This is a Clilstore unit. You can link all words to dictionaries.

UNIT 1- ACTIVITY 1 ENCRYPTING A SECRET MESSAGE

 

UNIT 1 SECURITY AND PRIVACY.

 

INTRODUCTION



In this part of the unit we are talking about how to make sure communications through a shared and insecure channel, like internet, where there are many bad guys, who might intercept the messages, read and modify them, and even usurp the identity of other people with evil intent.



All these elements are meant to make sure the communications from a legal standpoint. This concept is also known as to provide LEGAL SECURITY to the Internet



ACTIVITY. 1 FILE ENCRYPTION

 

In this activity you will learn how to use asymmetric encryption based on P.G.P. You will create a couple of public-private keys. You will exchange public keys with a classmate, and you will use your respective public keys to encrypt a secret message that only your classmate will be able to read.

 

This activity must be carried out between two students. So, choose a partner among your classmates.

 

INTRODUCTION

 

Nowadays Internet is extremely insecure, and any information moving through the net may be intercepted by third parts. This includes confidential information as our personal data, our bank account credentials, login and passwords.

 

When it comes to transmit data through internet there are two big problems:

ENCRYPTION

To encrypt is to transform a readable message in something unreadable for everybody else except the legitimate receiver. The opposite process, decryption, allows the receiver to decode the unreadable message turning it readable.

 

 

 

 

 

 

 

 

There are two types of encryption: symmetric and asymmetric.

 

SYMMETRIC OR SINGLE KEY ENCRYPTION


It uses a single key that must be known by the sender and the receiver, both to encrypt and decrypt.

 

 

 

 

 

 

 

 

 

 

 

Symmetric encryption is simpler and easier to implement but has a serious flaw: privacy depends on the secret of the key…. If it is sent through internet we can not ensure it won't be intercepted by others compromising the message privacy

 

 

ASYMMETRIC OR PUBLIC-PRIVATE ENCRYPTION

 



 

In this case we are using a couple of different but mathematically related keys (instead of one single key). Let's call them the keys A and B. Given the particular mathematical bound between A and B, something encrypted with A can only be decrypted with B and viceversa. I can not stress this point more: something encrypted with A can not even be decrypted with A. Let's call A an B public and private keys

 

The private key will remain secret because it will not be send through internet. The public key can be sent through internet wherever you want . It doesn't matter if it is intercepted by other persons

 

To exchange encrypted information from user1 to user2

 

 

From now on, to avoid confusions we will use the terms single key encryption (SK) and public-private key encryption (PPK) instead of symmetric and asymmetric

 

 

 

ACTIVITY 1

SECURE EXCHANGE OF FILES THROUGH INTERNET USING SYMMETRIC ENCRYPTION

 

The first thing to do is to create our first pairs of Keys. This can be done in Seahorse, but takes longer than half an hour. To get it done quicker, we will use Gnu PGP in a terminal window

 

 

 

 



 



 

 



 

 



 

Enter your personal information: full name, email (you can make it up) and a comment.

 

 



 

Press 'V' to go on. Input a password to protect the private key. Keep in mind that if the private key weren't protected any person who logins in your computer might be able to steal your identity

 



 

Next the key generation process will start. This is a very costly process and will take some minutes. To speed up the generation, type the keyboard and move the mouse randomly. The process will use all these actions to add up randomness to the key generation saving computing time

 

 



Finally a message tells the key has been created.

 

 

 



 

 

Let's see the created key in Seahorse. In the left panel click in claves gnuPG

 

 

 

Let's create a second key pair. But this time using Seahorse

 

 

 



 

 

 

 

 

 

 



 

 

 



 

 

 

 

And next… summon all your patience, because it'll be long. A background process will create the keys in some minuts. It might be up to half an hour. But never give up. After a long time the new key will pop up in the Seahorse keys panel

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

EXCHANGE OF PUBLIC KEYS



Remember the plan: The student A wants to send an encrypted secret message to B. So B must sent A his/her public key through internet. Then A will encrypt the message with B's public key and will send it to B by email. Only B will be able to decrypt the messages as long as it only can be decrypted using B's secret key, and it never went out his/her computer










 

 

 



 

 

 

 

Notice that the imported public key is shown next to a single key icon…..

 



. while the private-public pair keys are shown next to a two keys icon. This make sense because the imported key is a single public key while the pair are two keys the public and private

 

 



 

 

 

 

 

 

 

ENCRYPTING A MESSAGE





 



 

 



 

 

 

 

 

 

Done, the encrypted file is the one with .gpg extension

 

 

 

 

 

Next send the encrypted file to your partner by email.

 

DECRYPT YOUR PARTNER'S SECRET MESSAGE

 

Your partner in this activity should already have sent you his/her own secret message in an encrypted file. To decrypt it, select it in Nautilus, drop down the contextual menu (right mouse button) and select the menu option Abrir con descifrar fichero. Remember, he/she has encrypted the message using your public key. To decrypt it will be necessary to use your private key, and we had protected it with a password.

 

 



And then, it will be possible to open and read your partner's message

 

 



 

 

 

 

Ask your teacher to come by and assess your work

 

 

PART 2. EXCHANGE A SECRET MESSAGE WITH YOUR TEACHER

 

  1. Search in internet another famous phrase. Write it in a text file using Gedit. Write down your surname and name and the famous sentence.

     



 

  1. Save the file

  2. You are expected to encrypt this file and send it to the teacher. So, first you have to import the teacher's public key.

  1. Encrypt the file and upload it using Moodle

 

Short url:   http://multidict.net/cs/4508