NAJEM UDDIN

2017521460117

Part I: Read this post and then answer the questions: how can we prevent
deriving of the corresponding private key from a public key? (5 points)

Elliptic Curve Crypto

So what protects your privacy and security probably more than anything else
on the Internet? That will be Elliptic Curve , and especially:
y² = x³+ax+b
where 4a³+27b² ≠ 0 (and which is need to avoid singular points). The most
popular curve is a Secp256k1 (or Curve 25519), and is defined with a=0 and
b=7:
y² = x³+7
In this, with ECC (Elliptic Curve Cryptography), we take a random number
(n), and a point on the elliptic curve (G), and then multiply them together to
produce P:
P=nG
G will be an (x,y) point on the curve that both Bob and Alice will agree to. n
will then be Bob’s private key, and P will be his public key. The challenge is
that if n is a 256-bit random value, it will be extremely difficult to find the
value, even though we know G and P.

Analysing the keys

When we generate our key pair with Openssl, we see a 256-bit private key
(and made from 32 bytes), along with a 65 bytes of a public key. The 04 at the
start of the public key is an identifier. There are two 256-bit points which
define the public key (and each are 32 bytes long):
Part II: Public and private key lab (20 points)
There are a lot of ways to generate a pair of public key/private key pair as long as you do not want to
register them for public use. For example, you can open an account for Bitcoin to receive your public
key and private key pair. Putty is something I used in the past for this but you have to convert the public
key to a format readable by openssl rsautl. This URL has that
https://superuser.com/questions/576506/how-to-use-ssh-rsa-public-key-to-encrypt-a-text. This
discussion uses Python https://stackoverflow.com/questions/30056762/rsa-encryption-and-decryption-
in-python . I looked a few and think this one https://stuvel.eu/python-rsa-doc/usage.html is the
easiest. To get more info about this implementation, go to https://github.com/sybrenstuvel/python-
rsa/tree/483700ada63972e600c7770c124f5aa0568dabf7/rsa. You may have to install the library.
Answer #1: 
It's possible to convert your ssh public key to PEM format(that
'openssl rsautl' can read it): 
Example: 
ssh-keygen -f ~/.ssh/id_rsa.pub -e -m PKCS8 > id_rsa.pem.pub
Assuming 'myMessage.txt' is your message which should be public-key
encrypted. 
Then just encrypt your message with openssl rsautl and your converted
PEM public-key as you would normally do: 

openssl rsautl -encrypt -pubin -inkey id_rsa.pem.pub -ssl -in myMessage.txt -out
myEncryptedMessage.txt
The result is your encrypted message in 'myEncryptedMessage.txt'
To test your work to decrypt the with Alice' private key: 
openssl rsautl -decrypt -inkey ~/.ssh/id_rsa -in myEncryptedMessage.txt -out
myDecryptedMessage.txt
Answered By: Dirk Thannhäuser
Answer #2: 
Give a try to ssh-vault  it uses ssh-rsa public keys to encrypt "create
a vault" and the ssh-rsa private key to decrypt "view content of the
vault"
Answered By: nbari
Answer #3: 
Why not do this the super obvious way that doesn't require rolling
your own crypto.
Alice sftps to alice@bobserver.com which is setup to only allow public
key authentication for the account alice. The properties of ssh nicely
ensure that only alice can authemticate. Even a man in the middle
attack fails since (assuming you disable ssh1 and insist on the right
settings) the initial communication using DH creates a value known to
both alice and bob but not to any man in the middle and this can be
used to authenticate that no reply or MITM attack can see the contents
of the communicatino.
So have alice sftp into your box and download the file.
Answered By: Peter Gerdes
here I install most library
Doing things in the following steps (20 points):
1. Form a team with another one or two students in the class.
2. Each student needs to generate a public key/private key pair. You may need to include the rsa
library. Once you have done that, here is how I did that
import rsa
publicKey, privateKey = rsa.newkeys(2048)
METHOD-01:
import rsa
from _cffi_backend import string

(pubkey, privkey) = rsa.newkeys(2048) # here i used 256, 512 and 1024

print("the private key is ", privkey, end="\n")
print("the public key is ", pubkey, end="\n")

str1 = b"hello wold"

c = rsa.encrypt(str1, pubkey)
print(c)
decrypt = rsa.decrypt(c, privkey)
print(decrypt.decode())
 METHOD-02:
from cryptography.fernet import Fernet
"""
Cryptography:
1.it scouring data form useful source
2.data transfer from one computer to another computer or one file to another file ;
3.E_plaintext to ciphertext(D)
4.D_ciphertext to E_plaintext
Fernet:
it build a generation key for file ;
key==fernet.generate_key();
"""
# my_file created using this with open function

key = Fernet.generate_key()

with open('my_file.a', 'wb') as Mykey:

Mykey.write(key)
with open("my_file.a", 'rb') as mykey:
key = mykey.read()
print(key)
# create a csv file
f = Fernet(key)
with open('SummerCourse.csv', 'rb') as original_file:
original = original_file.read()
# csv data encrypted and keep it enc_grades.csv
encrypted = f.encrypt(original)

with open('enc_grades.csv', 'wb') as encrypted_file:

encrypted_file.write(encrypted)

# now we decrypted data form encrypted file:

decrypted = f.decrypt(encrypted)
with open('dec_grades.csv', 'wb') as decrypted_file:
decrypted_file.write(decrypted)
 3. Print out your public key and private key. Read the document of the library and
inspect your private key. Can you easily “generate” your public key from your
private key? Please print out your public key and private key and show the n, e, d,
p, q and verify that e*d mod z is actually 1.
You need to turn this part in!!!

Sender A does the following:-

1. Obtains the recipient B's public key (n,e)(n,e).
2. Represents the plaintext message as a positive
integer mm with 1<m<n1<m<n [see note 4]. 
3. Computes the ciphertext c=memodnc=memodn.
4. Sends the ciphertext cc to B.

Decryption
Recipient B does the following:-
1. Uses his private key (n,d)(n,d) to compute m=cdmodnm=cdmodn.
2. Extracts the plaintext from the message representative mm.

4. Convert your public key into its PEM format and pass it to your team member (s);
you team member (s) encrypts a message, say, This blockchain class is the best
class ever; pass the encrypted message to you; you decrypt the message using your
private key. What function did you use (the one provided by the library) to convert
your public key into its PEM format (answer it below)?
Function name:
import rsa
# Use at least 2048 bit keys nowadays, see e.g. https://www.keylength.com/en/4/
publicKey, privateKey = rsa.newkeys(2048)

# Export public key in PKCS#1 format, PEM encoded

publicKeyPkcs1PEM = publicKey.save_pkcs1().decode('utf8')
print(publicKeyPkcs1PEM)
# Export private key in PKCS#1 format, PEM encoded
privateKeyPkcs1PEM = privateKey.save_pkcs1().decode('utf8')
print(privateKeyPkcs1PEM)

# Save and load the PEM encoded keys as you like

# Import public key in PKCS#1 format, PEM encoded

publicKeyReloaded = rsa.PublicKey.load_pkcs1(publicKeyPkcs1PEM.encode('utf8'))
# Import private key in PKCS#1 format, PEM encoded
privateKeyReloaded = rsa.PrivateKey.load_pkcs1(privateKeyPkcs1PEM.encode('utf8'))

plaintext = "This blockchain class is the best class ever".encode('utf8')

print("Plaintext: ", plaintext)

ciphertext = rsa.encrypt(plaintext, publicKeyReloaded)

print("Ciphertext: ", ciphertext)

decryptedMessage = rsa.decrypt(ciphertext, privateKeyReloaded)

print("Decrypted message: ", decryptedMessage)
 5. Pass the decrypted message back to your team member, verify that and make sure
the decrypting process works. Ask your teammate (s) to send you an email or
WeChat message that either confirms or denies that the decrypting process works.
You can do this several times until this works.
You need to turn this part in as a screen dump!!!
from cryptography.fernet import Fernet
"""
Cryptography:
1.it scouring data form useful source
2.data transfer from one computer to another computer or one file to another file ;
3.E_plaintext to ciphertext(D)
4.D_ciphertext to E_plaintext
Fernet:
it build a generation key for file ;
key==fernet.generate_key();
"""

# my_file created using this with open function

key = Fernet.generate_key()
with open('my_file.a', 'wb') as Mykey:
Mykey.write(key)
with open("my_file.a", 'rb') as mykey:
key = mykey.read()
print(key)
# create a csv file
f = Fernet(key)
with open('SummerCourse.csv', 'rb') as original_file:
original = original_file.read()
# csv data encrypted and keep it enc_grades.csv
encrypted = f.encrypt(original)

with open('enc_grades.csv', 'wb') as encrypted_file:

encrypted_file.write(encrypted)

# now we decrypted data form encrypted file:

decrypted = f.decrypt(encrypted)
with open('dec_grades.csv', 'wb') as decrypted_file:
decrypted_file.write(decrypted)
 csv file:
i will include in csv file with this pdf ...
please open this file and look our sendig text

