SEC 280 Week 4 Assignment Help | Devry University
Week 4 Assignment
Week 4: exercise - keys
In this exercise we will use cryptool to generate encryption keys, sign a document, verify a signature, and extract a signature. Before we continue, let's recap how a signature works. A document has a unique hashed value. This hashed value can be encrypted with an individual's private key to tie the document to the holder of the private key. The encrypted hashed value is called a digital signature, and generating such a value for a document is referred to as digitally signing a document.
First, launch Cryptool we installed in Week 2. Click on File and New from the top menu bar. In the blank window type the following message: It is a great day at devry University.
If you have the key pair we generated in Week 3, skip to the next paragraph. Otherwise, generate another one following the instructions here. Click on Digital Signature/PKI and PKI from the menu bar. Select Generate/Import keys. In the pop-up window, select RSA and complete the User Data section on the right. In addition to Last nameand First name, enter a PIN (e.g., 1234). Click on the Generate new key paid button at the bottom of the screen. You will receive a message that the keys have been successfully saved. Close any open windows except the windows with our message: It is a great day at devry University.
On the top menu bar, click on Digital Signature/PKI, and Sign Document. In the "Choose hash function" section, check SHA-1 160 bits. In the "Choose signature algorithm" section, check RSA. Highlight the key pair you generated in Week 3 or this week in the middle of the window. Remember to enter your PIN in the "PIN code for chosen PSE:" field. Click on the Sign button and the digital signature will be displayed in the "RSA (SHA1) signature of" window. Capture this window and paste the screenshot in a Word document Sec280Week4_Template.docx (Links to an external site.).
Next, leave the "RSA (SHA1) signature of" window with the signature open. Click on Digital Signature/PKI and then Verify Signature from the top menu bar. In the "Signature Verification" window, highlight the same key pair you just used to sign the document and click on the Verify Signature button on the bottom left of the window. You will receive a "Correct signature!" message to confirm that the signature is correct. Capture the pop-up window with the message and paste the screenshot in your Word document (Sec280Week 4 Template.docx). Click OK to close the pop-up window. The signature is verified as correct because it is the same as what we just generated. If you erase or modify some hexadecimal numbers in the signature, and repeat the earlier steps in this paragraph to verify it, you will receive an "Invalid signature!" message instead.
Click on Digital Signatures/PKI and Extract Signature from the top menu bar. In the "Extracted Signature" window, the signature and the signed message "It is a great day at devry University" are displayed. Capture the "Extracted Signature" window and paste the screenshot in your Word document (Week4 Template.docx). Click Close to exit the window.
Lastly, create a text file on your PC, add any text you would like, and save it as MYTEST. Go back to cryptool, click on Digital Signatures/PKI, and select Signature Demonstration (Signature Generation). The "Step by Step Signature Generation" window contains a schematic diagram of the digital signature process.
Click on the green Open document box or the file icon on its bottom left. Navigate to and select/open the MYTEST file you just created. Click on the red Select Hash function box. Choose SHA-1 and then click OK to close the pop-up window. Click on the red Compute hash value box and the blue Hash value box next. The hash value of your MYTEST file is now displayed at the bottom of the window.
Click on the red Generate key box in the schematic diagram. In the "Generate RSA Key" pop-up window, click on the Generate prime numbers button to accept default values. In the next "Prime Number Generation" window, click on the Generate prime numbers button on the bottom left of the page, and then the Apply primes button to finalize the key generation. Click on the Store key button in the "Generate RSA key" window and go back to the schematic diagram.
Click on the red Encrypt hash value box and then the blue Encrypted hash value box below. The Encrypted hash value is now displayed at the bottom of the window. Click on the red Provide certificate box above. Enter Last name, First name, and a PIN (confirm the PIN) in the "Personal data for the certificate" section. Click on the Create Certificate and PSE button on the bottom left of the window to create a certificate.
Click on the red Generate signature box in the schematic diagram. Click on the blue Signature box below that to display the SHA-1 signature of <MYTEST.txt> at the bottom of the window. Click on the yellow Store signature box and wait for the pop-up window with the "...have generated a new RSA key and stored it together with a certificate..." message. Capture the pop-up screen and paste the screenshot in your Word document (Sec280Week4 Template.docx). Click OK and close the pop-up window.
1 attachments —
Ask a question