CIS-221

Assignment #2

Name: Enosh Thomas

Student Id: 300205939
Submitted to: – Prof: Deepinder Kaur
We perform all these in Oracle VM VirtualBox.

1)

a) GNUPG

1. To encrypt and decrypt the files using GPG, you need to make sure these;
i. It VirtualBox should have 2 different kali linux OS users.
ii. Both should be connected on same network using NAT network.
iii. Each kali user should have GnuPG installed (Its pre-installed along
with the kali, if not use this command in terminal, apt-get install
gnupg)
iv. After all these we can perform encrypting and decrypting files between
2 users.

• I installed 2 users to perform GPG encryption and decryption.

Step 1: To connect those 2 users to one network, we need to create a network. To do that follow the
steps.
• Tools > Network>NAT Network>Create new Icon> Enter the network name and the
prefix>Enable DHCP >Apply.
After creating NAT network, connect those 2 users into the same network created;

Go to the user description interface> Settings>Network>select NAT network from the “Attached to:”
option.

Do the same steps in the second Kali user also.

Step 2: Install GnuPG.

Perform this command on terminal on both the user and you are ready to go.
 • Check the ip address of 2 accounts using ifconfig command.

Step 4: Symmetric encryption

In symmetric encryption, first we create a file, then encrypt it using gpg -c filename command
(symmetric encryption) and then decrypt it with gpg -d filename command.

Step 4: Asymmetric encryption

Before moving to the third Step 4 will be explaining about Key.

There are two methods to generate key, One is with the command gpg --full-generate-key and other
is using gpg – gen-key.

The difference between two is that, by using the first command, It offers more specification settings to
generate the key pair, such a preference for key pair (RSA, DSA, ECC, etc.) and length, expiration
date and user information, on the other hand the second command simplifies the key generation
process. In default it uses RSA key pair and only ask for user information which makes it quickier.

Step 3: Generating key.

I used gpg --gen-key to generate key.

After generating key they will prompt to enter a passphrase for the key.
 • To list key pair use following command

Step 5: Exporting the generated key to a file.

Step 6: Send the key to second user (From Kali1 user to Kali2 user)

• Before sending the key, write the command sudo service ssh start on both the
accounts to secure the transferring.

Step7: Next step is to send key to the second user and import it on the second user.
Step 8: Create a file on the second user with content and encrypting it and sending it to the first user
then decrypting over there.

After sending the file and decrypting it on the first user, it will prompt you to enter the passphrase.

Note: check for the directory that you given and make sure the CLI is on the same directory. (CD
command).

b) Wireshark
Wireshark is primarily used for capturing and analyzing network traffic in real-time or from saved
capture files.
2. Checksum is basically for checking the integrity of the file. There are two methods to check,
md5sum and sha256sum.Lets check using both the method,

SHA1 produces a message with a hash value of 160 bits, compared to MD5's 128-bit. Larger hashes
are produced using SHA256, which may need more time and processing resources. It is thought to be
a more secure strategy. For the majority of simple integrity tests, such as file downloads, MD5 is
usually sufficient.