Explore

S24 IN2004-G6 System Security Cryptography and Computer Security Lab Assignment

Upload location for your Word Document

⁠

https://www.dropbox.com/request/xLsSkjQhEJQgtq3Gc7mP⁠

In today's digital age, the importance of cryptography in securing our communications and data cannot be overstated.

Cryptography:

Cryptography is the science and art of designing, analyzing, and implementing algorithms, protocols, and systems to secure information and communications against unauthorized access, alteration, and exploitation.

One Format: Encrytion : Prevent unauthorized access.

Another format is : Authentication : E-signatures.

It involves methods for transforming readable data into a form that is unintelligible to unauthorized users (encryption) and back to its original form by authorized users (decryption). Core principles of cryptography include confidentiality, integrity, authentication, and non-repudiation.

Encryption:

Encryption is a process within cryptography that converts plaintext, or readable data, into ciphertext, or an unreadable format, using an algorithm and an encryption key.

The purpose of encryption is to ensure that only authorized parties, who possess the corresponding decryption key, can convert the ciphertext back to plaintext and access the original information.

Encryption is widely used to protect sensitive information in communication, storage, and transactions.

This assignment provides a comprehensive journey through different encryption methods, from historical to modern techniques.

It encourages hands-on coding experience while also prompting students to think critically about the broader implications of these technologies.

This lab will take you on a journey through the evolution of encryption techniques, from basic historical methods to modern, industry-standard practices.

Cryptography is not just a technical tool; it's a cornerstone of privacy, security, and even human rights in the digital world. As you work through this lab, consider the broader implications of these technologies:

- How do they protect individual privacy?

- How might they be used (or misused) by governments or corporations?

- What are the ethical considerations for developers working with these technologies?

Remember, with great power comes great responsibility. The skills you learn here have real-world impact, and understanding their context is crucial for any aspiring cybersecurity professional.

Learning Outcomes: By completing this lab, you will be able to:

1. Implement and understand a basic Caesar cipher

2. Use industry-standard cryptographic libraries in Python

3. Apply modern encryption techniques to secure communications

4. Understand the basics of password hashing

5. Implement a more complex substitution cipher

6. Critically evaluate the strengths and weaknesses of different encryption methods

7. Appreciate the broader societal implications of cryptographic technologies

DIffie Helmann equation: basis of all modern symmetric public / private key cryptography.

Required Deliverables for your Assignment:

1. A Word document named as student_name_student_ID.docx containing:

- Screenshots demonstrating successful execution of all three phases of the lab

- Brief explanations of what each screenshot demonstrates

- Answers to the reflection questions provided at the end of each phase

- A short essay (300-500 words) discussing the ethical implications of encryption technology

