Scribd
Upload
23 views

Cyber Security Lab Manual

Uploaded by

bhumibhootrabtech2022
Copyright
© © All Rights Reserved
Available Formats
Download as PDF, TXT or read online on Scribd
23 views

Cyber Security Lab Manual

Uploaded by

bhumibhootrabtech2022
Copyright
© © All Rights Reserved
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 30

RIET, Jaipur COURSE FILE Year : 4th

(Approved by AICTE & (General Information)


Affiliated to RTU, Kota) Semester : 7th
Subject: Cyber Security Lab
RIET, Jaipur COURSE FILE Year : 4th

(Approved by AICTE & (General Information)


Affiliated to RTU, Kota) Semester : 7th
Subject: Cyber Security Lab

1 Implement the following Substitution & Transposition Techniques concepts: a) Caesar


Cipherb) Rail fence row & Column Transformation

a) Caesar Cipher Implementation:

def caesar_cipher(text, shift):

result = ""

for char in text:

if char.isalpha():

ascii_offset = ord('A') if char.isupper() else ord('a')

result += chr((ord(char) - ascii_offset + shift) % 26 + ascii_offset)

else:

result += char

return result

# Example usage:

plaintext = "Hello, World!"

shift_amount = 3

cipher_text = caesar_cipher(plaintext, shift_amount)

print(f"Plaintext: {plaintext}")

print(f"Ciphertext: {cipher_text}")

b) Rail Fence Row & Column Transformation Implementation:

def rail_fence_encrypt(text, num_rails):

fence = [[' ' for _ in range(len(text))] for _ in range(num_rails)]

rail, direction = 0, 1

for char in text:


RIET, Jaipur COURSE FILE Year : 4th

(Approved by AICTE & (General Information)


Affiliated to RTU, Kota) Semester : 7th
Subject: Cyber Security Lab

fence[rail][direction - 1] = char

rail += direction

if rail == 1 or rail == num_rails:

direction *= -1

encrypted_text = ''.join(''.join(row) for row in fence)

return encrypted_text

def rail_fence_decrypt(encrypted_text, num_rails):

fence = [[' ' for _ in range(len(encrypted_text))] for _ in range(num_rails)]

rail, direction = 0, 1

for char in encrypted_text:

fence[rail][direction - 1] = 'X'

rail += direction

if rail == 1 or rail == num_rails:

direction *= -1

index = 0

for i in range(num_rails):

for j in range(len(encrypted_text)):

if fence[i][j] == 'X':

fence[i][j] = encrypted_text[index]

index += 1

rail, direction = 0, 1

decrypted_text = ''

for _ in range(len(encrypted_text)):

decrypted_text += fence[rail][direction - 1]
RIET, Jaipur COURSE FILE Year : 4th

(Approved by AICTE & (General Information)


Affiliated to RTU, Kota) Semester : 7th
Subject: Cyber Security Lab

rail += direction

if rail == 1 or rail == num_rails:

direction *= -1

return decrypted_text

# Example usage:

plaintext = "Hello, World!"

num_rails = 3

encrypted_text = rail_fence_encrypt(plaintext, num_rails)

decrypted_text = rail_fence_decrypt(encrypted_text, num_rails)

print(f"Plaintext: {plaintext}")

print(f"Encrypted text: {encrypted_text}")

print(f"Decrypted text: {decrypted_text}")

2. Implement the Diffie-Hellman Key Exchange mechanism using HTML and JavaScript.
Consider the end user as one of the parties (Alice) and the JavaScript application as other
party (bob).

