FIT5037 Asymmetric Key Encryption Week 3 Lab Sheet

Form groups of 2 and attempt the exercises. The exercises are not designed to be completed in tutorial
sessions but rather to give you some tasks and a starting point to continue and complete on your own. No
solutions will be released for these exercises.

Lab Exercises

1. Use man utility for genrsa, rsa, and rsautl to learn about the command line options of openssl
utility for generating RSA keys. Then:

(a) Generate a key pair of size 2048 bits (genrsa generates the private key which contains the
public exponent, you can use the rsa utility to get the public key out).
(b) Create a text file and encrypt the file and then decrypt it.
(c) Sign the file and then verify it. Which mode of RSA is used? with or without message recovery?.

Note: You can use bless hex editor or vim -b to modify the binary files.

2. Use man dgst to learn about hash functions detached signatures (e.g. RSA without message
recovery).

(a) Generate the SHA512 hash of a plaintext file.

(b) Generate a detached signature for a plaintext file.
(c) Verify the signature, change the original file (or a copy of it) and verify the signature again.

3. Use man utility for dsaparam, dsa, and pkeyutl to learn about the command line options of openssl
utility for generating DSA keys and signing and verification operations. The pkeyutl is used for all
public key method supported by openssl (RSA, DSA, and EC). Then:

(a) Generate a DSA parameter file with 2048 bits security.

(b) Generate a key pair using the parameter file.
(c) Get the private key out of the generated file in the previous step and into an encrypted file. Get
the public key out in another file.
(d) Can we get the public key out of the private key and how?
(e) Create a text file and sign the file and then verify it. The utility is quite limited in terms of
signing and verification. It only supports SHA1 and expects 20 bytes input as the hash of the
message to generate the signature. So to generate the signature first the SHA1 hash of the
message in binary must be created. When verifying the signature to specify that the key is
public use -pubin in combination with -inkey.
(f) Make changes to the file (or its copy) and verify again.

4. Use man utility for ecparam, ec, and pkeyutl to learn about the command line options of openssl
utility for generating EC keys and sign and verify operations.

(a) First list the supported curves by openssl.

(b) Generate an EC parameter file for one of NIST curves with minimum 500 bits security.
(c) Generate a key pair using the parameter file.
(d) Get the private key out of the generated file in the previous step and into an encrypted file. Get
the public key out in another file.
(e) Create a text file and sign the file and then verify it. What is the signature of the file?
(f) Make changes to the file (or its copy) and verify again.

5. We are going to use Gnu Multi-precision library for this exercise. The gmpy2 is a wrapper python
library for C version of gmp. As in RSA and DH algorithms we only work with integers then only
multi-precision integers are needed. You can find a list of available methods and brief description at
https://gmpy2.readthedocs.io/en/latest/mpz.html. Write python code to:

1
FIT5037 Asymmetric Key Encryption Week 3 Lab Sheet

(a) generate RSA key pairs with 2048-bit security.

(b) generate a key pair and encrypt a message using the generated key (confidentiality)
(c) decrypt the ciphertext

You can start by completing the following code:

# !/ usr / bin / env python3

import gmpy2 as gmp

from gmpy2 import mpz
import random
import os

def str2mpz ( msg ) :

’’’ To convert strings to mpz integers ’’’
m = bytes ( msg , ’ ascii ’)
return gmp . mpz ( int . from_bytes (m , byteorder = ’ little ’) )

def mpz2str ( num ) :

’’’ To convert the mpz integers back to string ’’’
return str ( gmp . to_binary ( num ) [2:] , ’ ascii ’)

def rand_n ( n ) :
’’’ return a n - bit random integer ’’’

# the upper limit that fits in n bits ( n bits all 1)

upper = 2** n - 1
# the lower limit with 1 in its most significant bit
lower = 2**( n - 1)

# initialising python ’s random number generator

random . seed ( a = os . urandom (512) , version = 2)
rand_state = gmp . random_state ( random . getrandbits (4096) )
# gmpy2 also has a random number generator , now we know how to use both
x = gmp . mpz_random ( rand_state , upper )
if x < lower :
x = x + lower
return x

def rsa_keygen ( N ) :
’’’ To generate RSA key pair ’’’
pass

def main () :
status , n , e , d = rsa_keygen (2048)

if __name__ == ’ __main__ ’:
main ()

Notes:

• The status variable stores the returned Success (True) or Failure (False) status of the key
generation.
• In practice it is not recommended to use your own implementation of security primitives but in
this exercise we are interested in understanding of the primitives.
• We need the following functions from library:
next_prime()
gcd()
invert()
powmod()

6. Test the following scenario using python (and gmpy2 library) to see if it is possible: Your tutor is
sending a report about your engagement in tutorial to the lecturer and you are keen to know what

2
FIT5037 Asymmetric Key Encryption Week 3 Lab Sheet

the report says about you. You manage to intercept the communication between your tutor and
lecturer however the communication is encrypted using RSA (public key of lecturer) c = me mod n.
You think you can recover the message by performing a chosen ciphertext attack (or more accurately
an adaptive ciphertext attack). You choose a random number r and multiply re mod n to ciphertext:
t = re · c mod n and send this to the lecturer. You ask the lecturer to sign t as a test vector to verify
that you have the correct public key. The lecturer sends you back td mod n. Can you recover the
report?
Note: Generate a key pair and play all three roles yourself.