6. Reverse the process with your teammate for steps 4 and 5.

7. import rsa
from _cffi_backend import string

(pubkey, privkey) = rsa.newkeys(2048) # here i used 256, 512 and 1024

print("the private key is ", privkey, end="\n")
print("the public key is ", pubkey, end="\n")

str1 = b"hello wold"

c = rsa.encrypt(str1, pubkey)
print(c)
decrypt = rsa.decrypt(c, privkey)
print(decrypt.decode())
8. Remember we discussed that we can use private key to encrypt but use public key
to decrypt. Can you do that here? Here to accomplish the same, you use sign and
verify function. Show you code of signing and verify message  b'I love This
blockchain class!!!' [Not the b is necessary part of the test. User SHA-256
for this.]
Show your code here!
 output
Public key:
(n=0x9a11485bccb9569410a848fb1afdf2a81b17c1fa9f9eb546fd1deb873b49b693a4edf20eb8362c085cd
5b28ba109dbad2bd257a013f57f745402e245b0cc2d553c7b2b8dbba57ebda7f84cfb32b7d9c254f03dbd01
88e4b8e40c47b64c1bd2572834b936ffc3da9953657ef8bee80c49c2c12933c8a34804a00eb4c81248e01f,
e=0x10001)
-----BEGIN PUBLIC KEY-----
MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCaEUhbzLlWlBCoSPsa/fKoGxfB
+p+etUb9HeuHO0m2k6Tt8g64NiwIXNWyi6EJ260r0legE/V/dFQC4kWwzC1VPHsr
jbulfr2n+Ez7MrfZwlTwPb0BiOS45AxHtkwb0lcoNLk2/8PamVNlfvi+6AxJwsEp
M8ijSASgDrTIEkjgHwIDAQAB
-----END PUBLIC KEY-----
Private key:
(n=0x9a11485bccb9569410a848fb1afdf2a81b17c1fa9f9eb546fd1deb873b49b693a4edf20eb8362c085cd
5b28ba109dbad2bd257a013f57f745402e245b0cc2d553c7b2b8dbba57ebda7f84cfb32b7d9c254f03dbd01
88e4b8e40c47b64c1bd2572834b936ffc3da9953657ef8bee80c49c2c12933c8a34804a00eb4c81248e01f,
d=0x318ab12be3cf0d4a1b7921cead454fcc42ba070462639483394d6fb9529547827e9c8d23b294a8e01f
8a1019da34e350f2307740e06a270bef1fe646e6ad213e31b528fdd5f5d03e633c07c44755ed622a629d79e
822c095ebdf9cc80e517b5566dd3d3e5b16ec737987337a0e497fdba4b5ad97af41c1c3cdd87542a4637d8
1)
-----BEGIN RSA PRIVATE KEY-----
MIICXAIBAAKBgQCaEUhbzLlWlBCoSPsa/fKoGxfB+p+etUb9HeuHO0m2k6Tt8g64
NiwIXNWyi6EJ260r0legE/V/dFQC4kWwzC1VPHsrjbulfr2n+Ez7MrfZwlTwPb0B
iOS45AxHtkwb0lcoNLk2/8PamVNlfvi+6AxJwsEpM8ijSASgDrTIEkjgHwIDAQAB
AoGAMYqxK+PPDUobeSHOrUVPzEK6BwRiY5SDOU1vuVKVR4J+nI0jspSo4B+KEBna
NONQ8jB3QOBqJwvvH+ZG5q0hPjG1KP3V9dA+YzwHxEdV7WIqYp156CLAlevfnMgO
UXtVZt09PlsW7HN5hzN6Dkl/26S1rZevQcHDzdh1QqRjfYECQQDGDUIQXlOiAcGo
d5YqAGpWe0wzJ0UypeqZcqS9MVe9OkjjopCkkYntifdN/1oG7S/1KUMtLoGHqntb
c428zOO/AkEAxyV0cmuJbFdfM0x2XhZ+ge/7putIx76RHDOjBpM6VQXpLEFj54kB
qGLAB7SXr7P4AFrEjfckJOp2YMI5BreboQJAb3EUZHt/WeDdJLutzpKPQ3x7oykM
wfQkbxXYZvD16u96BkT6WO/gCb6hXs05zj32x1/hgfHyRvGCGjKKZdtwpwJBAJ74
y0g7h+wwoxJ0S1k4Y6yeQikxUVwCSBxXLCCnjr0ohsaJPJMrz2L30YtVInFkHOlL
i/Q4AWZmtDDxWkx+bYECQG8e6bGoszuX5xjvhEBslIws9+nMzMuYBR8HvhLo58B5
N8dk3nIsLs3UncKLiiWubMAciU5jUxZoqWpRXXwECKE=
-----END RSA PRIVATE KEY-----
Encrypted:
b'99b331c4e1c8f3fa227aacd57c85f38b7b7461574701b427758ee4f94b1e07d791ab70b55d672ff55dbe13
3ac0bea16fc23ea84636365f605a9b645e0861ee11d68a7550be8eb35e85a4bde6d73b0b956d0008664255
11c7920cdc8a3786a4f1cb1986a875373975e158d74e11ad751594de593a35de765fe329c0d3dfbbfedc'
Decrypted: b'A message for encryption'