Cryptography Cybersecurity Project

Objective:

To create a home lab environment for learning and practicing basic cryptography concepts using ARM-based macOS, Kali Linux, and an ARM Ubuntu server. This project covers the following topics:

• Symmetric and asymmetric encryption
• Hashing
• Digital signatures
• Public Key Infrastructure (PKI)

Lab Setup:

Components:

• macOS (ARM): Primary workstation for accessing the lab environment and performing cryptographic tasks.
• Kali Linux (VM): Used for offensive security tasks, such as breaking encryption and sniffing network traffic.
• Ubuntu Server (ARM): Hosts various cryptographic services and tools.

Step-by-Step Instructions:

1. Setting Up the Environment

1.1. Install VirtualBox on macOS

• Download and install VirtualBox for ARM macOS.
• Download the ARM images for Kali Linux and Ubuntu Server:
• Kali Linux ARM Image
• Ubuntu Server ARM Image

1.2. Set Up Kali Linux VM

1. Open VirtualBox and create a new VM:

• Name: KaliLinux
• Type: Linux
• Version: Other Linux (64-bit)

1. Allocate memory and create a virtual hard disk.
2. Attach the Kali Linux ARM image to the VM and start the VM.
3. Follow the on-screen instructions to complete the Kali Linux installation.

1.3. Set Up Ubuntu Server VM

1. Repeat the above steps to create a new VM for Ubuntu Server:

• Name: UbuntuServer
• Type: Linux
• Version: Ubuntu (64-bit)

Attach the Ubuntu Server ARM image and complete the installation.

2. Configuring Ubuntu Server

2.1. Install Essential Packages

sudo apt update
sudo apt install openssh-server openssl

2.2. Set Up OpenSSH for Remote Access

1. Start and enable the SSH service:

sudo systemctl start ssh
sudo systemctl enable ssh

2.3. Set Up Cryptographic Tools

1. Install GnuPG for encryption and signing:

sudo apt install gnupg

2. Install OpenSSL for working with SSL/TLS:

sudo apt install openssl

3. Configuring Kali Linux

3.1. Install Cryptographic Tools

1. Update the system and install essential tools:

sudo apt update
sudo apt install john hashcat nmap openssl

4. Performing Cryptographic Tasks

4.1. Symmetric Encryption (Using OpenSSL)

1. On Ubuntu Server, create a file to encrypt:

echo "Hello, this is a secret message" > secret.txt

2. Encrypt the file using AES-256:

openssl enc -aes-256-cbc -salt -in secret.txt -out secret.txt.enc

3. Decrypt the file:

openssl enc -aes-256-cbc -d -in secret.txt.enc -out secret_decrypted.txt

4.2. Asymmetric Encryption (Using GPG)

1. Generate a GPG key pair on Ubuntu Server:

gpg --full-generate-key

Encrypt a file:

gpg --encrypt --recipient <YourEmail> secret.txt

Decrypt the file:

gpg --decrypt secret.txt.gpg > decrypted.txt

4.3. Hashing (Using OpenSSL)

1. Generate a hash of a file:

openssl dgst -sha256 secret.txt

4.4. Digital Signatures (Using GPG)

1. Sign a file:

gpg --sign secret.txt

Verify the signature:

gpg --verify secret.txt.gpg

4.5. Public Key Infrastructure (PKI)

1. Create a self-signed certificate:

openssl req -x509 -newkey rsa:4096 -keyout key.pem -out cert.pem -days 365

Verify the certificate:

openssl x509 -in cert.pem -noout -text

Transfer the encrypted file to Kali Linux using SCP on a Ubuntu Server:

scp secret.txt.enc kali_user@kali_ip:/home/kali_user/

Observe the Traffic in Wireshark:

In Wireshark, look for the SCP traffic (typically using TCP port 22). You can apply a filter to narrow down the results:

tcp.port == 22

Example 2: Asymmetric Encryption with GPG

1. Generate a GPG key pair on Ubuntu Server:

gpg --full-generate-key

Encrypt a file:

gpg --encrypt --recipient YourEmail secret.txt

Transfer the encrypted file to Kali Linux using SCP on a Ubuntu Server:

scp secret.txt.gpg kali_user@kali_ip:/home/kali_user/

1. Observe the Traffic in Wireshark:
2. Look for the SCP traffic using the same filter as above.

Example 3: Creating a Self-Signed Certificate with OpenSSL

1. Create a self-signed certificate on Ubuntu Server:

openssl req -x509 -newkey rsa:4096 -keyout key.pem -out cert.pem -days 365

Transfer the certificate to Kali Linux using SCP on Ubuntu Server:

scp cert.pem kali_user@kali_ip:/home/kali_user/

Observe the Traffic in Wireshark:

Apply the filter for SCP traffic:

tcp.port == 22

1. Inspect Individual Packets: Click on individual packets to see detailed information about them. Observe the encrypted data within the packets.

Step 6: Save the Capture for Further Analysis

1. Save the Capture File: Go to File > Save As and save the capture file for future reference.

This home lab setup provides a comprehensive environment to learn and practice basic cryptography concepts. By following these steps, you can effectively understand and implement various cryptographic techniques and tools.