NAME : MUHAMMAD NOORAIZUDDIN BIN ABDL HAMID

NO. REG : 01DNS16F1068

NAME : MUHAMMAD ADZHA BIN AHMAD ZULKOPLI
NO. REG : 01DNS16F1063
CLASS : DNS2C
LECTURER : PN. AMINAH BIBI
Encryption Review Lab Questions:

Please answer the following questions in your lab report.

1) Caesar Cipher: What does the cipher text below say? You can try to analyze by hand or use the
tool at the following link: http://www.simonsingh.net/The_Black_Chamber/caesar.html

LZAK AK S LWKL GX LZW USWKSJ KZAXL UAHZWJ HDWSKW LWDD EW OZSL LZAK
EWKKSYW KSQK

Answer : this is a test of the caesar shift cipher please tell me what this message says .

2) XOR Encryption: I have used XOR encryption to encrypt a word made up of seven characters.
The characters of this word have each been encrypted used using XOR encryption. The cipher text
of the word is as follows:

00010000
Answer : Capital E

00011011
Answer : Capital N

00010110
Answer : Capital C

00000111
Answer : Capital R

00001100
Answer : Capital Y

00000101
Answer : Capital P

00000001
Answer : Capital T

The key is: 01010101

Use http://www.tech-faq.com/xor-encryption.shtml to guide you through the decryption phase.

After you have applied the key to the binary strings above you can use the ASCII to binary
conversion chart at http://www.pcguide.com/res/tablesASCII-c.html to determine what letter each
eight bit string stands for and thus what the word is.
3) FreeCrypt: This lab will consist of a short hands-on exercise to use the FreeCrypt program as a
tool to illustrate encryption concepts. You will need to register at the following link:
http://www.steganos.com/en/products/for-free/freecrypt/overview/ Once you have registered
please decrypt the following message;

Ev1WbmNnKvP98RMWHaPUNR+c8wQHfIlCH8E54wGU1Z5S9eoLeJhwz87BHCbXewTC3dRn
7hBWaimCn6hoTYmDdkYpOGGXrYCE3DlplvU5RQOVHMiCyE5U6qaQ53cgJde5ebeS9/eFBC
XpjrEwY8B3hhJyBE0FqagoljGa7EUiZ0I=

The password for this exercise is abc123.

In addition to answering the questions posed in the encrypted question, what in your opinion is the
weak point of this system?

NOTE: At the Steganos web site, there are two other free tools: Safe One and LockNote. Take a look
at them. What do they do?

4) PGP: The tools that you have used above are what are known as secret key or symmetric
encryption systems where a secret key must be shared. In PGP things are little different. PGP uses
aspects of symmetric encryption but uses the concept of asymmetric encryption to exchange secret
session keys. PGP is actually a hybrid cryptography system. In this type of system, a user encrypts a
message with a secret session key and then locates in a directory the user that they wish to send the
message to. When they locate that user they encrypt the secret session key with the recipients public
key. Upon receipt of the message the user can decrypt the secret session key with their private key
and then use the secret session key to decrypt the message. Experiment with the PGP system by
downloading the trial version from the following link:
http://www.pgp.com/downloads/desktoptrial/desktoptrial2.html. Conduct the experiment by sending
an encrypted message to and receiving an encrypted message from your lab partner. Document all
the steps you took in order to earn credit for part 6.
Answer :

Step 1

Step 2- click share files

Step 3 open email with sharefile .

Step 4 click edit message options

Step 5 tick add encrypt , email me when files are accessed , require recipients to log in ,
and remember subject

Step 6 this message is encryption and click send .

Step 7 my partner has received my encrypted mail .

5) Symmetric and Asymmetric Encryption: Define and describe symmetric and asymmetric
encryption. Discuss advantages and disadvantages of each. Why is it important to exchange keys
out of band in symmetric encryption?
Answer :
Symmetric encryption
- A type of encryption where the same key is used to encrypt and decrypt the message. This differs
from asymmetric encryption (or public-key) , which uses one key to encrypt a message and
another to decrypt the message .
Asymmetric encryption
- A cryptographic system that uses two keys -- a public key known to everyone and
a private or secret key known only to the recipient of the message. When John wants to send a
secure message to Jane, he uses Jane's public key to encrypt the message. Jane then uses her
private key to decrypt it . An important element to the public key system is that the public and
private keys are related in such a way that only the public key can be used to encrypt messages
and only the corresponding private key can be used to decrypt them. Moreover, it is virtually
impossible to deduce the private key if you know the public key.
 Symmetric Encryption :
Advantages
- A symmetric encryption is
faster.
- A symmetric encryption uses
password authentication to
prove the receivers identity.
- A system only which possesses
the secret key can decrypt a
message.
Disadvantages
- Symmetric cryptosystems
have a problem of key
transportation. The secret key
is to be transmitted to the
receiving system before the
actual message is to be
transmitted. Every means of
electronic communication is
insecure as it is impossible to
guarantee that no one will be
able to tap communication
channels. So the only secure
way of exchanging keys
would be exchanging them
personally.
- Cannot provide digital
signatures that cannot be
repudiated .

Asymmetric Encryption :
Advantages
- In asymmetric or public key,
cryptography there is no need for
exchanging keys, thus eliminating
the key distribution problem.
- The primary advantage of public-
key cryptography is increased
security: the private keys do not ever
need to be transmitted or revealed to
anyone.
- Can provide digital signatures that
can be repudiated
Disadvantages
- A disadvantage of using public-key
cryptography for encryption is
speed: there are popular secret-key
encryption methods which are
significantly faster than any
currently available public-key
encryption method.

Why is it important to exchange keys out of band in symmetric encryption?

- So that they are not intercepted and used to read the secret message.
6) Hash Functions: What is a hash function? What are some hash algorithms? What can a hash be
used for?

What is a hash function?

Answer : A hash function is any function that can be used to map data of arbitrary size to data of
fixed size. The values returned by a hash function are called hash values, hash codes, digests, or
simply hashes.

What are some hash algorithms?

Answer : Secure Hash Algorithm (SHA). Message Digest 5 (MD5)

What can a hash be used for?

Answer : A hash function is any function that can be used to map data of arbitrary size to data of
fixed size. The values returned by a hash function are called hash values, hash codes, hash sums, or
simply hashes. One use is a data structure called a hash table, widely used in computer software for
rapid data lookup.