Cybercrime techniques and Response CIS552

Lab #2 – Lab Assessment Worksheet

Applying Encryption and Hashing Algorithms for Secure Communications:

Cybercrime techniques and Response CIS552

  • Compare the hash values that were calculated for txt that you documented during this lab. Explain in your own words why the hash values will change when the data is modified.

MD5sum – 46edc6541babd006bb52223c664b29a3

SHA1sum – a6f153801c9303d73ca2b43d3be62f44c6b66476

They will change because the hash values are calculated based of the text that exist so if that changes so will the hash values.

  • Why are the MD5sum and SHA1sum hash values the same every time you calculate for the txt file? What would be the significance if they were different when you re-calculated the hash value at the other end?

The hash is the same because the file is still the same, the hash will only change when the file changes. If the Hash change at the other end would mean that something has changed since it was first calculated.

  • If you want secure email communications without encrypting an email message, what other security countermeasure could be deployed to ensure message integrity?

You could use Digital signature.

  • What is the -e switch used for with running the GnuPG command?

Encrypt data and can be used with –sign.

  • What is the difference between MD5sum and SHA1sum hashing calculations? Which is better and why?

Primary difference between the older MD5 and the newer SHA1sum hashes is that MD5 produces a 128-bit output while SHA1sum produces a 160-bit output. SHA1sum is better because it is newer and produces 160-bit. SHA1 is recommended more than md5 for hashing since md5 is practically broken as lot of collisions have been found.

  • Name the cryptographic algorithms used in this lab.

MD5sum and SHA1sum hash values.

  • What is needed if you want to decrypt encrypted messages and files from a trusted sender?

To decrypt a message the option --decrypt is used. You need the private key to which the message was encrypted.

  • What is the -d switch used for when running the GnuPG command?

Decrypt file and write it to stdout. It will also verify the signature if the file is signed.