程序代写代做代考 algorithm Lab title: Symmetric (secret key) and asymmetric (public key) encryption

Lab title: Symmetric (secret key) and asymmetric (public key) encryption

Learning outcomes: Learn how to perform symmetric and asymmetric encryption.

In this lab we will use OpenPGP which is a non-proprietary protocol for encryption using public key

cryptography. It is based on the original PGP (Pretty Good Privacy) software. Specifically we will use

GNU Privacy Guard (GnuPG) which is an open-source implementation of OpenPGP. We will use this

tool via the Linux terminal. A description of how to use this tool can be found at the corresponding

Linux man page:

http://linux.die.net/man/1/gpg2

Symmetric encryption

We will now encrypt and decrypt a file using symmetric key encryption. Create a file which you wish

to encrypt using symmetric encryption (for example secret.txt). With the -c option, gpg2 encrypts the

file using a symmetric key. The file secret.txt can be encrypted using the following command:

gpg2 -c secret.txt

This generates an encrypted file with extension gpg (secret.txt.gpg). Compare the sizes of the original

and encrypted files. With the -d option, gpg2 encrypts the file using a symmetric key. The file

secret.txt.gpg can be decrypted using the following command:

gpg2 -d secret.txt.gpg

Asymmetric encryption

We will now encrypt and decrypt a file using asymmetric key encryption.

1. Generating public and private keypair

Enter the following command into the terminal

gpg2 –full-gen-key

A list of options corresponding to different public-key cryptosystems will be provided. Hit enter to

select the default RSA algorithm. RSA is the most popular asymmetric cryptographic algorithm, and is

built on the difficulty of factoring extremely large composites (a composite number is a positive

integer greater than one which is not prime).

GnuPG next asks you to choose the length of your keys. Longer keys are more secure but take longer

to compute. For the purpose of this lab, press enter to choose the default length of 2014 bits.

Next you will be asked how long you want the key to be valid for. Make an appropriate choice.

The generator will next ask you to answer a series of questions.

Eventually a dialog box will appear asking for a passphrase. This is necessary to ensure that even if

someone does gain access to your secret key, they will not be able to use it.

http://linux.die.net/man/1/gpg2

Finally gpg2 will begin to generate a random key. This requires many random bits and therefore you

will be asked to perform random actions such as moving the mouse randomly. If you chose a large

key size earlier this might take a while. However this only occurs once per keypair that you generate.

Following key generation a block of text will be displayed. The public key ID is a string containing

eigth characters on the line beginning with pub.

To return a list of keypairs stored on your computer (your keyring) enter the following command:

gpg2 –list-keys

The keypair just created should be displayed.

2. Publish public key to keyserver

A keyserver is a repository of public keys. It allows other people to import your public key into their

local keyring given your ID. To publish your public key to a keyserver enter the following command:

gpg2 –send-keys PUB_KEY_ID

Where PUB_KEY_ID is the key ID. GnuPG2 will default to using the keys.gnupg.net public keyserver;

most public keyservers synchronize with one another, so you can safely leave this as the default. You

can confirm that your key has been sent by going to the site http://keys.gnupg.net/ and searching for

your name.

If one does not wish to use a keyserver they can export their public key using the command:

gpg2 –export PUB_KEY_ID > PUB_KEY_ID.pub

This will create a file with extension pub. This file can then be shared and imported by somebody

into their local keyring using the command:

gpg2 –import PUB_KEY_ID.pub

3. Encrypting a document

Create a file which you wish to encrypt using asymmetric encryption (for example secret.txt). You can

encrypt this file using the following command:

gpg2 –encrypt secret.txt

You will be asked to enter the ID for the recipient of this document. The ID in question must be into

your local keyring. For now use the ID you just created.

4. Decrypting a document

To decrypt a document use the following command:

gpg2 –decrypt secret.txt.gpg

http://keys.gnupg.net/

You will be asked for the private key corresponding to the public key used to perform encryption. If

the private key is already stored on your keyring you will be asked for the password to access it.

Communicate with one of your fellow students using asymmetric encryption. You will need to import

their public key into your local keyring from the keyserver. This can be achieved using the following

command (replace PUB_KEY_ID with the public ID of the person in question):

gpg2 –recv-keys PUB_KEY_ID

To return a list of keypairs stored on your computer (your keyring) enter the following command:

gpg2 –list-keys

The keypair just imported should be displayed.