Implement Hashing and Encryption for Secure Communications

1. Compare the hash values calculated for example.txt that you documented during this lab. Explain in your own words why the hash values will change when the data is modified.

The hash file is changed when the data is modified because the information within the file has changed and it is considered a new/different file.

2. Why are the MD5sum and SHA1sum hash values the same every time you calculate for the “example.txt” sample file? What if they were different when you re-calculated the hash value at the other end?

Because the data has not changed and a different hash value is not needed because nothing (data) has changed from the original format/file. 3. 2
3. If you were using corporate e-mail for internal and external communications but did not want to encrypt an e-mail message, what other security countermeasure can you deploy to ensure message integrity?

One other security countermeasure to use if I did not want to encrypt e-mail from my corporate account would be to use a digital signature to ensure message integrity. I know this because I use it on a daily basis.

4. If you are using corporate e-mail for external communications that contain confidential information, what other security countermeasure can you deploy to maximize confidentiality of e-mail transmissions through the Internet?

Again, I would utilize a digital signature. I would also use cryptology to maximize confidentiality of e-mail transmissions through the internet from my corporate account.

5. What is the difference between MD5sum and SHA1sum hashing calculations? Which is better and why?

MD5sum is basically a one-way with a max of 128 bits processed for its input while SHA1sum can process up to 512 bits along with padding. I would say that SHA1sum is better due to the fact that padding ensures the right numbers.

6. Where can you store your public keys or public certificate files in the public domain? Is this the same thing as a public key infrastructure (PKI) server?

You can store them on the domain itself and I would say that this is the same as a PKI server because a PKI server has more of a hierarchal ladder of trust to verify users.

7. What do you need if you want to decrypt encrypted messages and fi les from a trusted sender?

You would need the public key.

8. What encryption mechanisms are built into Microsoft® Windows XP Professional?

Encrypting File system.

9. Which Windows encryption mechanism provides full disk encryption and uses the Trusted Platform Module to do so? Do you recommend that end-users encrypt their personal hard drives on Microsoft Windows platforms and workstations?

I believe it is Bitlocker and yes I recommend it if you have very important work-related or sensitive information that you do not want anyone to get a hold of.

10. What happens if you have a forensic copy of a hard drive that happens to have the entire disk encrypted that you try to view with standard forensic tools?

The hard drive is extremely hard to “break into” to view the contents. There is no real easy way to access the information and the investigative options then become very limited.

Week 1 Lab Results:

MD5sum hash string: 46edc6541babd006bb52223c664b29a3

SHA1sum hash string: a6f153801c9303d73ca2b43d3be62f44c6b66476

MD5sum hash string (modified Example.txt): 0e9687be578daf31a13ce42af48be3ac

SHA1sum hash string (modified Example.txt): 229beb78e69d5bd2f789edb6396277536f1459bb

This change occurred because the information/data on the file was changed.