![Part 1 – Questions (30 marks)
1. What is the purpose of encryption? [4 Marks]
Ans: Encryption is a process of converting plaintext data into unreadable cyphertext
using a mathematical algorithm known as a cipher which when received by the intended
recipient can only be converted back to plain text with the right cryptographic key.
2. Describe the following terms: (a) plaintext, (b) ciphertext, (c) cipher, (d) encrypt, (e)
decrypt, (f) key [6 Marks]
Ans: Plaintext is the text that is readable prior to encryption, whereas ciphertext is the
conversion of plaintext into unreadable codes using an algorithm known as a cipher. A
cipher is a method or algorithm used to encrypt the plaintext and decrypt the ciphertext.
The effectiveness of the encryption is dependent on the cipher used, which can be AES,
RSA, Triple DES, or Blowfish. To encrypt and decrypt refers to the methods of coding
and decoding data using a pair of public and private keys. In cryptography, a key refers to
a public key that is shared and a private key that is kept confidential. In the encryption
and decryption processes, both keys are utilized. These keys can function as either a
symmetric or an asymmetric pair when combined.
3. Describe the steps of symmetric-key encryption [4 Marks]
• Step 1: the sender encrypts the plaintext message with a secret key.
• Step 2: the encrypted message is converted to unintelligible ciphertext which
cannot be read by anyone during transit.
• Ste 3: the recipient decrypts the ciphertext back to its original plaintext with the
same key used for encryption.
• Step 4: With symmetric key encryption, only the sender and receiver have access
to the data, as both parties share the same private key used for encryption and
decryption.](https://image.slidesharecdn.com/formativeassessment2-240210175840-cfc6b68a/85/Classical-Cryptography-and-Digital-Encryption-2-320.jpg)
![4. What is the difference between a substitution and a transposition cipher? [2 Marks]
Ans: Substitution and transposition ciphers are both forms of symmetric ciphers;
however, a substitution cipher is one in which the letters of a plaintext retain their
position but changes their identity by being replaced with other letters using a shift
number. On the other hand, transposition ciphers do the opposite whereby the letters of a
plaintext retain their identity by changing their position. For example, substitution cipher
(A, B, C) shift key = 2, will be (C, D, E), also transposition cipher of the word (SECRET)
would be (SCEERT).
5. List 3 different classical substitution ciphers [1 Mark]
Ans: Caesar Cipher, Porta Cipher, and Four-Square Cipher
6. List 3 different classical transposition ciphers [1 Mark]
Ans: Rail-Fence, Scytale Cipher, and Route Cipher.
7. Discuss the limitations of symmetric encryption [5 Marks]
Ans:
• symmetric encryption does not guarantee data confidentiality, integrity, and
authentication since the same key used for both encryption and decryption must
be shared.
• Symmetric encryption does not guarantee nonrepudiation since anyone with the
key can easily decrypt the message which may cause an argument between the
sender and receiver.
• A new secret key must be generated and shared each time communication takes
place. This creates an issue with the security and privacy of the keys.
8. Describe the asymmetric encryption process using digital signatures [5 marks]
Ans:
• Step 1: a plaintext message is generated.
• Step 2: The plaintext message is then run through a hashing algorithm (SHA-1,
SHA-256, MD5) which results in a particular digest.
• Step 3: the message digest is then encrypted with the sender’s private key.
• Step 4: the result of the encrypted digest is the signature of the message.
• Step 5: both the signature and message are then transmitted to the intended
recipient.](https://image.slidesharecdn.com/formativeassessment2-240210175840-cfc6b68a/85/Classical-Cryptography-and-Digital-Encryption-3-320.jpg)
![• Step 6: On the receiving end the recipient uses the sender’s public key to decrypt
the digital signature for verification which will result in the sender’s original
digest.
• Finally, the recipient then calculates a hash of the message and if the sender’s
digest matches the recipient’s digest, then it proves that the message was digitally
signed by the intended sender and the content of the message was unchanged.
