REPORT

LAP 2

22/10/2023
Network Security
Full Name: Đoàn Văn
Hoàng 19071041
Cryptographic concepts are fundamental to the field of information security and involve
techniques for protecting data by making it unreadable to unauthorized users. Here are the
basics of cryptographic concepts:

1. Encryption: Encryption is the process of converting plain, readable text (plaintext) into an
unreadable form (ciphertext) using a specific algorithm and a key. The key is required to
decrypt the ciphertext back into plaintext.

2. Decryption: Decryption is the reverse process of encryption, where ciphertext is transformed

back into plaintext using the appropriate decryption algorithm and key. Only those with the
correct key can perform decryption.

3. Symmetric Encryption: In symmetric encryption, the same key is used for both encryption
and decryption. This makes it faster but requires secure key distribution to prevent unauthorized
access.

4. Asymmetric Encryption: Asymmetric encryption uses a pair of keys, a public key for
encryption and a private key for decryption. This enables secure communication without the
need for secure key exchange. It's slower but more secure for certain use cases.

5. Key Management: Managing encryption keys is crucial in cryptography. Keys must be kept
secret and secure to maintain the confidentiality of data. Key management involves generation,
distribution, storage, rotation, and revocation of keys.

6. Hash Functions: Hash functions are one-way mathematical functions that transform data into
a fixed-length string of characters, called a hash value. They are used for data integrity and
password storage. Even a small change in the input results in a vastly different hash value.

7. Digital Signatures: Digital signatures are a way to ensure the authenticity and integrity of a
message or document. They use asymmetric encryption to create a unique digital signature that
can be verified using the corresponding public key.

8. Public Key Infrastructure (PKI): PKI is a system of hardware, software, policies, and
standards that work together to provide a framework for secure communications. It includes the
management of digital certificates and public-private key pairs.

9. Cryptographic Protocols: These are sets of rules and procedures for secure communication.
Examples include SSL/TLS for secure web browsing, SSH for secure shell access, and IPsec for
secure network communication.

2
REPORT LAP 2
10. Cryptanalysis: Cryptanalysis is the science of analyzing and breaking cryptographic
systems. Cryptanalysts try to find weaknesses or vulnerabilities in encryption algorithms to
decrypt data without the key.

11. Authentication: Cryptography is used to ensure the identity of users, systems, or entities. It
prevents unauthorized access by confirming the legitimacy of a party through various
authentication methods.

12. Steganography: Steganography is the practice of hiding information within other data, such
as images or audio files, without the apparent presence of hidden information. It's a way of
covert communication.

13. Cipher: A cipher is an algorithm used for encryption and decryption. It specifies how
plaintext is transformed into ciphertext and vice versa.

Part 1: Running an RSA cipher Demonstration

Activity:
1. Use your web browser to go to https://people.cs.pitt.edu/~kirk/cs1501/notes/rsademo/.
2. Read the information about the demonstration.
3. Click key generation page.
4. Change the first prime number (P) to 7.
5. Change the second prime number (Q) to 5.
6. Click Proceed.

7. Read the information in the popup screen and record the necessary numbers. Close the screen
when finished.
3
REPORT LAP 2
8. Click Encryption Page.
9. Next to Enter Alice’s exponent key, E: enter 5 as the key value from the previous screen.
10. Next to Enter Alice’s N Value: enter 35.
11. Click Encrypt. Read the message and record the values. Close the screen when finished.

12. Click Decryption Page.

13. Next to Enter the encrypted message enter 1.
14. Next to Enter your N value: enter 35.
15. Next to Enter your private key, D: enter 5.
16. Click Proceed. Note that 1 has been decrypted to A.

17. Close all windows.

Part 2: Blockchain tutorial

4
REPORT LAP 2
Activity:

1. Use your web browser to go to https://andersbrownworth.com/blockchain/

2. Watch the video Blockchain 101 – a Visual demo and Blockchain 101 – Part 2
Public/Private Key signing.
3. When the videos have completed click Hash.
4. In the Data: box, enter This is data set 1 and note how the hash changes as you enter
each letter.

