoding worksheet. Enter your partner's modulus and public key in cells B6 and B7. Write these values below:

Partner's modulus:

Partner's public key:

7. Enter a message in cell B11. This message should consist of a string of fifteen or more CAPITAL LETTERS with no spaces or punctuation marks. The spreadsheet will encipher only the first fifteen letters of your message. Your message could be a short phrase or sentence, your mother's name or your pet iguana's name. For example, I used RUTHJULIABENHAM (my mother's name) and PLEASEHELPMENOW to test this spreadsheet. Note that a message to be enciphered is usually called plaintext. The enciphered form of the message is called the ciphertext.

8. The enciphered form of the message (the ciphertext) should appear in cell B13. (This may take a few seconds.) The spreadsheet determines the ciphertext as follows:

• Split the plaintext up into blocks of three letters (called trigraphs).
• Obtain a numeric representation for each letter based on its position in the alphabet (A→0, B→1, etc.).
• Compute a numeric code for each trigraph using the formula

(First Letter Code) * 262 + (Second Letter Code) * 26 + (Third Letter code).

For the mathematically inclined, this is interpreting each trigraph as a number in base twenty-six.

• Encipher each plaintext trigraph code by computing
(Plaintext trigraph code)Public Key, dividing the result by the Modulus and taking the remainder.
• Convert each enciphered trigraph code into a quadragraph - a block of four letters - as follows:

Divide the code by 263. The quotient is the code for the first letter of the quadragraph. The spreadsheet uses the remainder to get codes for the other three letters.
Divide the remainder from the first step by 262. The quotient is the code for the second letter. The spreadsheet uses the remainder to get the codes for the other two letters.

Divide the remainder from the second step by 26. The quotient is the code for the third letter and the remainder is the code for the fourth letter.

For the mathematically inclined, this quadragraph calculation determines the representation of the enciphered message as a four-digit number in base twenty-six (using the letters of the alphabet as our digits).

Some of the details of this calculation appear in cells A16:K38 of the Encoding worksheet. Enter the plaintext and ciphertext below. Show the steps of the conversion process in the table.

9. Give the ciphertext (but not the plaintext) to your partner. In return, your partner will give you a ciphertext message. Record the ciphertext message from your partner below. In the rest of this exercise, you will be deciphering this message.

Ciphertext from partner:

10. Click on the tab for the Decoding worksheet. Enter your modulus and your private key in cells B6 and B7 of this worksheet. Enter the ciphertext you received from your partner as the "Encrypted Message" in cell B13. The deciphering process is similar to the enciphering process:

• Split the ciphertext up into quadragraphs (instead of trigraphs).
• Obtain the numeric representation for each letter and compute a numeric code for each trigraph using the formula

(First Letter Code) * 263 + (Second Letter Code) * 262 + (Third Letter Code) * 26 + (Fourth Letter Code).

Encipher each ciphertext quadragraph code by computing (Ciphertext quadragraph code)Private Key,
dividing the result by the Modulus and taking the remainder

• Convert each deciphered quadragraph code into a trigraph.
Divide the code by 262. The quotient is the code for the first letter.
Divide the remainder from the first step by 26. The quotient will be the code for the second letter and the remainder the code for the third.

Note that deciphering uses the private key in place of the public key. Some of the details of this calculation appear in cells A19:D23 of the Decoding Worksheet. The deciphered message should appear in cell B13. Record the results of each deciphering step in the table below.

Now, write the deciphered message (plaintext) below.

Deciphered message:

11. Quit Excel. You do not need to save changes. Shut down the computer. When you're finished, hand this lab in to the instructor.

If you forgotten how to calculate RSA keys then, the following should offer you some help.

1. Choose two large prime numbers p, q. (e.g., 1024 bits each)

2. Compute n = pq, z = (p-1)(q-1)

3. Choose e (with e<n) that has no common factors with z. (e, z are "relatively prime").

4. Choose d such that ed-1 is exactly divisible by z. (in other words: ed mod z = 1 ).

5. Public key is (n,e). Private key is (n,d).

Wireshark Lab: SSL

In this lab, we'll investigate the Secure Sockets Layer (SSL) protocol, focusing on the SSL records sent over a TCP connection. We'll do so by analyzing a trace of the SSL records sent between your host and an e-commerce server. We'll investigate the various SSL record types as well as the fields in the SSL messages.

1. Capturing packets in an SSL session

The first step is to capture the packets in an SSL session. To do this, you should go to your favorite e-commerce site and begin the process of purchasing an item (but terminating before making the actual purpose!). After capturing the packets with Wireshark, you should set the filter so that it displays only the Ethernet frames that contain SSL records sent from and received by your host. (An SSL record is the same thing as an SSL message.) You should obtain something like screenshot on the previous page.

If you have difficulty creating a trace, you should download and extract the ssl-ethereal- trace-1 packet trace.

2. A look at the captured trace

Your Wireshark GUI should be displaying only the Ethernet frames that have SSL records. It is important to keep in mind that an Ethernet frame may contain one or more SSL records. (This is very different from HTTP, for which each frame contains either one complete HTTP message or a portion of a HTTP message.) Also, an SSL record may not completely fit into an Ethernet frame, in which case multiple frames will be needed to carry the record.

1. For each of the first 8 Ethernet frames, specify the source of the frame (client or server), determine the number of SSL records that are included in the frame, and list the SSL record types that are included in the frame. Draw a timing diagram between client and server, with one arrow for each SSL record.

