Description
Assignment Instructions:
Part 1
In Part 1 of this Assignment, you can collaborate and work in a team if you so desire. However, each student will write up their own individual lab reports and Assignment submissions.
This Assignment provides the hands-on element to your studies. It gives you the opportunity to gain practical experience using the tools and techniques associated with ethical hacking.
Access the lab link entitled “Using Encryption to Enhance Confidentiality and Integrity” in this lab section. Review the Common Lab Tasks Manual and J and B Lab Tips. The manual will provide detail, and the tips are a very abbreviated reference.
In the lab environment, you will find instructions for the specific lab, which can be downloaded. Follow the instructions and use the lab worksheet at the end of the lab to record and submit your results.
Complete all parts of Lab 7. Compile your lab report in a Word document with a title page, labeling all screenshots you are required to capture, and including explanatory text where needed or required by the lab. Within your Word document, after your lab report, answer the Assessment Worksheet questions listed at the end of the lab.
Conduct research and cite supporting sources in APA format where appropriate.
Part 2
Part 2 of the Assignment will be an individual Assignment and is not to be completed as a team effort.
Write a short paper on the process of issuing and managing digital certificates. Discuss the weaknesses and vulnerabilities of different approaches and the problems with revoking certificates and possible remedies. Include illustrations of these processes and cite your sources.
reading and resources
Modern Cryptography
- Chapter 5: “An Electronic Signature and Hash Functions”
- Chapter 6: “PGP Systems and TrueCrypt”
Chapter 5 introduces the topic of hashes and digital signatures. Different algorithms are discussed, particularly MD5 and SHA. The use of and importance of hashes is explained in detail.
Chapter 6 focuses on several important encryption algorithms and tools, specifically PGP and TrueCrypt®.
Key Concepts
- A digital signature is the counterpart to a handwritten signature.
- A digital signature is created with a private key and is validated with the public key.
- The RSA algorithm is the primary algorithm used for digital signatures.
- Digital signatures are resource-hungry due to the large size of the documents needing to be signed.
- A cryptographic hash function produces a value that is signed instead of the message.
- Hash functions are not used only in cryptography.
- The generation of random numbers is often underestimated.
- Keys are generated with random numbers.
- Cryptography has stringent requirements for random number generators.
- Computers are not designed to act randomly, which complicates the process of generating random number generators.
- Most computer-based, random number generators are actually pseudo-random number generators.
- The most important standard for digital certificates is X.509.
- Attribute certificates do not contain a key.