For gifted writer

Crypto Lab: Secret
Key Encryption

Overview

The learning objective of this lab is for

students to become familiar with the

concepts used in secret-key encryption.

In this lab, you will use encryption

algorithms, encryption modes, paddings,

and initial vector (IV) parameters. After

completing the lab, you will be able to

use tools and write programs to encrypt

and decrypt messages.

Note

Note: This lab is based on the

Secret Key Encryption Labs from

Wenliang Du from Syracuse

University.

Lab Environment

You will complete this lab using the AWS

Educate classroom. Specifically, you will

use an AWS EC2 Linux instance to

complete the majority of the steps. Other

tools that will be used for this lab

include:

PuTTY, an SSH tool to connect the

Linux environment

FileZilla (or similar), a secure FTP

tool to transfer files to and from the

Linux environment

Lab Submission

After you have completed this lab,

document your findings, addressing and

responding to all the questions and

actions required in each step. When

documenting your findings, provide

screen captures with detailed, well-

written descriptions of the results and

fully answer each question. Use the

provided Secret Key Lab Instructions

Template to submit your lab findings.

Lab Tasks

To successfully complete this lab, you

must perform all of the following tasks.

Start Your EC2 Instance

To start an EC2 Linux instance, log in to

your AWS Educate classroom and open

the AWS console. Detailed instructions

for starting EC2 instance are found

in Starting an EC2 Instance .

Configure the Security Group

Now that the instance is running,
we can connect to it. However, we
must make sure that connections
are limited to the individual
student who created the instance.
Security groups provide this ability
by allowing the user to specify a
unique IP address to connect to
the instance.

Detailed instructions for configuring the

security group are found in Configuring
the Security Group .

Record the Instance IP Address

To connect to the EC2 instance, the IP

address must be known. To determine

the IP address, open the EC2 dashboard

and click on the running instances. Click

on the specific instance you previously

launched and record the IPv4 Public IP

address.

Source: AWS Educate, UMGC Virtual Labs

In this example, the IPv4 Public IP

address is 18.234.249.107. Your IPv4

Public IP will be different.

Connect to the Server

You can use PuTTY to SSH from your

desktop. You can also use SSH directly

from Windows 10 or Mac machines. If

you are using PuTTY to SSH from a

Windows machine, the private key you

previously downloaded from AWS must

be modified to work within PuTTY. Use

PuTTYGen to generate the key.

Directions on how to install and use

PuTTYGen are found here:

https://www.puttygen.com/

Once the PuTTY key has been generated,

launch PuTTY and connect to the

instance by using the ec2-

user@IPaddress for the SSH port 22,

then click Open.

AWS Educate, UMGC Virtual Labs

You will receive a security alert the first

time you connect. Accept that to

continue.

Once connected, you will see the

command prompt as shown below.

Source: AWS Educate, UMGC Virtual Labs

Introduction

Encryption is used in our lives in a daily

basis with applications including

protecting data transmitted between two

devices, online banking, e-commerce

using HTTPS protocols, Voice-Over-IP

and many other application. If conducted

properly, only authorized parties are able

to read the contents of the transmitted

messages.

Many secure cryptographic algorithms

exist to protect the transmission of our

private and sensitive data. When

vulnerabilities occur, they are often

caused by incorrect use or

implementation of an encryption

algorithm.

Recall secret-key encryption uses the

same key for both encryption and

decryption. Secret-key encryption is also

referred to as symmetric encryption

whereas public-key encryption, which

uses different keys for encryption and

decryption, is referred to as asymmetric

encryption.

In this lab, we will research common

implementation errors in secret-key

encryption algorithms that may result in

security breaches. Specifically, we will

look at the following case studies:

Monoalphabetic Substitution

Cipher

Different Ciphers and Modes

Initial Vectors

Monoalphabetic Substitution Cipher

In a substitution cipher, the letters of a

message are changed but their positions

do not. For example, consider the

following original message:

Meet Joe at the
Coffee Shop. He
has the
instructions for
you.

If we substitute the letter e for w, the

original message becomes:

Mwwt Jow at thw
Coffww Shop. Hw
has thw
instructions for
you.