2. Each of the SSL records begins with the same three fields (with possibly different values). One of these fields is "content type" and has length of one byte. List all three fields and their lengths.

ClientHello Record:

3. Expand the ClientHello record. (If your trace contains multiple ClientHello records, expand the frame that contains the first one.) What is the value of the content type?

4. Does the ClientHello record contain a nonce (also known as a "challenge")? If so, what is the value of the challenge in hexadecimal notation?

5. Does the ClientHello record advertise the cyber suites it supports? If so, in the first listed suite, what are the public-key algorithm, the symmetric-key algorithm, and the hash algorithm?

ServerHello Record:

6. Locate the ServerHello SSL record. Does this record specify a chosen cipher suite? What are the algorithms in the chosen cipher suite?

7. Does this record include a nonce? If so, how long is it? What is the purpose of the client and server nonces in SSL?

8. Does this record include a session ID? What is the purpose of the session ID?

9. Does this record contain a certificate, or is the certificate included in a separate record. Does the certificate fit into a single Ethernet frame?

Client Key Exchange Record:

10. Locate the client key exchange record. Does this record contain a pre-master secret? What is this secret used for? Is the secret encrypted? If so, how? How long is the encrypted secret?

Change Cipher Spec Record (sent by client) and Encrypted Handshake Record:

11. What is the purpose of the Change Cipher Spec record? How many bytes is the record in your trace?

12. In the encrypted handshake record, what is being encrypted? How?

13. Does the server also send a change cipher record and an encrypted handshake record to the client? How are those records different from those sent by the client?

Application Data

14. How is the application data being encrypted? Do the records containing application data include a MAC? Does Wireshark distinguish between the encrypted application data and the MAC?

15. Comment on and explain anything else that you found interesting in the trace.

Attachment:- Public-Key Encryption.rar

Reference no: EM132854270

Questions Cloud

Provide the sales volume variance : With an actual volume of 4741 units. Materials and labor are variable costs and overhead is a fixed cost. Provide the sales volume variance (absolute value)
Identify current trends in globalization : Identify and read at least three journal articles focused on trends in globalization. Identify current trends in globalization.
Performs all seven steps of the force field analysis : Provides attribution for credible sources used in the force field analysis. Creates a force field visual diagram with appropriate labels.
Administrative policy of closing a new store : Wing Foot has an administrative policy of closing a new store if it does not show a profit in either of the first two years.
CCM4332 Network Security Assignment : CCM4332 Network Security Assignment Help and Solution, Middlesex University London - Assessment Writing Service - write the deciphered message
Describe the advantages and disadvantages of free trade : Describe the advantages and disadvantages of free trade. Explain the measures that a country can take to protect itself from the negative aspects of free trade.
Identifies and segments the key audiences for communications : Establishes the frequency of communications needed to break down resistance to change, and the mediums through which communications will be sent.
Compute the NPV of this opportunity : Nielson Motors is considering opportunity that requires an investment of $1,000,000 today. If appropriate interest rate is 10%, then NPV of this opportunity is
Distribution of annual incomes of us adults : No, this does not make sense to me. I feel like the annual incomes of U.S. adults is not normal as it differs from state to state.

Reviews

Write a Review

Computer Network Security Questions & Answers

  COMP90044 Research Methods Assignment

COMP90044 Research Methods Assignment help and solution, University of Melbourne - assessment writing service - Organisational response to cyber security threat

  Discuss main ways in which an attacker can avoid detection

CIS420- Further, discuss the main ways in which an attacker can avoid detection of no operations (NOPs) by an intrusion detection system, and examine the primary reasons why avoiding such detection is beneficial for executing the attack.

  Why does symmetric cryptography work best for applications

The purpose of the research paper is to give a thorough survey of Symmetric Cryptography. Why does symmetric cryptography work best for these applications?

  Describe if a firewall is enabled on your machine

Identify if a firewall is enabled on your machine and if you need Windows firewall running in addition, if that anti-virus software is installed on your machine.

  Ow does smart grid concept impact cybersecurity discussion

What do you think are the current issues facing our power grids to defend against attacks? And, how does the Smart Grid concept impact the cybersecurity discussion?

  Prepare a report on network design and management trends

Prepare a report on network design and management trends over the last three years in the areas of virtualization, hardware and network management tools.

  Develop the data center design and security plan

Develop the data center design and security plan. Design an enterprise data center solution that expands the campus LAN network, which has reached its capacity.

  Compute the 16 bit hash for the 32 bit message

06-20008 Cryptography - Compute the 16 bit hash for the 32 bit message given as hexadecimal number 0xFAB1756E and Show that this modified version is not IND-CPA-secure.

  What information security problem does the company address

What information security problem does the company address? What information security products does the company have to solve the problem? is the information security problem that the company is focusing on important?

  CIS222 Fundamentals of Security Assignment

CIS222 Fundamentals of Security Assignment Help and Solution, Post University - Assessment Writing Service - Explain the various control strategies

  Why sensitive information should not be sent over wireless

Why sensitive information should not be sent over the Wireless Application Protocol? Paper should be 10-12 pages, 12 font size, 1" margins, double-spaced.

  Cybersecurity profile

Every organization must create a cybersecurity profile (system security plan (SSP)) for all of its major and minor information systems. The cybersecurity profile documents the current and planned controls for the system and addresses security conc..

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

Submit Assignment

Academics

Major Subjects

Majors

Get In Touch

whatsapp: +1-415-670-9521

Phone: +1-415-670-9521

Email: [email protected]

TERMS & POLICIES

HELP & SUPPORT

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd