This assignment is worth 125 points. Partial credit will be given for all questions — it is in your best interest to not leave any blank. Some of these questions may require you to conduct research beyond what we learned in class. You are free to leverage any public resources you'd like to complete this assignment, but make sure to cite your sources in your answers. Refer to this course's honor code policy for more information on what is appropriate reuse.

This assignment has two parts. In Part 1, you will solve a set of crypto challenges that emphasize some of the strategies deployed by penetration testers attempting to find weaknesses in software systems making use of encryption. In Part 2, you will gain some experience using a popular public key encryption package, and will have the opportunity to install and try out a mobile communications application that makes use of strong encryption for secure messaging.

Record your responses to the following activities in the README.md file in the homework02 folder of your assignments GitLab repository and push your work (including any code you developed) by 11:59 PM Thursday, February 7.

Activity 0: Branching

As discussed in class, each homework assignment must be completed in its own git branch; this will allow you to separate the work of each assignment and for you to use the merge request workflow.

To create a homework02 branch in your local repository, follow the instructions below:

$ cd path/to/cse-40567-sp19-assignments   # Go to assignments repository

$ git checkout master                     # Make sure we are in master branch

$ git pull --rebase                       # Make sure we are up-to-date with GitLab

$ git checkout -b homework02              # Create homework02 branch and check it out

$ cd homework02                           # Go into homework02 folder

Once these commands have been successfully performed, you are now ready to add, commit, and push any work required for this assignment.

Part 1: Crypto Challenges

Activity 1: XOR Encryption (25 Points)

XOR as a transformation for encryption is a very weak way to protect data. You probably won't find it under the hood of commercial software. This first exercise is meant to get you thinking about the practice of cryptanalysis using a scenario where it is very feasible to recover the key and plaintext via automatic means.

  1. A lone string in this file has been encrypted via the use of the XOR function with a one-character key. Write some code that will automatically identify the string in question. Provide the string in your answer to this question. Hint: you need to write a routine that is able to score a line of English-language text. Adding up established character frequency statistics for letters and choosing the sequence with the highest score is a valid way to do this.

  2. Now that you've found the string, what is the key and the corresponding line of plaintext? Provide both in your answer to this question.

Activity 2: AES, ECB Mode and Keys (25 Points)

The absolute simplest Advanced Encryption Standard (AES) mode is Electronic Codebook (ECB) mode. In this mode, the plaintext is broken up into fixed sized blocks, which are encrypted separately. For this question, you will write a decryption routine to recover some plaintext that has been encrypted via AES ECB mode.

  1. This ciphertext is Base64-encoded, and was encrypted using AES-128 in ECB mode with this key: neurotransmitter. Using OpenSSL or another library providing AES functionality, write some code (do not use the OpenSSL command-line program) to decrypt the ciphertext. Provide the plaintext as part of your solution to this question.

  2. What is special about the length of the chosen key?

Activity 3: Finding AES ECB Mode Ciphertext (25 Points)

In spite of being in the AES standard, ECB mode turns out to be very problematic in practice. The reason for this is that the same 16 byte plaintext block will always produce the same 16 byte ciphertext block. Your task in this question is to devise an algorithm to detect AES ECB mode ciphertext. A tool that can automatically detect the algorithm and mode used is very useful for penetration testing, because certain instances of ciphertext may reveal far more information than is desirable (in violation of the properties of ciphertext we discussed in class).

  1. This file contains a large number of hex encoded ciphertexts. Exactly one of them has been encrypted using AES ECB mode. Which one is it? Code up an AES ECB mode ciphertext detector. Note the line number of the detected ciphertext in your answer. Hint: the above description of ECB mode has everything you need to solve this problem.

  2. What AES mode is a safer alternative to ECB for a block cipher?

Activity 4: Detecting Two AES Modes (25 Points)

Remarkably, depending on the setting, it is possible to detect not just one, but two modes of AES given only the ciphertext. In this question, the objective is to write some code to do this.

  1. Write a method to generate 16 random bytes that can be used as an AES key.

  2. Write another method that is able to encrypt arbitrary strings given a randomly generated key from the first method. This method should append 5-10 bytes (a value chosen at random) before the plaintext and another 5-10 bytes after the plaintext. When it comes to the encryption, the method should randomly select either ECB or CBC mode. When in CBC mode, use a random IV per encryption invocation. The ciphertext is the return value.

  3. Write a final method that is able to detect the block cipher mode the encryption method operated in for each ciphertext it outputs. (Hint: the code you wrote for Question #3 will help here.) This method should output the detected mode as a text string, along with a self-check of the correctness of the detection, also printed as a text string (e.g., "ECB Mode [correct detection]")

  4. Set your program to run for 30 different iterations by default. It is up to you to choose the plaintext for each iteration. The code you've written serves as the answer to this question.

Part 2: Crypto In the Real World

Activity 5: GNU Privacy Guard (15 points)

gpg is a popular tool that is used to encrypt email messages via Public Key Cryptography.

  1. Download and install gpg on the platform of your choice (Linux, OS X and Windows are supported).

  2. Generate a 2048-bit Public / Private RSA Key Pair.

  3. Export an ASCII version of your public key and submit it as the first part of your answer to this question. You might consider publishing your public key on your website so others can make use of it for sending you secure messages (how often have you received a password in plaintext?).

  4. Import the following public key associated with CSE 40567/60567:

    -----BEGIN PGP PUBLIC KEY BLOCK-----
    Version: GnuPG v1

    mQENBFaK6L0BCADCDaQnkGdPQof7E0BQ+tPok1oNrV6Qn5gepjAt0YV6/K4vV2H7
    hzAfIhQQZ+7vvfA7+pc0MytL4i/yfujRTee3tPhiw1zV2N0qudzY4gKzi0uxR1G2
    y5qQrRDd25aWktmncme5XvrSTw8LRbnyoCpwe7XLj4jykUFUo926JGExz1qIr1tF
    pkHOFoh+kkZGF6TtQrWGIl9XMZwJvX0D0teb5mhBdxWHNio3fq4N3hUjer+ElQZA
    jbNGiw2ARK/0Y4xmPku4FrTd4X5Si5HtTj+MNzMh7cgRABJMVydacynI1eRjqfvr
    jBmfUFCRRxfremxswwcs9bR8ER1JEuCvd4nDABEBAAG0IVdhbHRlciBTY2hlaXJl
    ciA8d3NjaGVpcmVAbmQuZWR1PokBOAQTAQIAIgUCVorovQIbAwYLCQgHAwIGFQgC
    CQoLBBYCAwECHgECF4AACgkQ9BjV9S6O1emd7wf/RN5Q6IyXxK9P66wwvKj8UgT5
    6NExFyxPYtHwHS4x6UjBkr6DUBlOIKCHOA6tmIbMoLL8/VAobRhZbqYBuHKrX0yw
    i2opBHoTl7CSw7RrxHm8PgLGs/jqjvSltydRT6t+btrc3g0TuT7evGu8rwVRXKDP
    Wske6UvT9PWwVUbN7Uw8YDLxiBHDFx72kw5CmFl0CKd9VFUa7UTb6G0tpVDMFjXQ
    5ABGUDouCG2slK2fCJQsPypm+lUqTUOUeUVSUagD1ciu8nMmkTSZJGPgW1Y3nfNR
    kfCS/D2CIsJAmk6GUi9+zpjjWiRWbYGG0gsbVqQsUdoYg1egUfAXfCCfHDM5sbkB
    DQRWiui9AQgA3iJFojHXeyGCXruDHM+foNnsY08UgSXWWJXInWDSNQYtrKlSb18p
    bnLubQm1tSvcrH0iwRW4ImyjFR8MjU23Qglyc331Qt0wY8dJOhlEJKua3Ns/bI/q
    dEEgDpRQFssu2opg7ex3ZEgnz73POnwL67NHSwMY70cjE7RBmWjkWta+XsjdTXGG
    lNM6S/YEQ845SuotkrE85fGmivXJudT9mwdzzqTP86kvFeBQIIMgaiBJX0RrsKjP
    dt5MFGBDR3KMnCJxf1+Gqr7DBE190xC2x1njOfgoWRhwCdXBAXoZIqZlV8Khq5us
    /5Wq0uvsKQrc4OdKx5F/b0crjtmPe6KYpQARAQABiQEfBBgBAgAJBQJWiui9AhsM
    AAoJEPQY1fUujtXp6lUH/2Kfp5thh/Kiko2nF+Tq9OLrx52NDrW3GaNKakOQk9ll
    K0io7wmZqnhKgDlXjmzls9Dra0K6P8BD0Vc0xbNEEGyXJQfXRDAfz5ZTT4cz3P70
    l9/n9Q2WdHEOg/9GxqQ6sFUVEV8jKQvkQEFLsmHZfWHE1VvwImpTsrecL9YmNbnF
    0oLvOsDkqrUh+NNXK5TngDWU31+ofl0iPRpi4ba1NozAhWag2xgR1L0HlZkKNNot
    mCk322HUPrl2HKGsDmGm6IYZTJ+9hU1V8ousb9S+5jRoxcTNH0TKZP2n/SXBWRuO
    rOK7IFjjrXCWFM47tCmiVmUs6dl9zAXo0i5+URgMh3o=
    =YhBs
    -----END PGP PUBLIC KEY BLOCK-----

  5. Sign the public key associated with CSE 40567/60567 with your own key. What did this step accomplish? Turn in your response as the second part of your answer to this question.

  6. Encrypt this message with the CSE 40567/60567 public key and turn in the ciphertext as the third part of your answer to this question.

Activity 6: Using Signal (10 points)

Signal is an open source encrypted communications app for Android and iOS devices, with desktop support that syncs to a registered mobile device. It is developed by Open Whisper Systems, which created the double ratchet algorithm that underpins the security of the software. The signal app has become wildly popular with privacy advocates, activists and even politicians in the current environment of poor computer security and endemic corporate and government surveillance. But it's also useful for transferring website credentials, PINs, and other more mundane, but still sensitive, information. Your task here is to install signal on your phone. After you have done this, send a message to our TA Aidan (his number can be found in the slack team chat) to verify that you have "answered" this question. Remember to use signal whenever you need to send a quick message that should be protected — it's really this easy.

Q&A

Q: In Q.1, does "string" mean line in the file?

A: Yes.

Q: In Q.1, what is the purpose of the routine that is able to score a line of English-language text? Isn't this just a straightforward brute-force attack?

A: The idea is to have your program automatically find the right key (required for full credit), instead of forcing a manual search through all of the possibilities to find the correct plaintext. In a realistic penetration testing scenario, the keyspace may be enormous, thus checking things by hand isn't always an option.

Q: What is the fingerprint of the key in Q5.4?

A: Key fingerprint = 5467 6829 FCCB 5B0B 8D36 0E6D F418 D5F5 2E8E D5E9

Q: For Q1-4, what programming language should I use for this assignment?

A: You can choose to do this in any language, but if you are familiar with Python, you may find it to be the best option.

Q: I am unsure of the development environment I should use for this assignment? Any recommendations?

A: Do this in an Ubuntu VirtualBox VM if you don’t have access to a native machine with OpenSSL. Installing the development libraries is very simple: sudo apt-get install libssl-dev

Feedback

If you have any questions, comments, or concerns regarding the course, please provide your feedback at the end of your README.md.

Submission

Remember to put your name in the README.md file. To submit your assignment, please commit your work to the homework02 folder of your homework02 branch in your assignment's GitLab repository:

$ cd path/to/cse-40567-sp19-assignments   # Go to assignments repository
$ git checkout master                     # Make sure we are in master branch
$ git pull --rebase                       # Make sure we are up-to-date with GitLab
$ git checkout -b homework02              # Create homework02 branch and check it out
$ cd homework02                           # Go to homework02 directory
...
$ $EDITOR README.md                       # Edit appropriate README.md
$ git add README.md                       # Mark changes for commit
$ git commit -m "homework02: complete"    # Record changes
...
$ git push -u origin homework02           # Push branch to GitLab

Procedure for submitting your work: create a merge request by the process that is described here, but make sure to change the target branch from wscheirer/cse-40567-sp19-assignments to your personal fork's master branch so that your code is not visible to other students. Additionally, assign this merge request to our TA (aboyd3) and add wscheirer as an approver (so all class staff can track your submission).