How to Perform Cryptography? Practical

Using HashCalc to Calculate One-Way Hashes

HashCalc is an efficient tool to calculate message digests, checksums, and HMACs of files, text, and hex strings. 

The information in files are distilled by message digests and one-way hash functions into a single fixed-length number. Generally, the length of these numbers is 128 or 256 bits. When the function’s input bit is modified, the output bit is also likely to change. 

In this practical, let’s see how to use HashCalc for monitoring of file integrity.

  1. Open Windows Server 2016.
  2. Open HashCalc app from the Desktop.
  3. When the primary window of HashCalc comes, choose the Data Format type (here, Text string).
  4. Since we have chosen the Text string, the app will accept text strings and turn them to their relevant hashes. Enter the data that you want to calculate. Select the relevant Hash algorithm by choosing their relevant checkboxes. 

Here, we are selecting MD5, SHA1, RIPEMD160, and CRC32 hash algorithms. Click on Calculate once the selection is done.

  1. The app will start the calculation and show the results. The role of Hash calculation is to check data integrity.
  2. For instance, let’s create a text file that contains our personal data and save it on Desktop.
  3. Open HashCalc and select File when specifying the Data Format
  4. Click on Ellipses near the Data field to specify the file path.
  5. When the Find window comes, go to the file location and choose the file for which we want to calculate the hashes. Click on Open.
  6. Now, select the hash values and click on Calculate. Write down the hash values generated by the app and close the window. 
  7. Suppose that somebody has found the access to your device and made changes to the file that contains your personal data and saved it. 
  8. Open HashCalc and perform the calculation of hash values of the modified file. Make sure to use the same hash values that we used in Step 10. Click on Calculate.
  9. When it shows the results, you will see a difference in the hash values of the modified file, showing that somebody made changes to it. 
  10. Close all the windows on lab completion. 

Using CryptoForge to Understand File & Text Encryption

CryptoForge is a reliable tool to check file encryption for personal and corporate data security. It is used for protection of confidential files, folders, and emails by enabling encryption using strong algorithms.

  1. Open Windows 10.
  2. Open CryptoForge software. Go to Module 20 Cryptography\Cryptography Tools\CryptoForge and right-click on the Confidential.txt file. Then click on Encrypt from the menu.
  3. When the Enter Passphrase – Cryptoforge Files window comes, enter a password in Passphrase and then confirm it. Click on OK. Here we are using qwerty@123 as password.
  4. It will encrypt the file in the same location. Also, it will delete the old file automatically.

Now, this file can be accessed only if someone enters the password. If you share the file with someone, you also need to share the password to allow them to access the file. 

  1. For instance, you are sharing this file via a shared network drive.
  2. Open Windows Server 2016.
  3. Install CryptoForge
  4. Double-click on the encrypted file to decrypt it and see the content. 

When the Enter Passphrase – CryptoForge Files window comes, enter the password and click on OK.

  1. When you enter the password, it will decrypt the file. You can see the content on it. 

This is how you can encrypt a file using CryptoForge. Now, let’s understand how to send encrypted messages. 

  1. Click on Start in Windows Server 2016. Click on CryptoForge Text.
  2. When the CryptoForge Text window comes, click on OK.

Write a message in the CryptoForge Text window and click on Encrypt in the toolbar.

  1. When the Enter Passphrase – CryptoForge Text window comes, enter a password and confirm it. Click on OK. Here we are using test@123 as password. 
  2. It will encrypt your message. Now save the file by clicking on File > Save
  3. When the Save As window comes, go to Module 20 Cryptography\Cryptography Tools\CryptoForge, write a filename (Credentials.cfd), and click on Save.

Let’s suppose that you are sharing the file via a mapped network drive and sending the decryption password through an email or any other form. 

  1. Open Windows 10 and go to Module 20 Cryptography\Cryptography Tools\CryptoForge. Check the encrypted file there and open it.
  2. When the CryptoForge window comes, click on OK. It will show the message in encrypted form. Click on Decrypt
  3. When the Enter Passphrase – CryptoForge Text window comes, enter the password and click on OK.
  4. The CryptoForge Text window comes showing the message as plain-text. You have shared an encrypted file and message to someone. It helps you to share confidential information via email with encryption enabled. 
  5. Close the windows once the lab is completed. 

Create and Use Self-Signed Certificate

The role of a self-signed certificate is primarily for testing servers. It works as an identity certificate for the person who has signed it. Such a certificate has the public and private keys of the user, which are created using tools like Adobe Reader, Apple Keychain, etc. 

The certificate is signed using a public key. For the verification of the certificate, the receiver needs the private key.

In this practical, let’s understand how to create a self-signed certificate.

  1. Open Windows Server 2016.
  2. Before starting this practical lab, make sure to check whether there are any existing self-signed certificates on your local sites. To check this, open a web browser and visit https://goodshopping.com.

Since we are browsing with https, the site is showing an error because it doesn’t have a self-signed certificate. 

  1. Open Windows Administrative Tools from the Start menu. Click on the Internet Information Services (IIS) Manager app. 
  2. When the IIS Manager window comes, click on Machine in the Connections pane. Then, double-click on Server Certificates.

If you see the Do you want to get started with Microsoft Web Platform pop-up, click on Cancel

  1. From the Server Certificates window, click on Create Self-Signed Certificate under the Actions.
  2. When the Create Self-Signed Certificate wizard comes, enter a name in the Specify a friendly name

Select Personal from the Select a certificate store and click on OK. Here, let’s create a self-signed certificate for goodshopping.com.

  1. You can see the New Self-Signed Certificate in the Server Certificates.
  2. Expand Sites node, choose Goodshopping from the Connections, and click on Bindings
  3. When the Site Bindings wizard comes, click on Add.
  4. When the Add Site Binding window comes, select https from the Type:. This will automatically change the Port field to 443.

Select the IP address where the site is hosted or let the default setting remain as it is. Enter the Host name (goodshopping.com).

  1. From the SSL Certificate filed, select Goodshopping and click on OK.
  2. You can see the created SSL certificate from the Site Bindings wizard. Click on Close
  3. Right-click on the site name for which the self-signed certificate has been created. Click on Refresh and Minimize the IIS Manager window.
  4. Open a web browser and visit https://goodshopping.com. It will show the connection is not private. Click on Advanced and then click on Proceed to www.goodshopping.com (unsafe).
  5. Now, it will show the Goodshopping site with an SSL certificate assigned to it. 
  6. Close the windows once the lab is complete. 

Similar Posts

One Comment

Leave a Reply

Your email address will not be published. Required fields are marked *