If we continue to substitute each letter of

the alphabet with another letter, make all

letters lower case, and remove

punctuation, the original message begins

to look quite different.

dwwi cyw zi ihw
tyqqww jhyv hw
hzj ihw
kfjisxtikyfj qys
byx

It is well known that monoalphabetic

substitution ciphers (also known as

monoalphabetic ciphers) are not secure,

because they can be subjected to

frequency analysis.

Specifically, this cipher could be broken

through frequency analysis where certain

letters and combinations of letters occur

more frequently than others. A clever

analyst can start with commonly used

one-, two-, or three-letter word

combinations and substitute into the

encrypted message until a pattern begins

to emerge. In this case, we already know

the original message, but even if we

didn’t, we could start guessing common

alphabet patterns and decrypt the

message.

Using the common single and double

letters for the English language, we can

begin to piece the message together.

According to information from

http://www.richkni.co.uk/php/crypta/fre

q.php , the most commonly used

letters are “e”, ”a”, “o”, ”i”, “n”, “s”, “h”, and

“r”. The most commonly used trigrams (3-

letter combinations) according to

https://en.wikipedia.org/wiki/Trigram

are: “the”, “and”, “tha”, “ent”, “ing”, “ion”,

“tio”, and “for”.

When doing this manually, looking for

patterns in trigrams first, may lead to

some initial success. If we assume we

have a popular 3-letter trigram in our

message we could initial substitute “the”

for “ihw”. There are quite a few “ihw’s”

found. Substituting all of them yields this

revised and partially decoded message:

deet cye zt the
tyqqee jhyv he
hzj the
kfjtsxttkyfj qys
byx

Looking at common bigrams from

https://en.wikipedia.org/wiki/Bigram ,

we see additional patterns to consider

such as “at”, “he” , “an”, “on”, and “in”. The

word “he” is probably already decoded

properly, but “zt” could be “at” which

means “z” should be replaced “a”. If

replace all “z’s” with “a’s” the following

message is revealed.

deet cye at the
tyqqee jhyv he
haj the
kfjtsxttkyfj qys
byx

At any point, you can begin guessing

letters to complete words and

substituting. For example, “he haj”

probably should be “he has”. Replacing j’s

with an s yields this message.

deet cye at the
tyqqee shyv he
has the
kfstsxttkyfs qys
byx

The next steps can take some trial and

error by replacing other trigrams with

common 3-letter words. If we replace

“qys” with “for” the message seems to be

taking a more readable form. It is still not

quite there but better.

deet coe at the
toffee shov he
has the
kfstrxttkofs for
box

Here is where a longer message may

actually help you decode. I have one long

word that have many unknown letters.

Continuing on, we would look at each

word or phrase and begin to make

assumptions and try combinations to see

if patterns emerge.

The first word seems close to “beet”,

“feet” or “meet”. Including the next word

leads me to believe “meet” would work

and “coe” should become “Joe”.

Substituting “m” for “d” and “j” for “c” we

get the following:

meet joe at the
toffee shov he
has the
kfstrxttkofs for
box

More trial and error is needed. Toffee is

certainly a good word but if we replaced

“toffee” with “coffee” the next word

begins to resolve to shop.

meet joe at the
coffee shop he
has the
kfstrxctkofs for
box

That last phrase still is elusive. However,

if we go back and consider popular

bigrams such as “in” and replace that for

one of the remaining bigrams (“kf”) the

most complex word in our message is

turning into something we recognize.

meet joe at the
coffee shop he
has the
instrxctions for
box

The “x” clearly needs to be a “u”.

meet joe at the
coffee shop he
has the
instructions for
bou.

The last word looks like it should actually

be “you”. Substituting “b” for “y” and

adding punctuation yields our original

phrase.

Meet Joe at the
coffee shop. He
has the
instructions for
you.

As you can see, this can be tedious and

requires the use of the common letters,

bigrams, trigrams and pattern completion

techniques. Also, you have to keep track

of the letters you have solved for as you

move through the decoding process so

you don’t accidentally change a letter you

already changed. One approach to

accomplish this is to use capital letters

for plaintext, so for each letter, we know

which is plaintext and which is

ciphertext. You can use the tr command

to do this. For example, in the following,

we replace letters a, e, and t in in.txt with

letters X, G, E, respectively; the results

are saved in out.txt.

tr ‘aet’ ‘XGE’ < in.txt > out.txt

To become comfortable in how the

monoalphabetic substitution cipher

works, use the AWS Educate classroom

to launch an EC2 instance. Then, connect

to the instance and create a file. Copy

and paste several hundred words into the

file. You can use any words you want –

perhaps from a speech or part of a book

you like. Consider the following as an

example that you can use by coping and

pasting directly into a file on your EC

Instance. Name the file “myfile.txt”.

