Tasks

This homework is assessed. You need to use OpenSSL to perform the following steps. I will test using OpenSSL version 1.0.1 14 Mar 2012 on a virtnet node. Therefore I suggest you perform the steps on a virtnet node. In files/text below, replace ID with your actual student ID.

  1. Generate your own RSA 4096-bit key pair. Use the default public exponent (65537). View and save your key information (you will need it in later homeworks). (Example with RSA)
  2. Extract your public key and submit it on Moodle as the file pubkey-ID.pem. Make sure your private key information is NOT included.
  3. Create a Bash shell script that contains all OpenSSL commands you used on the terminal in the previous steps, as well as the following steps, and save them in a text file called commands-ID.bash. You should copy-and-paste the actual commands you used from the terminal as I may use the exact commands to test your submission. As this script contains commands from steps 1, 2, 4, 5, 6, and 7, you should run those commands first and then put them in your script file, then do them again using the final script. (Example below)
  4. Sign your Bash shell script using SHA1, saving and submitting the signature as sign-ID.bin.
  5. Generate a 256 bit random value to be used as a secret key. Store the key as a 64 hex digit string in a file key-ID.txt. (Example with 128-bit, 16-Byte random value)
  6. Encrypt your Bash shell script using AES-256-CBC and the key generated in step 5. Use an IV of all 0's (i.e. 32 0's). Save and submit the ciphertext as ciphertext-ID.bin. (Example with AES-128-CTR)
  7. Encrypt your key-ID.txt file using RSA to send confidentially to Steve (public key), saving and submitting the ciphertext as secretkey-ID.bin.

You must submit four files on Moodle: pubkey-ID.pem, sign-ID.bin, secretkey-ID.bin and ciphertext-ID.bin. In addition you must keep your own private key information (but do not submit it). After the homework deadline I will decrypt your ciphertext and verify your commands.

OpenSSL

There are examples of most of the commands you need to complete the tasks in my description of public key encryption with OpenSSL. Note however you may need to make small changes - you cannot necessarily copy-and-paste the exact commands. Examples of generating the random key and encrypting with AES are in my simple introduction to OpenSSL.

Bash Shell Scripts

A Bash shell script is just a text file containing a set of commands that you run on the command line. However the first line of the file must start with:

#!/bin/bash

Comments can be included by starting a line with #. The Bash script can be executed by typing:

$ bash scriptname.bash

executing all commands in the file. The following is a simple example:

network@node1:~$ cat randomkey.txt
d76fed4e2f464156
network@node1:~$ cat examplescript.bash 
#!/bin/bash
pwd
ls /
# This line is a comment
echo "hello"
myvariable=`cat randomkey.txt`
echo "My variable is: $myvariable"
network@node1:~$ bash examplescript.bash 
/home/network
bin   etc      lib          mnt   root  selinux  tmp    vmlinuz
boot  home      lost+found  opt   run   srv       usr
dev   initrd.img  media       proc  sbin  sys       var
hello
My variable is: d76fed4e2f46415