<!DOCTYPE html>

<html lang="en">

<head>

<meta charset="UTF-8">

<meta name="viewport" content="width=device-width, initial-scale=1.0">

<title>Diffie-Hellman Key Exchange</title>

</head>

<body>
RIET, Jaipur COURSE FILE Year : 4th

(Approved by AICTE & (General Information)


Affiliated to RTU, Kota) Semester : 7th
Subject: Cyber Security Lab

<h2>Diffie-Hellman Key Exchange</h2>

<div>

<label for="alice-private-key">Alice's Private Key:</label>

<input type="number" id="alice-private-key" min="1" max="100" value="6">

</div>

<div>

<label for="bob-private-key">Bob's Private Key:</label>

<input type="number" id="bob-private-key" min="1" max="100" value="15">

</div>

<button onclick="performKeyExchange()">Perform Key Exchange</button>

<div>

<p><strong>Alice's Public Key:</strong> <span id="alice-public-key"></span></p>

<p><strong>Bob's Public Key:</strong> <span id="bob-public-key"></span></p>

<p><strong>Shared Secret:</strong> <span id="shared-secret"></span></p>

</div>

<script>

function performKeyExchange() {

// Get private keys

const alicePrivateKey = parseInt(document.getElementById('alice-private-


key').value);

const bobPrivateKey = parseInt(document.getElementById('bob-private-key').value);

// Choose a common base and modulus (these are typically agreed upon values)

const base = 5;

const modulus = 23;


RIET, Jaipur COURSE FILE Year : 4th

(Approved by AICTE & (General Information)


Affiliated to RTU, Kota) Semester : 7th
Subject: Cyber Security Lab

// Calculate public keys

const alicePublicKey = (base ** alicePrivateKey) % modulus;

const bobPublicKey = (base ** bobPrivateKey) % modulus;

// Display public keys

document.getElementById('alice-public-key').innerText = alicePublicKey;

document.getElementById('bob-public-key').innerText = bobPublicKey;

// Calculate shared secret

const sharedSecretAlice = (bobPublicKey ** alicePrivateKey) % modulus;

const sharedSecretBob = (alicePublicKey ** bobPrivateKey) % modulus;

// Display shared secret

document.getElementById('shared-secret').innerText = sharedSecretAlice ===


sharedSecretBob

? sharedSecretAlice

: "Error: Keys do not match!";

</script>

</body>

</html>

3. Implement the following Attack: a) Dictionary Attack b) Brute Force Attack


RIET, Jaipur COURSE FILE Year : 4th

(Approved by AICTE & (General Information)


Affiliated to RTU, Kota) Semester : 7th
Subject: Cyber Security Lab

a) Dictionary Attack:

A dictionary attack is a type of password attack where an attacker uses a predefined list of
words (dictionary) to try to gain unauthorized access to user accounts. The attacker
typically uses common passwords, words, phrases, or variations thereof. The idea is to
systematically try each entry in the dictionary as a password until the correct one is found.

# Simulating a dictionary attack

def dictionary_attack(username, password_dictionary):

for password in password_dictionary:

if login_attempt(username, password):

return f"Login successful! Username: {username}, Password: {password}"

return "Dictionary attack failed."

# Function to simulate a login attempt (replace this with your actual authentication
mechanism)

def login_attempt(username, password):

# Replace this with your actual authentication logic

# For the sake of example, let's assume the correct password is "password123"

return password == "password123"

# Example usage

username = "user123"

password_list = ["password", "123456", "letmein", "password123", "qwerty"]

result = dictionary_attack(username, password_list)

print(result)

b) Brute Force Attack:


RIET, Jaipur COURSE FILE Year : 4th

(Approved by AICTE & (General Information)


Affiliated to RTU, Kota) Semester : 7th
Subject: Cyber Security Lab

A brute force attack involves trying all possible combinations of passwords systematically
until the correct one is found. This method is time-consuming and resource-intensive,
especially for strong and complex passwords. Brute force attacks may involve trying all
possible character combinations, starting from the shortest to the longest passwords.

import itertools

# Simulating a brute force attack

def brute_force_attack(username, max_password_length, character_set):

for length in range(1, max_password_length + 1):

for password_attempt in itertools.product(character_set, repeat=length):

password = ''.join(password_attempt)

if login_attempt(username, password):

return f"Login successful! Username: {username}, Password: {password}"

return "Brute force attack failed."

