IS4560: Hacking and Countermeasures
Week 1 Lab: Implement Hashing & Encryption for Secure Communications
Learning Objectives and Outcomes
Upon the completion of this lab, students will be able to perform the following tasks:
Apply common cryptographic and hashing techniques on a message to ensure message confidentiality and integrity
Verify the integrity of the output of common cryptographic and hashing tools to determine whether an encrypted message is legitimate or whether it has been modified
Use and create an MD5 sum or SHA1 hash to generate a unique hash for data to assure the integrity of the data
Relate how a change to the data impacts the hash and why it is important to check the hash provided before executing or unzipping a binary or some other unknown file
Assignment Requirements Watch the Demo Lab in Learning Space Unit 2 and then answer each of the following questions.
Tasks:
1. Use the following encryption algorithms on the following message and record the result: “You Deserve an A”. You may use one of the readily available tools on the Internet to perform this encryption. Please provide the link (URL) of the tool you used.
a. MD5: 02f3b84a0bdae954498783594c668541
b. SHA1: D44A86680D449581A82644C663F8B5C34DB6BBF1
c. Link: http://onlinemd5.com
2. Decrypt the following. You may use one of the readily available tools on the internet to perform this encryption. Please provide the link (URL) of the tool you used.
a. MD5: 0cbc6611f5540bd0809a388dc95a615b
Result: Test
b. SHA1: 640AB2BAE07BEDC4C163F679A746F7AB7FB5D1FA
Result: Test
c. Link: http://reverse-hash-lookup.online-domain-tools.com/
3. If you were using corporate e-mail for internal and external communications but did not want to encrypt an e-mail message, what other security countermeasure can you deploy to ensure message integrity? Digital Signature
4. If you are using corporate e-mail for external communications that contain confidential information, what other security countermeasure can you deploy to maximize confidentiality of e-mail transmissions through the Internet? A SSL connection, PGP, Email encryption.
5. What is the difference between MD5sum and SHA1sum hashing calculations? Which is better and why? MD5: 128-bit/16-byte digest. Somewhat faster than SHA.
SHA: 160-bit/20-byte digest. More secure because stronger against brute force attacks.
6. Where can you store your public keys or public certificate files in the public domain? Is this the same thing as a Public Key Infrastructure (KI) server? The storage location is called the certificate store
7. What do you need if you want to decrypt encrypted messages and files from a trusted sender? Private key
8. What encryption mechanisms are built into Microsoft Windows XP Professional?
Encrypting File System
9. Which Windows encryption mechanism provides full disk encryption and uses the Trusted Platform Module to do so? Do you recommend that end-users encrypt their personal hard drives on Microsoft Windows platform and workstations? Bitlocker, I would only recommend so if there are sensitive data kept on the hard. I would also recommend keeping an up to date backup of the drive, because if the mother board were to go bad, you will need to have the data.
10. What happens if you have a forensic copy of a hard drive that happens to have the entire disk encrypted that you try to view with standard forensic tools? It still need to be decrypted