-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathindex.xml
55 lines (55 loc) · 12.9 KB
/
index.xml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
<?xml version="1.0" encoding="utf-8" standalone="yes"?>
<rss version="2.0" xmlns:atom="http://www.w3.org/2005/Atom">
<channel>
<title>Hands On Cybersecurity Learning Blog</title>
<link>https://rnayaksec.github.io/</link>
<description>Recent content on Hands On Cybersecurity Learning Blog</description>
<generator>Hugo</generator>
<language>en-us</language>
<copyright>© Rohit Nayak</copyright>
<lastBuildDate>Thu, 05 Dec 2024 00:00:00 +0000</lastBuildDate>
<atom:link href="https://rnayaksec.github.io/index.xml" rel="self" type="application/rss+xml" />
<item>
<title>Crypto Lab 4- Key Exchange</title>
<link>https://rnayaksec.github.io/posts/keyexchange/</link>
<pubDate>Thu, 05 Dec 2024 00:00:00 +0000</pubDate>
<guid>https://rnayaksec.github.io/posts/keyexchange/</guid>
<description><p>Diffie-Hellman key exchange is a method that allows two parties to establish a shared secret over an insecure channel. Here&rsquo;s how you can perform a basic Diffie-Hellman key exchange using OpenSSL on Linux:</p>
<h3 id="step-by-step-demo">Step-by-Step Demo</h3>
<ol>
<li><strong>Generate Diffie-Hellman Parameters</strong>:</li>
</ol>
<div class="highlight"><pre tabindex="0" style="color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4;"><code class="language-bash" data-lang="bash"><span style="display:flex;"><span>openssl dhparam -out dhparam.pem <span style="color:#ae81ff">2048</span>
</span></span></code></pre></div><ol start="2">
<li><strong>Generate Private Keys for Both Parties</strong>:</li>
</ol>
<ul>
<li><strong>For Party A</strong>:</li>
</ul>
<div class="highlight"><pre tabindex="0" style="color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4;"><code class="language-sh" data-lang="sh"><span style="display:flex;"><span>openssl genpkey -paramfile dhparam.pem -out privateA.pem
</span></span></code></pre></div><ul>
<li><strong>For Party B</strong>:</li>
</ul>
<div class="highlight"><pre tabindex="0" style="color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4;"><code class="language-sh" data-lang="sh"><span style="display:flex;"><span>openssl genpkey -paramfile dhparam.pem -out privateB.pem
</span></span></code></pre></div><ol>
<li><strong>Extract Public Keys from the Private Keys</strong>:</li>
</ol>
<ul>
<li><strong>For Party A</strong>:</li>
</ul>
<div class="highlight"><pre tabindex="0" style="color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4;"><code class="language-sh" data-lang="sh"><span style="display:flex;"><span>openssl pkey -in privateA.pem -pubout -out publicA.pem
</span></span></code></pre></div><ul>
<li><strong>For Party B</strong>:</li>
</ul>
<div class="highlight"><pre tabindex="0" style="color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4;"><code class="language-sh" data-lang="sh"><span style="display:flex;"><span> openssl pkey -in privateB.pem -pubout -out publicB.pem
</span></span></code></pre></div><ol>
<li><strong>Generate the Shared Secret</strong>:
<ul>
<li><strong>For Party A (using Party B&rsquo;s public key)</strong>:</li>
</ul>
</li>
</ol>
<div class="highlight"><pre tabindex="0" style="color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4;"><code class="language-sh" data-lang="sh"><span style="display:flex;"><span>openssl pkeyutl -derive -inkey privateA.pem -peerkey publicB.pem -out shared_secret_A.bin
</span></span></code></pre></div><ul>
<li><strong>For Party B (using Party A&rsquo;s public key)</strong>:</li>
</ul>
<div class="highlight"><pre tabindex="0" style="color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4;"><code class="language-sh" data-lang="sh"><span style="display:flex;"><span> openssl pkeyutl -derive -inkey privateB.pem -peerkey publicA.pem -out shared_secret_B.bin
</span></span></code></pre></div><ol start="2">
<li><strong>Verify the Shared Secrets Match</strong>:</li>
</ol>
<div class="highlight"><pre tabindex="0" style="color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4;"><code class="language-sh" data-lang="sh"><span style="display:flex;"><span> diff shared_secret_A.bin shared_secret_B.bin <span style="color:#f92672">&amp;&amp;</span> echo <span style="color:#e6db74">&#34;Shared secrets match!&#34;</span> <span style="color:#f92672">||</span> echo <span style="color:#e6db74">&#34;Shared secrets do not match!&#34;</span>
</span></span></code></pre></div><h3 id="explanation">Explanation</h3>
<ul>
<li><strong>Step 1</strong>: Generates Diffie-Hellman parameters (a shared foundation) which both parties use.</li>
<li><strong>Step 2</strong>: Each party generates their private keys using the shared parameters.</li>
<li><strong>Step 3</strong>: Extracts public keys from the private keys to be shared with the other party.</li>
<li><strong>Step 4</strong>: Each party generates a shared secret using their private key and the other party&rsquo;s public key.</li>
<li><strong>Step 5</strong>: Verifies that both parties have derived the same shared secret.</li>
</ul>
<p>This demonstration helps you understand the process of establishing a shared secret securely. If you have more questions or need further details, feel free to ask!</p></description>