# Example usage

username = "user123"

max_password_length = 4

character_set = "abcdefghijklmnopqrstuvwxyz0123456789"

result = brute_force_attack(username, max_password_length, character_set)

print(result)

4. Installation of Wire shark, tcpdump, etc and observe data transferred in client server
communication using UDP/TCP and identify the UDP/TCP datagram

Below are the steps to install the Wireshark software on the computer:
RIET, Jaipur COURSE FILE Year : 4th

(Approved by AICTE & (General Information)


Affiliated to RTU, Kota) Semester : 7th
Subject: Cyber Security Lab

o Open the web browser.


o Search for 'Download Wireshark.'
o Select the Windows installer according to your system configuration, either 32-bt or
64-bit. Save the program and close the browser.
o Now, open the software, and follow the install instruction by accepting the license.
o The Wireshark is ready for use.

On the network and Internet settings option, we can check the interface connected to our
computer.

If you are Linux users, then you will find Wireshark in its package repositories.

By selecting the current interface, we can get the traffic traversing through that interface.
The version used here is 3.0.3. This version will open as:

The Wireshark software window is shown above, and all the processes on the network are
carried within this screen only.

AD

The options given on the list are the Interface list options. The number of interface options
will be present. Selection of any option will determine all the traffic. For example, from the
above fig. select the Wi-Fi option. After this, a new window opens up, which will show all
the current traffic on the network. Below is the image which tells us about the live capture
of packets and our Wireshark will look like:
RIET, Jaipur COURSE FILE Year : 4th

(Approved by AICTE & (General Information)


Affiliated to RTU, Kota) Semester : 7th
Subject: Cyber Security Lab

The above arrow shows the packet content written in hexadecimal or the ASCII format.
And the information above the packet content, are the details of the packet header.

It will continue listening to all the data packets, and you will get much data. If you want to
see a particular data, then you can click on the red button. The traffic will be stationary, and
you can note the parameters like time, source, destination, the protocol being used, length,
and the Info. To view in-depth detail, you can click on that particular address; a lot of the
information will be displayed below that.

There will be detailed information on HTTP packets, TCP packets, etc. The red button is
shown below:

The screen/interface of the Wireshark is divided into five parts:

AD

o First part contains a menu bar and the options displayed below it. This part is at the
top of the window. File and the capture menus options are commonly used in
Wireshark. The capture menu allows to start the capturing process. And the File
menu is used to open and save a capture file.
RIET, Jaipur COURSE FILE Year : 4th

(Approved by AICTE & (General Information)


Affiliated to RTU, Kota) Semester : 7th
Subject: Cyber Security Lab

o The second part is the packet listing window. It determines the packet flow or the
captured packets in the traffic. It includes the packet number, time, source,
destination, protocol, length, and info. We can sort the packet list by clicking on the
column name.
o Next comes the packet header- detailed window. It contains detailed information
about the components of the packets. The protocol info can also be expanded or
minimized according to the information required.
o The bottom window called the packet contents window, which displays the content
in ASCII and hexadecimal format.
o At last, is the filter field which is at the top of the display. The captured packets on
the screen can be filtered based on any component according to your requirements.
For example, if we want to see only the packets with the HTTP protocol, we can
apply filters to that option. All the packets with HTTP as the protocol will only be
displayed on the screen, shown below:

You can also select the connection to which your computer is connected. For example, in
this PC, we have chosen the current network, i.e., the ETHERNET.

After connecting, you can watch the traffic below:


RIET, Jaipur COURSE FILE Year : 4th

(Approved by AICTE & (General Information)


Affiliated to RTU, Kota) Semester : 7th
Subject: Cyber Security Lab

In view option on the menu bar, we can also change the view of the interface. You can
change the number of things in the view menu. You can also enable or disable any option
according to the requirements.

