Rating is available when the video has been rented.
This feature is not available right now. Please try again later.
Published on Dec 20, 2011
As any crypto student knows it's al about Bob and Alice...
My crypto presentation that I teach in my InfoSec classed boiled down to a 4 minute original music video with labs. Even if you don't like the music, if you do the labs and understand what is happening, it should help anyone pass the crypto section of the CEH, CISSP, CISM and Security+ classes I (Larry Greenblatt) teach.
Labs (optional) Prerequisites: computer with Wireshark, web browser(s) and an internet connection.
Lab1) Sniff the SSL handshake. Start capturing and open a session to an SSL site, e.g. Gmail. After you get the HTTPS in the URL, stop the capture. Filter on SSL and examine the Client Hello (try capture filter "ssl.handshake.type"). How many cipher suites does your browser support? Identify which symmetric, asymmetric and hashing algorithms are used in cipher spec 0x000005.
Lab2) Examine the Server Hello. What cipher spec did the server negotiate? What algorithms make up the cipher spec?
Lab3) Examine the Server's certificate and answer the following questions:
Who signed the certificate? What hashing and asymmetric algorithms are used in the signature? Where is the CRL for this certificate? Does this certificate support OCSP?
Lab 4) Filter on OCSP. How did the client identify the certificate in question? Who signed the response?
EXTRA CREDIT! Change browsers and repeat the above. How many differences do you see? Did you expect that many?
Lab 5) Cryptanalysis - Download Cryptool. Given the following text, derive the key: ______________________ Ixevz0 "Vgiqkzy Jut'z Rok; Huh Rubk'y Groik" Cuxjy gtj Sayoi he Rgxxe Mxkkthrgzz Vxujaikj ot g nuzkr xuus ot Grkdgtjxog BG Maozgxy (znxkk zxgiqy, cgcg, xuiqghorre gtj joxze uizgbk) vrgekj he Rgxxe. Xkiuxjkj ut g Fuus X24. Jxas zxgiq lxus X24 haorz ot sginotk.
O cgtz zu yngxk g rozzrk ykixkz Loxyz ck sayz huzn gmxkk O tkbkx ygoj O cgyt'z ixgfe Nkxk'y nuc oz ykksy zu sk
Eua cgtz zu qkkv yusk znotmy vxobgzk O atjkxyzgtj gtj O xkyvkiz Yuskzosky oz ykksy yu ixgfe Nkxk'y nuc oz ykksy zu sk
Hghe, eua'xk g yavkx nkxu O qtuc zngz yuatjy qotjg yzxgtmk Hghe O znotq znkxk muttg rubk eua Znotmy gxk tuz grcgey cngz znke ykks
Nuc ju O qtuc oz'y xkgrre eua? Gtj cngz eua yge oy zxak? O qtuc znkxk'y znotmy O igt'z jkte Yuskzosky znk cuxrj ykksy yu ixgfe xomnz tuc Nkxk'y nuc oz ykksy zu sk
Hghe, eua'xk g yavkx nkxu O qtuc somnz ykks otygtk Hghe, O znotq znkxk muttg rubk eua Vkuvrk gxkt'z grcgey cnu znke irgos