</item>
<item>
<title>Crypto Lab 3 - Using Digital Signatures</title>
<link>https://rnayaksec.github.io/posts/digisign/</link>
<pubDate>Wed, 04 Dec 2024 00:00:00 +0000</pubDate>
<guid>https://rnayaksec.github.io/posts/digisign/</guid>
<description><p>Digital signatures provide an electronic counterpart to physical signatures, using asymmetric cryptography to achieve the following</p>
<ul>
<li><strong>Authenticati</strong>on**: The person owning the public key used to sign the message is the one who signed it.</li>
<li><strong>Integrity</strong>: The message was not altered after being signed.</li>
<li><strong>Non-repudiation</strong>: The sender can prove these facts to a third party if necessary.</li>
</ul>
<p>Behind the scenes, digital signatures depend on two things:</p>
<ul>
<li>A collision-resistant <strong>hash function</strong> that ensures no two inputs produce the same output.</li>
<li><strong>Asymmetric key pair</strong>: Anything encrypted with one key can only be decrypted with the other key from the pair.</li>
</ul>
<p>Let’s walk through an example of using digital signatures on the Linux command line involving two users, mikey and bart, using <code>gpg</code>.</p></description>
</item>
<item>
<title>Crypto Lab 2 - Using Asymmetric keys</title>
<link>https://rnayaksec.github.io/posts/asymmetric/</link>
<pubDate>Tue, 03 Dec 2024 00:00:00 +0000</pubDate>
<guid>https://rnayaksec.github.io/posts/asymmetric/</guid>
<description><p>Asymmetric encryption, also known as public key cryptography, uses a pair of keys: a public key for encryption and a private key for decryption. Each user has a key pair, and anything encrypted with one key can be decrypted with the other key from the same pair.</p>
<p>Please refer to <a href="https://rnayaksec.github.io/posts/linux_prereq_crypto.md">pre-requisite</a> for this blog to ensure that you have two users setup on Linux.</p>
<h3 id="scenario">Scenario</h3>
<ul>
<li>mikey wants to send an encrypted file to bart.</li>
<li>mikey uses bart’s public key to encrypt the file.</li>
<li>bart uses his private key to decrypt the file.</li>
<li>The file to be encrypted is <code>turing_bio</code> stored at <code>/srv/shared</code></li>
</ul>
<h3 id="barts-side-generating-the-keys">bart’s Side (Generating the keys)</h3>
<p>bart generates a key pair (public and private keys):</p></description>
</item>
<item>
<title>Crypto Lab 1 - Using Symmetric keys</title>
<link>https://rnayaksec.github.io/posts/symmetric/</link>
<pubDate>Mon, 02 Dec 2024 00:00:00 +0000</pubDate>
<guid>https://rnayaksec.github.io/posts/symmetric/</guid>
<description><p>Symmetric encryption, also known as shared secret encryption, uses the same key for both encryption and decryption. If one user encrypts a message with a secret key, the recipient must use the same key to decrypt it.</p>
<p>Let’s walk through an example of symmetric key encryption on the Linux command line involving two users, mikey and bart, using gpg . In this case the shared key is the passphrase used to encrypt and decrypt.</p></description>
</item>
<item>
<title>About this blog</title>
<link>https://rnayaksec.github.io/about/about/</link>
<pubDate>Sun, 01 Dec 2024 00:00:00 +0000</pubDate>
<guid>https://rnayaksec.github.io/about/about/</guid>
<description><h3 id="what-is-this-blog-about">What is this blog about?</h3>
<p>Welcome to my corner of the internet dedicated to demystifying the world of cybersecurity!
This blog is born from a passion for making security knowledge accessible, particularly for those just starting their journey in this exciting field. My goal is threefold:</p>
<ul>
<li>to break down fundamental security concepts into easily digestible pieces</li>
<li>to explore specific topics relevant to achieving the coveted CISSP certification</li>
<li>and to bring these concepts to life through practical, hands-on labs whenever possible.</li>
</ul>
<p>Beyond core security principles, we&rsquo;ll also venture into adjacent areas like Linux administration, data science with Python, and the fascinating realms of machine learning and AI, recognizing their growing importance in the modern security landscape. Join me as we explore, learn, and grow together in the ever-evolving world of cyber protection.</p></description>
</item>
<item>
<title>Linux Basics - Adding users and groups</title>
<link>https://rnayaksec.github.io/posts/linux_prereq_crypto/</link>
<pubDate>Sun, 01 Dec 2024 00:00:00 +0000</pubDate>
<guid>https://rnayaksec.github.io/posts/linux_prereq_crypto/</guid>
<description><p>This short introductory post will walk you through adding a user, creating a group, adding the user to the group and sudoers, and setting up a shared folder with proper permissions on Ubuntu Linux.</p>
<p>The end goal is to end up with two user who can play the role of Alice and Bob as is typically the case for lot of cryptographic operations.</p>
<blockquote>
<p>[! IMPORTANT]
This blog assumes you already are logged into Ubuntu Linux with one user and all we are doing here is creating a second one. Alternately you can reuse the same script and create two distinct users if you wish to do so.</p></description>
</item>
</channel>
</rss>