9. What is a Hash Function and why is it useful? [2 Marks]
Ans: A hash function is an algorithm used to convert plaintext data of any size to a hash
value of a particular length. A hash function is useful because it protects data from
unauthorized changes, thereby preserving its integrity.
Part 2 - Practical Exercises (70 marks)
For these practical exercises, you will have to encrypt some text using classical cryptography
algorithms and then you will be tasked with creating and sharing a secret digital message by key
pair generation.
Exercise 1
1. Encrypt your first name using any classical substitution cipher.
• Plaintext: Damaine
• Alphabet: English
• Shift Key: #3
• Cipher: Caesar Cipher
• Ciphertext: Damaine (GDPDLQH)
A B C D E F G H I J K L M
D G H L P
N O P Q R S T U V W X Y Z
Q
Note: See steps on the next page](https://image.slidesharecdn.com/formativeassessment2-240210175840-cfc6b68a/85/Classical-Cryptography-and-Digital-Encryption-4-320.jpg)
Classical Cryptography and Digital Encryption
- 1. Computer Security (46349) Formative Assessment 2 Classical Cryptography and Digital Encryption (Overview) Damaine Fabion Franklin Student #: R2104D12054733 07/15/2023
- 2. Part 1 – Questions (30 marks) 1. What is the purpose of encryption? [4 Marks] Ans: Encryption is a process of converting plaintext data into unreadable cyphertext using a mathematical algorithm known as a cipher which when received by the intended recipient can only be converted back to plain text with the right cryptographic key. 2. Describe the following terms: (a) plaintext, (b) ciphertext, (c) cipher, (d) encrypt, (e) decrypt, (f) key [6 Marks] Ans: Plaintext is the text that is readable prior to encryption, whereas ciphertext is the conversion of plaintext into unreadable codes using an algorithm known as a cipher. A cipher is a method or algorithm used to encrypt the plaintext and decrypt the ciphertext. The effectiveness of the encryption is dependent on the cipher used, which can be AES, RSA, Triple DES, or Blowfish. To encrypt and decrypt refers to the methods of coding and decoding data using a pair of public and private keys. In cryptography, a key refers to a public key that is shared and a private key that is kept confidential. In the encryption and decryption processes, both keys are utilized. These keys can function as either a symmetric or an asymmetric pair when combined. 3. Describe the steps of symmetric-key encryption [4 Marks] • Step 1: the sender encrypts the plaintext message with a secret key. • Step 2: the encrypted message is converted to unintelligible ciphertext which cannot be read by anyone during transit. • Ste 3: the recipient decrypts the ciphertext back to its original plaintext with the same key used for encryption. • Step 4: With symmetric key encryption, only the sender and receiver have access to the data, as both parties share the same private key used for encryption and decryption.
- 3. 4. What is the difference between a substitution and a transposition cipher? [2 Marks] Ans: Substitution and transposition ciphers are both forms of symmetric ciphers; however, a substitution cipher is one in which the letters of a plaintext retain their position but changes their identity by being replaced with other letters using a shift number. On the other hand, transposition ciphers do the opposite whereby the letters of a plaintext retain their identity by changing their position. For example, substitution cipher (A, B, C) shift key = 2, will be (C, D, E), also transposition cipher of the word (SECRET) would be (SCEERT). 5. List 3 different classical substitution ciphers [1 Mark] Ans: Caesar Cipher, Porta Cipher, and Four-Square Cipher 6. List 3 different classical transposition ciphers [1 Mark] Ans: Rail-Fence, Scytale Cipher, and Route Cipher. 7. Discuss the limitations of symmetric encryption [5 Marks] Ans: • symmetric encryption does not guarantee data confidentiality, integrity, and authentication since the same key used for both encryption and decryption must be shared. • Symmetric encryption does not guarantee nonrepudiation since anyone with the key can easily decrypt the message which may cause an argument between the sender and receiver. • A new secret key must be generated and shared each time communication takes place. This creates an issue with the security and privacy of the keys. 8. Describe the asymmetric encryption process using digital signatures [5 marks] Ans: • Step 1: a plaintext message is generated. • Step 2: The plaintext message is then run through a hashing algorithm (SHA-1, SHA-256, MD5) which results in a particular digest. • Step 3: the message digest is then encrypted with the sender’s private key. • Step 4: the result of the encrypted digest is the signature of the message. • Step 5: both the signature and message are then transmitted to the intended recipient.
