Solved-You will be using OpenSSL and your programming language of choice — Homework 4 -Solution

Description

Overview

For this homework, you will be using OpenSSL and your programming language of choice. This is fairly open ended and you may choose what programming language to use. I suggest to use Python, but if you are more familiar with another programming language or have one you would prefer to use, feel free to use it instead. Regardless of language choice, make sure your code is concise, commented, and easy to read. You may be docked points if your scripts are needlessly complex or hard to read. You are to write your own scripts and report for this assignment but you may work with others to discuss the assignment or your code.

Cracking Hashed Passwords

There is a csv file in this zipped assignment called “passwords.csv”. This csv has 20 passwords hashed using SHA-256 with no salt (one hash per line). Your assignment is to find the plain text of each of these twenty passwords. These passwords are some easy-to-guess passwords; they are English words with small permutations. These passwords plaintext are encoded using utf-8.

You are provided a file “dictionary.txt” which is a list of words that the passwords are based on. You are also provided with a list of permutations “permutations.txt” which contains the possible permutations applied to the English words; one example of a permutation is changing all “o” to a “0”. All of the passwords in the passwords file are a single English word with at most one of the permutations in permutations.txt applied to it.

As a sanity check to make sure your hashing algorithm is correct, the first password in passwords.csv is “password”.

1. Save your password cracking script to pw_cracker.py (use the file extension for the language you are writing in)

2. Write the twenty plain text passwords in order. If you were not able to obtain the plain text for a given password leave a blank line.

Writing Symmetric Key Encryption

For this section, you will be writing scripts to encrypt and decrypt a message using a symmetric key. You are to generate this symmetric key in OpenSSL, not in your script. Your scripts should be implemented as follows.

In your directory you will have a plain text message in plain.txt and your key file. Your encryption script will load the plain text message and the key file and use the key to encrypt the message and write the encrypted message to a file. Your decrypter script will load the encrypted message file and the key and use the key to decrypt the encrypted message; the script will then print the decrypted text to the console. This should match the plain text that was encrypted.

1. Save your encryption script to symmetric_encryption.py and the decryption script to symmetric_decryption.py (use the file extension for the language you are writing in)

Writing Public/Private Key Encryption

For this section, you will be modifying your previous scripts to use public/private key encryption. Make sure to save the previous versions of your scripts before starting this part as you will need to turn them in as well. You will need to generate a public key / private key pair; these should be put into separate files. This time, the encryption script will encrypt the plain.txt using the public key and save the encrypted version to a file. The decryption script will use the private key to decrypt the encrypted message and print the decrypted text to the console.

1. Save your encryption script to pubkey_encryption.py and the decryption script to pubkey_decryption.py (use the file extension for the language you are writing in)

Handin

Please submit your answers to the questions listed above in a single PDF document, your password cracking script, your symmetric key encryption and decryption scripts, and your public/private key encryption and decryption scripts.

Good luck!

1