2. Python scripts for each phase of the lab

Instructions

1. Complete each phase of the lab in order.

2. For each phase, run the provided code, ensuring it works correctly.

3. Take screenshots of your code execution and output.

4. Answer the reflection questions for each phase.

5. After completing all phases, write your short essay on the ethical implications.

6. Compile all screenshots, answers, and your essay into a single Word document.

7. Submit your Word document and Python scripts to

https://www.dropbox.com/request/xLsSkjQhEJQgtq3Gc7mP⁠

⁠

Phase 1: Caesar Cipher

The Caesar cipher is one of the simplest and oldest known encryption techniques. Named after Julius Caesar, who reportedly used it to communicate with his generals, this cipher involves shifting each letter in the plaintext by a certain number of positions in the alphabet.

```python def encrypt(message, shift): """Encrypt the message using a simple Caesar cipher.""" encrypted = "" for char in message: if char.isalpha(): ascii_offset = 65 if char.isupper() else 97 encrypted += chr((ord(char) - ascii_offset + shift) % 26 + ascii_offset) else: encrypted += char return encrypted

def decrypt(encrypted_message, shift): """Decrypt the message using the same Caesar cipher.""" return encrypt(encrypted_message, -shift)

# Example usage message = "Bring the secret documents to the special spot under the bridge at ten pm tomorrow" shift = 3 encrypted = encrypt(message, shift) decrypted = decrypt(encrypted, shift)

print(f"Original: {message}") print(f"Encrypted: {encrypted}") print(f"Decrypted: {decrypted}")

# Brute force attack print("\nBrute force attack:") for i in range(1, 26): print(f"Shift {i}: {decrypt(encrypted, i)}")

Reflection Questions:

1. What are the main weaknesses of the Caesar cipher? 2. How does the brute force attack demonstrate these weaknesses?

Phase 2: Modern Encryption with PyCryptodome

Now we'll use modern, industry-standard encryption techniques using the PyCryptodome library. We'll also introduce password hashing using Python's built-in hashlib library.

For cases in which you must pip install another package, show the console screenshot of doing that.

from Crypto.Cipher import AES from Crypto.Random import get_random_bytes from Crypto.Util.Padding import pad, unpad import hashlib

def encrypt_message(key, message): cipher = AES.new(key, AES.MODE_CBC) ct_bytes = cipher.encrypt(pad(message.encode('utf-8'), AES.block_size)) return cipher.iv + ct_bytes

def decrypt_message(key, ciphertext): iv = ciphertext[:16] ct = ciphertext[16:] cipher = AES.new(key, AES.MODE_CBC, iv) pt = unpad(cipher.decrypt(ct), AES.block_size) return pt.decode('utf-8')

def hash_password(password): return hashlib.md5(password.encode()).hexdigest()

# Example usage key = get_random_bytes(16) # AES-128 key message = "This is a secret message." encrypted = encrypt_message(key, message) decrypted = decrypt_message(key, encrypted)

print(f"Original: {message}") print(f"Encrypted: {encrypted.hex()}") print(f"Decrypted: {decrypted}")

# Password hashing password = "MySecretPassword123" hashed = hash_password(password) print(f"\nOriginal Password: {password}") print(f"Hashed Password: {hashed}") print("Note: MD5 is demonstrated here for learning purposes. In real applications, use more secure methods like bcrypt or Argon2.") ```

Reflection Questions:

1. How does AES encryption differ from the Caesar cipher in terms of security? 2. Why is it important to use different encryption keys for different messages? 3. What are the limitations of using MD5 for password hashing?

Phase 3: Complex Substitution Cipher

This phase introduces a more complex substitution cipher, which uses a full shuffled alphabet for substitution instead of a simple shift.

```python import random import string

def generate_cipher_alphabet(): alphabet = list(string.ascii_lowercase) random.shuffle(alphabet) return ''.join(alphabet)

def encrypt_substitution(message, cipher_alphabet): plain_alphabet = string.ascii_lowercase translation_table = str.maketrans(plain_alphabet, cipher_alphabet) return message.lower().translate(translation_table)

def decrypt_substitution(encrypted_message, cipher_alphabet): plain_alphabet = string.ascii_lowercase translation_table = str.maketrans(cipher_alphabet, plain_alphabet) return encrypted_message.translate(translation_table)

# Example usage cipher_alphabet = generate_cipher_alphabet() message = "This is a more complex substitution cipher." encrypted = encrypt_substitution(message, cipher_alphabet) decrypted = decrypt_substitution(encrypted, cipher_alphabet)

print(f"Cipher Alphabet: {cipher_alphabet}") print(f"Original: {message}") print(f"Encrypted: {encrypted}") print(f"Decrypted: {decrypted}")

Reflection Questions:

1. How does this substitution cipher compare to the Caesar cipher in terms of security?

2. What are some potential weaknesses of this substitution cipher?

3. How might you further improve this encryption method?

Final Reflection

Write a short essay (300-500 words) discussing the ethical implications of encryption technology. Consider the following points: - The role of encryption in protecting individual privacy - Potential misuse of encryption by malicious actors - The debate around government access to encrypted communications - Your perspective on balancing security and privacy in the digital age

Want to print your doc?
This is not the way.

Try clicking the ⋯ next to your doc name or using a keyboard shortcut (

CtrlP

) instead.