- 4. • Step 6: On the receiving end the recipient uses the sender’s public key to decrypt the digital signature for verification which will result in the sender’s original digest. • Finally, the recipient then calculates a hash of the message and if the sender’s digest matches the recipient’s digest, then it proves that the message was digitally signed by the intended sender and the content of the message was unchanged. 9. What is a Hash Function and why is it useful? [2 Marks] Ans: A hash function is an algorithm used to convert plaintext data of any size to a hash value of a particular length. A hash function is useful because it protects data from unauthorized changes, thereby preserving its integrity. Part 2 - Practical Exercises (70 marks) For these practical exercises, you will have to encrypt some text using classical cryptography algorithms and then you will be tasked with creating and sharing a secret digital message by key pair generation. Exercise 1 1. Encrypt your first name using any classical substitution cipher. • Plaintext: Damaine • Alphabet: English • Shift Key: #3 • Cipher: Caesar Cipher • Ciphertext: Damaine (GDPDLQH) A B C D E F G H I J K L M D G H L P N O P Q R S T U V W X Y Z Q Note: See steps on the next page
- 5. • Step 1: Caesar cipher was chosen for the encryption process. • Step 2: The shift key chosen was the number 3. • Step 3: The letters of the English alphabet were arrayed and tabulated as a cryptogram. The table shows the mapping between each plaintext character and the corresponding ciphertext character. • Step 4: the shift key was then used to change the identity of each letter in my first name by 3 letters to the right. • Step 4: the result is the ciphertext for my first name. • Step 5: to decrypt the ciphertext, the process should be done in the reversing order by shifting each ciphertext letter back by the same shift key number used. 2. Encrypt your last name using any classical transposition cipher. • Plaintext: Franklin • Cipher: rail-fence cipher F A K I R N L N • Ciphertext: Franklin (FAKIRNLN) • Step 1: The encryption begins by determining the number of rows as the key for this cipher. • Step 2: The plaintext ‘FRANKLIN’ is then written in rows in a zigzag pattern. • Step 3: Each plaintext was written diagonally until reaching the end of the plaintext. • Step 4: The ciphertext was then generated by writing the text in the top row followed by the bottom to get ‘FAKIRNLN’.
- 6. Exercise 2 Using the gpg package, you will need to create a secret message/communication and exchange keys with a colleague using public key encryption. ➢ Generating key pair using gpg (secret key passphrase: secret12345) ➢ Verifying GPG public and secret key pairs
- 7. Creating The Sender and Receiver User Accounts ➢ I have decided to create two separate accounts on my Kali Linux system, one account shall have the public key and the other shall have the private key. • Account 1 - Username: bclarke | password: 12345 (public key user) • Account 2 – username: rbrown | password: 12345 (Private Key owner)
- 8. ➢ Exporting public and private keys. • Step 1: gpg --export -a john > public.key | gpg --export-secret-key -a john > private key Verification of public key Block ➢ Switching to the bclarke account to perform encryption with the public key. • bclarke does not yet have the public key, therefore I would need to import the public key to the directory.
- 9. ➢ Now that bclarke has the public key I will now create an encrypted folder with a secure message and share it with rbrown who will decrypt it with the private key. • Folder with plaintext data • Encrypting the folder with the public key.
- 10. • Verification of encrypted folder next to the folder with plaintext secure message. • This encrypted folder will now be shared with rbrown for decryption with the private key. • First, I need to import the private key to rbrown account directory.
- 11. • Decrypting the encrypted folder with the private key ➢ Output ➢ It appears I hit a stone at this final stage, and I am unable to resolve it. However, I found out that the public key used to encrypt the file may have a corrupted data packet missing. Overtime I will make the effort to improve on this lab and master data encryption technique. END OF LAB