mobile wallpaper 1mobile wallpaper 2mobile wallpaper 3mobile wallpaper 4
Profile Image of the Author
dreaife
Announcement
welcome to my blog
Tags
319 words
2 minutes
Experiment 9: Encryption, Digital Signatures, and Certificates
2022-07-01
cs-base
network
/
school

1. Experiment Objectives#

  • Understand the concepts of symmetric and asymmetric encryption systems
  • Understand the concepts and theory of hash functions, digital signatures, and digital certificates
  • Master symmetric encryption, key-pair creation, and application based on Openssl
  • Master the creation and application of digital signatures and digital certificates based on Openssl

2. Experimental Environment#

  • Hardware requirements: One Alibaba Cloud ECS instance.
  • Software requirements: Linux or Windows operating system

3. Experiment Content#

OpenSSL is an open-source software library that applications can use to perform secure communications, prevent eavesdropping, and verify the identity of the other connected party. This package is widely used on Internet web servers.

References:

https://www.openssl.org/

https://gitee.com/mirrors/openssl?utm_source=alading&utm_campaign=repo#download

https://www.openssl.org/

https://www.jianshu.com/p/fb2ae3dc7986

https://www.yisu.com/zixun/21796.html

3.1 Symmetric Encryption#

Install Openssl, and prepare a plaintext document lx.txt with arbitrary content. Use a symmetric encryption algorithm to encrypt and decrypt lx.txt.

Requirements: There should be descriptive process text, explanations of the current operation and parameter meanings, and provide corresponding operation screenshots

3.2 Hash Functions#

Compute the MD5 and SHA-256 hash values of lx.txt

3.3 Asymmetric Encryption#

Create a 2048-bit RSA key pair (public-key cryptosystem). Use the created public key to encrypt lx.txt, and decrypt with the private key

OpenSSL> genrsa -out RsaPrivateKey.pem 2048
OpenSSL> rsa -in RsaPrivateKey.pem -pubout -out RsaPublicKey.pem
OpenSSL> rsautl -in plain.txt -out enc.txt -inkey RSAPublicKey.pem -pubin -encrypt
OpenSSL> rsautl -in enc.txt -out replain.txt -inkey RSAPrivateKey.pem -decrypt

Key pair generated

KlN3SMRq8dEXZQ5.png

Public key generated

HzujWoMiJ2grXlV.png

Files before and after encryption/decryption

4.4 Digital Signature#

Digitally sign lx.txt and verify

sha1 -out digest.txt lx.txt
rsautl -sign -inkey RsaPrivateKey.pem -in digest.txt -out signT.bin
rsautl -verify -inkey RsaPublicKey.pem -pubin -keyform PEM -in signT.bin

b5jAVxnSl6UYskf.jpg

4.5 Certificate#

Create a self-signed certificate using openssl

genrsa -des3 -out ca.key 1024
rsa -in ca.key -out ca.key
req -new -x509 -key ca.key -out ca.crt -days 365
genrsa -des3 -out server.key 2048
req -new -key server.key -out server.csr
x509 -req -in server.csr -CA ca.crt -CAkey ca.key -set_serial 01 -out server.crt -days 365

fdRanm3e5BElwuU.jpg

5. Experimental Summary#

5.1 Issues and Solutions#

During the digital signature step, the command sha1 -out digest.txt lx.txt produced an error. The fix was that sha1 had been mistyped as shal; after entering sha1 -out digest.txt lx.txt, it worked.

5.2 Reflections#

  • This experiment familiarized me with applying OpenSSL to encrypt files and create self-signed certificates, reinforcing the knowledge presented in class. Through this experiment, I have mastered the concrete workflow of using OpenSSL, learned the basic usage of common Linux configuration software, and improved my programming ability.
  • Through these common Linux command operations and OpenSSL configuration and usage, I validated the knowledge learned in class.
Share

If this article helped you, please share it with others!

Experiment 9: Encryption, Digital Signatures, and Certificates
https://dreaife.tokyo/en/posts/encryption-signature/
Author
dreaife
Published at
2022-07-01
License
CC BY-NC-SA 4.0

Some information may be outdated

Experiment 5: Email
Experiment 7: HTTP Protocol Analysis and Measurement
Related Posts Smart
1
Experiment 6: DNS Protocol Analysis and Measurement
cs-base This experiment aims to understand the DNS protocol and its basic concepts, including domain name structure, DNS servers, and the principles of domain name resolution. It covers DNS system configuration, DNS information measurement with the dig tool, and DNS query packet analysis using tcpdump and Wireshark. The results show the fields in DNS queries and their meanings, and the experiment concludes with issues encountered and solutions, improving understanding of DNS and programming skills.
2
Experiment 7: HTTP Protocol Analysis and Measurement
cs-base This experiment aims to understand the HTTP protocol and its message structure, and to master HTTP packet capture and analysis using tcpdump and Wireshark. By downloading the Xinjiang University homepage, it analyzes the HTTP version, IP addresses, status code, content length, and header fields. A connection error encountered during the experiment was resolved, improving programming skills and understanding of HTTP.
3
Experiment 8: Deployment and Application of a Web Server
cs-base This experiment aims to understand the structure of email systems, client-server communication, and SMTP/POP3 protocols. By installing and deploying Nginx and Apache on Alibaba Cloud, it demonstrates access to static and dynamic web pages, resolves dependency package installation issues, and improves understanding of Linux software configuration and programming ability.
4
Experiment 5: Email
cs-base This experiment aims to understand the basic structure of email systems and communication protocols including SMTP and POP3. By sending and receiving emails using mail agents, clients, webmail, and telnet commands, the communication process and protocols are analyzed. The results show a clearer understanding of the detailed mail sending workflow and SMTP protocol analysis, improving programming ability and protocol understanding.
5
Experiment 2: IP Protocol Analysis
cs-base This experiment aims to understand the IP packet format and the meaning of its fields, and to master the use of tcpdump and Wireshark. The environment includes an Alibaba Cloud host and operating systems. Through packet capture with tcpdump and analysis with Wireshark, it studies the IP protocol structure and related commands, resolves traceroute and Xftp connection issues, and improves programming ability and understanding of IP.
Random Posts Random
1
Learning HTML
FRONTEND 2022-07-15
2
Bidding Platform Based on Nest.js and Angular, with Jest Tests and CI/CD
BACKEND 2024-12-07
3
Learning JavaScript
FRONTEND 2024-11-16
4
Java Reflection & Proxy Interview Notes
cs-base 2024-01-24
5
Algorithm Study: Prefix Sum, Difference Array, and Two Pointers
algorithm 2022-07-16
萌ICP备20261996号
© 2026 dreaife. All Rights Reserved. / RSS / Atom / Sitemap
Powered by Astro & Mizuki  Version 9.0

Table of Contents