5. Now change the 1 to 2. What happens to the hash?

After changing the data from 1 to 2, the hash function changes but the length remains the same

6. Click Block.

5
REPORT LAP 2
7. What new fields have been added?
1 field is added which is Nonce
8. Click Blockchain. scroll to the right to see all the blocks in the chain. look at the Prev: for
Block #5. compare that with the hash: of Block #4. are they identical? Why?

Answer:
These 2 blocks have the same hash and prev fields
The similarity between the hash of the next block and the previous block's hash is a way to
ensure the integrity of the blockchain. When a new block is added to the blockchain, it must
correctly reference the previous block. If any information in the previous block is altered, its
hash will change, and therefore, the new block can't correctly reference it. This makes it very
difficult to tamper with the transaction history, as changing it would require altering the entire
chain afterward, which needs to be done on multiple nodes within the blockchain network,
making it extremely challenging to do without detection.
9. Compare the Prev: and hash: of each block with the former block.
10. Return to Block #5. enter This is data set 5. What happens to the color of the block?
6
REPORT LAP 2
Why is this block now invalid?

Answer:
It's considered invalid because it doesn't fit within the established rules of the blockchain's
consensus mechanism, which relies on the immutability and consistency of data throughout the
chain. Once a block is altered in such a way that its hash doesn't match the reference stored in
the next block, it becomes invalid, and the blockchain network would reject it. This is a
fundamental feature of blockchain technology that ensures the security and trustworthiness of
the data stored within it.

11. go to Block #4. enter This is data set 4. What happens to the color of Blocks #4 and #5?
Why?

Answer:
After changing the block's data, the color of block 4 changes to red, indicating an error.
The primary purpose of a blockchain is to secure and maintain the integrity of the data within
the blocks, ensuring that data remains unchanged and that blocks are connected in a secure,
7
REPORT LAP 2
immutable manner through cryptographic hashes. The content of the data (e.g., "This is data set
4") is hashed to create the block's unique identifier. So, changing the data will result in a new
hash, and any subsequent blocks that reference Block #4 will need to be updated to point to this
new hash. This is how the blockchain ensures data consistency and security.

12. return to Block #5. click Mine to correct the information in the block.

13. return to Block #3. enter This is data set 3. What happens to Blocks #3, #4, and #5?
Why? how does this illustrate that the blockchain resists change?

Answer:
Break down what would happen if you were to return to Block #3 and modify its data, in this
case, entering "This is data set 3."
Altering Block #3: When you change the data in Block #3, you'd need to recalculate the
block's hash (a unique cryptographic fingerprint of the block). Since the block's data has
changed, the hash will no longer match the one recorded in Block #4.
Updating Block #4: To maintain the integrity of the chain, you must also update Block #4
since it references Block #3. This involves recalculating the hash for Block #4.
Updating Block #5: Similarly, Block #5, which references Block #4, would also need to be
updated, along with its hash.

14. In Block #3 click Mine. What happens to the color of this block?

8
REPORT LAP 2
15. go to Block #4 and click Mine.
16. go to Block #5 and click Mine.
17. If you were to make a change to Block #5, on which block must you click Mine to correct
it? If you were to make a change to Block #3, on which blocks must you click Mine? Why
the difference?
Answer:
If you were to make a change to Block #5, you would need to click "Mine" on Block #6 to
correct it. This is because Block #6 references the hash of Block #5, so changing the data in
Block #5 would affect the hash of Block #5. Miners would then have to recalculate the hash of
Block #6 to make sure it matches the new hash of Block #5.
On the other hand, if you were to make a change to Block #3, you would need to click "Mine"
on Blocks #4, #5, and #6 to correct the blockchain. This is because Block #4 references the hash
of Block #3, Block #5 references the hash of Block #4, and Block #6 references the hash of
Block #5. Changing the data in Block #3 would affect the hash of Block #3, which, in turn,
affects the hashes of all subsequent blocks.
The difference in the number of blocks you need to "Mine" when making changes to Block #3
versus Block #5 is due to the fact that any change in a block's data or structure requires
recalculating the hash of the block itself and all subsequent blocks. When you change Block #5,
you only need to recalculate the hash for the next block (Block #6). However, when you change
Block #3, you must update the hashes of all blocks that reference it, leading to a cascade effect,
with each subsequent block needing to be mined again. This illustrates the principle of
immutability in blockchain, where changes to earlier blocks become progressively more
difficult and resource-intensive, emphasizing the security and resistance to alteration in the
chain.

