Thanks to visit codestin.com
Credit goes to www.scribd.com

Scribd
Upload
22 views5 pages

Information Security Lab-3 - Updated

The document outlines a lab focused on symmetric and asymmetric cryptography, specifically implementing AES and RSA algorithms using OpenSSL. It includes installation instructions for OpenSSL, a comparison of symmetric and asymmetric encryption, and detailed steps for encrypting and decrypting data. The lab concludes with expected outputs and suggestions for additional exercises to enhance understanding of cryptographic methods.

Uploaded by

munazamalik62
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
22 views5 pages

Information Security Lab-3 - Updated

The document outlines a lab focused on symmetric and asymmetric cryptography, specifically implementing AES and RSA algorithms using OpenSSL. It includes installation instructions for OpenSSL, a comparison of symmetric and asymmetric encryption, and detailed steps for encrypting and decrypting data. The lab concludes with expected outputs and suggestions for additional exercises to enhance understanding of cryptographic methods.

Uploaded by

munazamalik62
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 5

Information Security Lab-3

Symmetric and Asymmetric Cryptography

Lab Objectives

• Understand the differences between symmetric and asymmetric encryption.

• Implement AES (Advanced Encryption Standard) and RSA (Rivest-Shamir-Adleman)


algorithms.

• Encrypt and decrypt data using OpenSSL.

Prerequisites

• Windows operating system

• OpenSSL installed on the system

• Basic understanding of command prompt usage

Step 1: Installation of OpenSSL

1. Download OpenSSL

To perform cryptographic operations, OpenSSL must be installed on the system. Follow these
steps:

• Visit the official OpenSSL website: https://slproweb.com/products/Win32OpenSSL.html

• Download the latest Win64 OpenSSL version suitable for your system.

• Choose the EXE installer (not the source code) for ease of installation.

2. Install OpenSSL

Once the installer is downloaded, follow these steps:

• Double-click the downloaded .exe file to launch the installation wizard.

• Accept the license agreement.

• Select the installation directory (default is C:\Program Files\OpenSSL-Win64).

• Choose The Windows system directory when prompted for OpenSSL DLL placement.

• Click Install and wait for the process to complete.

• Click Finish after installation is done.


3. Configure Environment Variables

To use OpenSSL from the command prompt, the installation path must be added to the system’s
environment variables:

1. Open Control Panel > System > Advanced system settings.

2. Click Environment Variables.

3. Under System Variables, find and select Path, then click Edit.

4. Click New and add the OpenSSL binary path:

C:\Program Files\OpenSSL-Win64\bin

5. Click OK to save changes.

6. Restart your computer to apply the changes.

4. Verify Installation

To ensure OpenSSL is installed correctly, open Command Prompt and run:

openssl version

Explanation: This command checks the installed version of OpenSSL and confirms that it is
properly configured. If the installation is successful, you should see an output similar to:

OpenSSL 3.0.0 (Library: OpenSSL 3.0.0)

If you receive an error, check that OpenSSL is installed in the correct directory and that the
system environment variables are correctly set.

Step 2: Understanding Symmetric vs. Asymmetric Encryption

Symmetric Encryption (AES)

• Uses a single key for both encryption and decryption.

• Faster than asymmetric encryption.

Asymmetric Encryption (RSA)

• Uses a pair of keys (public and private).

• The public key encrypts data, and the private key decrypts it.

Step 3: Implementing AES Encryption (Symmetric)

1. Create a sample text file:


echo This is a secret message. > message.txt

Explanation: This command creates a text file named message.txt and writes "This is a secret
message." into it.

2. Generate a random key and IV (Initialization Vector) for AES:

openssl enc -aes-256-cbc -k secretpassword -P

Explanation: This command generates a random key and IV using AES-256-CBC encryption,
based on the given password.

Example Output:

kek = 5F8C76AB87...

iv = ADFE456789...

3. Encrypt the file:

openssl enc -aes-256-cbc -pbkdf2 -in plaintext.txt -out encrypted.txt -k secretpassword

Explanation: Encrypts message.txt using AES-256-CBC encryption and saves the encrypted data
in encrypted.txt.

4. Decrypt the file:

openssl enc -aes-256-cbc -d -in encrypted.txt -out decrypted.txt -k secretpassword

Explanation: Decrypts encrypted.txt using the same password and outputs the decrypted
content into decrypted.txt.

5. View the decrypted file:

type decrypted.txt

Explanation: Displays the content of decrypted.txt to verify successful decryption.


Step 4: Implementing RSA Encryption (Asymmetric)

1. Generate an RSA key pair (private and public keys):

openssl genpkey -algorithm RSA -out private_key.pem

Explanation: Generates a private RSA key and saves it in private_key.pem.

openssl rsa -in private_key.pem -pubout -out public_key.pem

Explanation: Extracts the public key from the private key and saves it in public_key.pem.

2. Encrypt the message using the public key:

openssl pkeyutl -encrypt -pubin -inkey public_key.pem -in message.txt -out encrypted_rsa.txt

Explanation: Encrypts message.txt using the public key and saves the encrypted content in
encrypted_rsa.txt.

3. Decrypt the message using the private key:

openssl pkeyutl -decrypt -inkey private_key.pem -in encrypted_rsa.txt -out decrypted_rsa.txt

Explanation: Decrypts encrypted_rsa.txt using the private key and stores the decrypted
message in decrypted_rsa.txt.

4. View the decrypted file:

type decrypted_rsa.txt

Explanation: Displays the content of decrypted_rsa.txt to verify successful decryption.

Expected Output

• After AES decryption, decrypted.txt should contain:

This is a secret message.

• After RSA decryption, decrypted_rsa.txt should contain:

This is a secret message.


Conclusion

• AES encryption is faster but requires a shared key.

• RSA provides better security for key exchange but is slower.

• OpenSSL provides a simple way to implement both encryption methods.

Additional Exercises

• Try encrypting a larger file.

• Use a different encryption mode such as AES-GCM.

• Generate stronger RSA keys (e.g., 4096 bits).

You might also like