applied-cryptography/appliedcrypto
1
0
Fork 0
mirror of https://github.com/billbuchanan/appliedcrypto.git synced 2026-02-20 13:50:42 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge remote-tracking branch 'refs/remotes/origin/main'

Browse Source
This commit is contained in:
billbuchanan
2026-02-16 08:24:09 +00:00
parent 8cd8baca90 cde68cb22b
commit d488cfde3c
3 changed files with 18 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

22
unit03_hashing/lab/README.md
View File

@@ -1,7 +1,7 @@
![esecurity](https://raw.githubusercontent.com/billbuchanan/esecurity/master/z_associated/esecurity_graphics.jpg)
# Lab 3: Hashing
Objective: The key objective of this lab is to understand the range of hashing methods used, analyse the strength of each of the methods, and in the usage of salting. Overall the most popular hashing methods are: MD5 (128-bit); SHA-1 (160-bit); SHA-256 (256-bit); SHA-3 (256-bit), bcrypt (192-bit) and PBKDF2 (256-bit). The methods of bcrypt, scrypt and PBKDF2 use a number of rounds, and which significantly reduce the hashing rate. This makes the hashing processes much slower, and thus makes the cracking of hashed passwords more difficult. We will also investigate the key hash cracking tools such as hashcat and John The Ripper.
Objective: The key objective of this lab is to understand the range of hashing methods used, analyse the strength of each of the methods, and in the usage of salting. Overall, the most popular hashing methods are: MD5 (128-bit); SHA-1 (160-bit); SHA-256 (256-bit); SHA-3 (256-bit), bcrypt (192-bit) and PBKDF2 (256-bit). The methods of bcrypt, scrypt and PBKDF2 use a number of rounds, and which significantly reduce the hashing rate. This makes the hashing processes much slower, and thus makes the cracking of hashed passwords more difficult. We will also investigate the key hash cracking tools such as Hashcat and John the Ripper.
Open up your Ubuntu instance within vsoc.napier.ac.uk and conduct this lab.
@@ -10,7 +10,7 @@ Demo: [here](https://youtu.be/rnTLr6iUbf0)
If required, you can check the hashing methods here: https://asecuritysite.com/encryption/js10
## A Hashing
In this section we will look at some fundamental hashing methods.
In this section, we will look at some fundamental hashing methods.
### A.1
Using (either on your Windows desktop or on Ubuntu):
@@ -68,7 +68,7 @@ SHA-384 hex chars:
SHA-512 hex chars:
How does the number of hex characters relate to the length of the hash signature:
How does the number of hex characters relate to the length of the hash value?
### A.4
@@ -119,13 +119,13 @@ From Ubuntu, download the following ZIP file:
Web link (PS Files): [here](http://asecuritysite.com/letters.zip)
On your Ubuntu instance, you should be able to view the files by double clicking on them in the file explorer (as you should have a PostScript viewer installed).
On your Ubuntu instance, you should be able to view the files by double-clicking on them in the file explorer (as you should have a PostScript viewer installed).
Do the files have different contents?
Now determine the MD5 signature for them. What can you observe from the result?
Now, determine the MD5 signature for them. What can you observe from the result?
@@ -144,6 +144,18 @@ Hash rate for APR1:
**Hint** - You can use *hashcat --help* to find all the flags that you can use!
Also, if you want to remove the hashed password you have already cracked, you can:
```
rm .hashcat\hashcat.potfile
```
Otherwise, you can use the --show option to show previously cracked hashes:
```
hashcat --show
```
### B.2
On Ubuntu, next create a word file (words) with the words of “napier”, “password” “Ankle123” and “inkwell”

1
unit04_public_key/lab/README.md
View File

@@ -103,7 +103,6 @@ privKeyObj = RSA.importKey(binPrivKey)
cipher = PKCS1_OAEP.new(privKeyObj)
message = cipher.decrypt(ciphertext)
print
print ("====Decrypted===")
print ("Message:",message)
```

2
z_assessments/test01/README.md
View File

@@ -7,7 +7,7 @@ There will be four main questions in the exam: Symmetric Key (Unit 1), Hashing (
Some test details are:
* It is an open book test.
* It is an open book test. No use of GenAI mode in browsers.
* No copying and pasting is allowed for the questions, and answers will be checked against on-line sources for copying.
* No use of chat/AI bots.
* A copied answer is likely to be graded with a score of zero, and copying and pasting from on-line content could be highlighted for an issue.