“The nations in which women have

influenced national aims face the nation

that glorifies brute force. America

opposes the exaltation of the glittering

sword; oppose the determination of one

nation to dominate the world; opposes

the claim that the head of one ruling

family is the direct and only

representative of the Creator; and, above

all, America opposes the idea that might

makes right.

Let us admit the full weight of the

paradox that a people in the same of

peace turns to force of arms. The tragedy

for us lay in there being no choice of

ways, since pacific groups had failed to

create machinery to adjust vital

international differences, and since the

Allies each in turn, we the last, had been

struck by a foe determined to settle

disagreements by force.

Never did a nation make a crusade more

just 12 than this of ours. We were

patient, too long patient, perhaps, with

challenges. We seek no conquest. We

fight to protect the freedom of our

citizens. On America’s standard is written

democracy, on that of Germany

autocracy. Without reservation women

can give their all to attain our end.”

(Blatch, Harriot Stanton, Mobilizing

woman-power)

Source: AWS Educate, UMGC Virtual Labs

To create the cipher text version of this

file, several steps are required:

1. Convert all capital letters to

lowercase.

2. Preserve the spacing, but remove

punctuation.

3. Generate the alphabetic

substitution table (encryption key).

4. Encrypt the text.

On the EC2 instance, the following Linux

commands can be used to accomplish the

first two tasks. You run these commands

at the shell prompt.

tr [:upper:]
[:lower:] < myfile.txt >
lowercase.txt
tr -cd ‘[a-z][n]
[:space:]’ < lowercase.txt >
plaintext.txt

Source: AWS Educate, UMGC Virtual Labs

Python can be used to accomplish the

third task. Python has already been

installed on the AWS Linux instance. To

launch Python, type Python at the shell

prompt and then enter the following

commands.

import random
s =
“abcdefghijklmnop
qrstuvwxyz”
list =
random.sample(s,
len(s))
”.join(list)

The output of running this Python code

will be alphabetic substitution table. In

this example, the results were:

fpdyehjbgiknvrmlu
sxwotczaq

You results will be different.

Source: AWS Educate, UMGC Virtual Labs

The final task can be accomplished using

Linux commands (executed at the Linux

shell prompt):

tr
‘abcdefghijklmnop
qrstuvwxyz’
‘aecpqwjrhftbsulo
zmnxgydvki’
< plaintext.txt >
ciphertext.txt

Notice in each step the output of the

previous step was used as the input for

the next step. Also, be reminded the ‘’

character, at the end of the long lines,

tells the Linux process to continue to the

next line.

If you use the nano editor to view the

resulting ciphertext.txt file you will see

the resulting encrypted message.

Source: AWS Educate, UMGC Virtual Labs

Experiment with frequency analysis to

demonstrate how you can effectively

determine the encryption key and

reconstruct the original message. Your

goal is to determine the encryption key,

so that any future messages can easily be

decrypted. The encryption key (i.e.,

alphabetic substitution table) in this

specific example is:

‘fpdyehjbgiknvrml
usxwotczaq’

You can test your key by using the tr

command:

tr
‘fpdyehjbgiknvrml
usxwotczaq’
‘abcdefghijklmnop
qrstuvwxyz’
< ciphertext.txt > decrypt.txt

Source: AWS Educate, UMGC Virtual Labs

Once you are comfortable with the

process, use the same process to

determine the encryption key used to

decrypt the lab secret message (found in

the lab1cipher.txt file ). Submit the

decrypted lab secret message, along with

the encryption key with your lab

deliverable.

There are many online resources that

have been mentioned before you can

use. Here are some useful links:

http://www.richkni.co.uk/php/crypta/freq.php.

This website can produce the

statistics for a ciphertext, including

Course Resource

Print

5/6/21, 2:39 PM
Page 1 of 1