18. Close all windows.

Part 3: SSL server and client tests

1 Go to https://www.ssllabs.com/.

9
REPORT LAP 2
 2 Click Test your server >>.

3. Click the first website listed under recent best.

4. Note the grade given for this site. Under Summary, note the Overall rating along with
the scores for Certificate, Protocol Support, Key exchange, and Cipher Strength, which
make up the cipher suite.
5. If this site did not receive an Overall Rating of A under Summary, you will see the
10
REPORT LAP 2
reasons listed. Read through these. Would you agree? Why?
Answer:
+ If I hadn't seen this review I would still read it but I don't know if this site is sure about
security or what this site has.

6. Scroll through the document and read through the Certificate #1 information. Note the
information supplied regarding the digital certificates. Under Certification Paths, click
Click here to expand, if necessary, to view the certificate chaining. What can you tell
about it?
Ans
In Certification Paths, there are certificates for each operating system, which shows that this
website has been moderated and is safe for users.

7. Scroll down to Configuration. Note the list of protocols supported and not supported. If
this site were to increase its security, which protocols should it no longer support? Why?
Ans
Because TLS 1.0 and TLS 1.1: These are older versions of the TLS protocol and have known
security weaknesses. It's advisable to disable support for these versions and prefer TLS 1.2 or
higher.

8. Under Cipher Suites, interpret the suites listed. Notice that they are given in serverpreferred
order. To increase its security, which cipher suite should be listed first? Why?
Ans:
By placing these strong cipher suites at the top of the preference list, the server can ensure that
the most secure option is used when negotiating a secure connection with clients. Older and less
secure cipher suites, as well as deprecated or known-to-be-weak algorithms, should be listed
further down in the preference order to discourage their use and enhance the overall security of
the website.

9. Under handshake simulation, select the web browser and operating system that you
are using or that are similar to what you are using. Read through the capabilities of this
client interacting with this web server. Note particularly the order of preference of the
cipher suites. Click the browser’s back button when finished.
10. Scroll to the top of the page, and then click Scan Another >>.
11. Select one of the recent worst sites. Review the Summary, Authentication,
Configuration, Cipher Suites, and handshake simulation. Would you agree with this
site’s score?

11
REPORT LAP 2
12. If necessary, return to the SSL report page, and then click Scan Another >>.

13. Enter the name of your school or work URL and generate a report. For example, you can
generate a report for vnu.edu.vn or is.vnu.edu.vn. What score did it receive?

12
REPORT LAP 2
14. Review the Summary, Authentication, Configuration, Cipher Suites, and handshake
simulation. Would you agree with this site’s score?
15. Make a list of the top five vulnerabilities that you believe should be addressed in order
of priority. If possible, share this list with any IT personnel who may be able to take
action.
16. Click Projects.
17. Now test the capabilities of your web browser. Click SSL Client Test. Review the
capabilities of your web browser. Print or take a screen capture of this page.

13
REPORT LAP 2
18. Close this web browser.
19. Open a different web browser on this computer or on another computer.
20. Return to www.ssllabs.com, click Projects, and then click SSL Client Test to compare the
two scores. From a security perspective, which browser is better? Why?

14
REPORT LAP 2
21. Close all windows.

Part 4 Viewing digital certificates

1. Use the Google Chrome web browser to go to www.google.com.
2. Note the padlock in the address bar. Although you did not
enter https://, Google created a secure HTTPS connection.
Why would it do that?
Ans:
Google and many other websites use a feature called HTTP Strict Transport Security (HSTS) to
automatically switch the connection from HTTP to HTTPS, even if you initially enter the site's
address without specifying "https://." This is done for several important security reasons:
1. Data Security: HTTPS encrypts the data transmitted between your browser and the
website's server, making it much more secure. If you were to enter sensitive information
like passwords or credit card details on an HTTP connection, it would be vulnerable to
eavesdropping. Automatic redirection to HTTPS helps protect your data.
2. Preventing Man-in-the-Middle Attacks: Without HSTS, an attacker could potentially
intercept your connection and redirect you to a malicious website without your
knowledge. With HSTS and automatic HTTPS, it becomes much more difficult for
attackers to perform man-in-the-middle attacks.

