Assignment: Cryptography
Question 1: Security professionals need to ensure that they keep up to date with the latest threats and security issues. This allows them to update their risk profiles, such as identifying if their systems are vulnerable. In order to determine what the risk to an organisation is, you need to know what the problems could be.
In this assignment, your task is to identify a recently announced security vulnerability and write a profile of the threat. The profile should contain the name of the threat, the systems it attacks, how it performs its attack, mitigation strategies and concluding reflection (100 words) on the adequacy of the mitigation strategies. The risk to an organisation using vulnerable systems should also be determined.
Your report should be maximum 2 pages and should contain relevant tables, calculations, a ranked list of threats (in terms of impact) and conclusions.
See the scoring sheet for this assignment, and ensure that your report fulfils the criteria listed.
Question 2: You are required to learn the GPG/PGP package using Linux Kali environment (learning the applications of private and public key cryptography to secure email messages and documents) to be able to answer the following questions. You should pair up with one of your class fellow to do this lab and record results and give commentary on the results.
If you do not have a class fellow then create two user accounts and you can encrypt using one account and descript using other account.
a) Generate keys of 2 different sizes for RSA encryption scheme and include these keys in the report.
b) Encrypt a file (text or binary) using 2 key sizes and include your results and note the observation
c) Create a file of close to 1 GB and encrypt and decrypt it and note the time taken. Comment on the reason why this much time has taken. Calculate how long it would take to do the encryption/decryption of a 10 GBs of data.
d) Export your public key and discuss the reason why your exported key should be in ASCII format.
e) Encrypt a file and output the cipher text in ASCII format. Explain when you need cipher text in ASCII format.
f) You should work with your class fellow/or create two accounts to do this experiment and record your observation in the form of commands being used or procedure being followed and includeyour results.
I. Exchange your public key and your friend's public key using email.
II. Import your friend's public key into your key ring.
III. Encrypt a file using your friend's public key and send the encrypted file to your friend.
IV. Ask your friend to decrypt the encrypted file.
V. You can ask your friend to do the same thing.
g) Write a reflection report in 100 words about the role cryptography can play in ensuring right to privacy of individuals.