15
REPORT LAP 2
 3. Consistency: Using HTTPS by default ensures a consistent, secure browsing experience.
It reduces the chance of users inadvertently using an insecure connection when they
didn't specify "https://" in the address.
4. User Experience: Users may not always remember to type "https://" in front of URLs.
Automatic redirection to HTTPS helps ensure a seamless and secure browsing
experience.
5. Trust: Websites using HTTPS are generally considered more trustworthy, and users are
more likely to feel confident about sharing sensitive information on secure connections.
HSTS is a web security policy mechanism that forces web browsers to interact with a website
only over secure connections. It does this by including the "Strict-Transport-Security" HTTP
header in the response from the web server, which tells the browser to automatically switch to
HTTPS for all future interactions with that domain. Once the browser receives this header, it
will remember the directive for a specified period (max-age) and always use HTTPS when
communicating with that website.

3. Click the three vertical buttons at the far edge of the address bar.
4. Click More tools.
5. Click developer tools.
6. Click the Security tab, if necessary. (If the tab does not appear, click the >> button
to display more tabs.)
6. Read the information under Security Overview.

7. Click View certificate.

16
REPORT LAP 2
9. Note the general information displayed on the Generaltab.
10. Now click the details tab. The fields are displayed for this X.509 digital certificate.
11. Click Valid to to view the expiration date of this certificate.
12. Click Public key to view the public key associated with this
digital certificate. Why is this site not concerned with
distributing this key? How does embedding the public key in a
digital certificate protect it from impersonators?
Ans:
Clicking on "Public key" to view the public key associated with a digital certificate is not a
common practice in web security. Typically, web users don't need to access or view the public
key directly. The public key is an integral part of the digital certificate, and its primary purpose
is to establish a secure and encrypted connection between the user's browser and the web server.
The certificate itself contains the public key, and it's automatically used during the SSL/TLS
handshake process to secure the communication.
Regarding your question about why a website might not be concerned with distributing its
public key separately, there are a few reasons for this:
1. Certificate Distribution: The public key is distributed as part of the digital certificate.
When a user visits a secure website, the web server presents its certificate during the
SSL/TLS handshake, and the user's browser automatically extracts the public key from
the certificate. There's no need for the user to separately download the public key.
2. Security: Distributing the public key separately would introduce additional security risks.
If the public key were publicly available and easily accessible, it could potentially be
misused or subjected to various attacks.
3. Simplicity: The process of accessing a website securely is made simple by incorporating
the public key into the digital certificate. This reduces the complexity for users and
ensures that encryption is automatically applied to protect data in transit.
17
REPORT LAP 2
Regarding the question of how embedding the public key in a digital certificate protects it from
impersonators, here's how it works:
 When a user's browser connects to a secure website, the server presents its digital
certificate.
 The certificate contains the website's public key and is signed by a trusted certificate
authority (CA). The CA's signature on the certificate provides assurance that the public
key belongs to the legitimate website owner.
 The user's browser, which has a list of trusted CAs, verifies the certificate's authenticity
by checking the CA's signature. If the certificate is valid, the browser extracts the public
key.
 The browser and the web server then engage in an SSL/TLS handshake to establish a
secure encrypted connection. The server uses its private key (matching the public key in
the certificate) to encrypt data and the user's browser uses the public key to decrypt it.
 Impersonators, without access to the private key corresponding to the public key in the
certificate, cannot establish a valid encrypted connection. They would not have a
legitimate certificate signed by a trusted CA, and their attempts to impersonate the
website would be detected.

13. Click the Certification Path tab. Because web certificates are based
on the distributed trust model, there is a path to the root
certificate. Click the root certificate, and then click the View
Certificate button. Click the details tab, and then click Valid to.
Why is the expiration date of this root certificate longer than that
of the website certificate? Click Ok and then click Ok again to close
the Certificate window.

14. Click Copy to File.

15. Click Next.
18
REPORT LAP 2
16. Note the different file formats that are available. What do you know about each
of these formats?
17. Click Cancelto close this window.
18. Close all windows.

19
REPORT LAP 2