There is a filter block below the menu bar, from where a large amount of data can be
filtered. For example, if we apply a filter for HTTP, only the interfaces with the HTTP will
be listed.
RIET, Jaipur COURSE FILE Year : 4th

(Approved by AICTE & (General Information)


Affiliated to RTU, Kota) Semester : 7th
Subject: Cyber Security Lab

If you want to filter according to the source, right-click on the source you want to filter and
select 'Apply as Filter' and choose '...and filter.'

Steps for the permanent colorization are: click on the 'View' option on the menu bar and
select 'Coloring Rules.' The table will appear like the image shown below:
RIET, Jaipur COURSE FILE Year : 4th

(Approved by AICTE & (General Information)


Affiliated to RTU, Kota) Semester : 7th
Subject: Cyber Security Lab

For the network administrator job, advanced knowledge of Wireshark is considered as the
requirements. So, it is essential to understand the concepts of the software. It contains these
20 default coloring rules which can be added or removed according to the requirements.

Select the option 'View' and then choose 'Colorize Packet List,' which is used to toggle the
color on and off.

5. Installation of rootkits and study about the variety of options.

INTRODUCTION:

Breaking the term rootkit into the two component words, root and kit, is
a useful way to define it. Root is a UNIX/Linux term that's the equivalent
ofAdministrator in Windows. The word kit denotes programs that allow
someone to obtain root/admin-level access to the computer by executing the
programs in the kit — all of which is done without end-user consent or
knowledge.

A rootkit is a type of malicious software that is activated each time your


system boots up. Rootkits are difficult to detect because they are activated
before your system's Operating System has completely booted up. A rootkit
often allows the installation of hidden files, processes, hidden user accounts,
and more in the systems OS. Rootkits are able to intercept data from
terminals,network connections, and the keyboard.

Rootkits have two primary functions: remote command/control (back


door) and software eavesdropping. Rootkits allow someone, legitimate or
otherwise, to administratively control a computer. This means executing files,
accessing logs, monitoring user activity, and even changing the computer's
configuration. Therefore, in the strictest sense, even versions of VNC are
rootkits. This surprises most people, as they consider rootkits to be solely
malware, but in of themselves they aren't malicious at all.

The presence of a rootkit on a network was first documented in the


RIET, Jaipur COURSE FILE Year : 4th

(Approved by AICTE & (General Information)


Affiliated to RTU, Kota) Semester : 7th
Subject: Cyber Security Lab

early 1990s. At that time, Sun and Linux operating systems were the primary
targets for a hacker looking to install a rootkit. Today, rootkits are available for
a number of operating systems, including Windows, and are increasingly
difficult to detect on any network.
PROCEDURE:

STEP-1: Download Rootkit Tool from GMER website www.gmer.net.

STEP-2: This displays the Processes, Modules, Services, Files, Registry,


RootKit / Malwares, Autostart, CMD of local host.
STEP-3: Select Processes menu and kill any unwanted process if any.
STEP-4: Modules menu displays the various system files like .sys, .dll
STEP-5: Services menu displays the complete services running with
Autostart, Enable, Disable, System, Boot.
STEP-6: Files menu displays full files on Hard-Disk volumes.
STEP-7: Registry displays Hkey_Current_user and Hkey_Local_Machine.

STEP-8: Rootkits / Malwares scans the local drives selected.


STEP-9: Autostart displays the registry base Autostart applications.

STEP-10:CMD allows the user to interact with command line utilities or Registry
RIET, Jaipur COURSE FILE Year : 4th

(Approved by AICTE & (General Information)


Affiliated to RTU, Kota) Semester : 7th
Subject: Cyber Security Lab

SCREENSHOTS:
RIET, Jaipur COURSE FILE Year : 4th

(Approved by AICTE & (General Information)


Affiliated to RTU, Kota) Semester : 7th
Subject: Cyber Security Lab
RIET, Jaipur COURSE FILE Year : 4th

(Approved by AICTE & (General Information)


Affiliated to RTU, Kota) Semester : 7th
Subject: Cyber Security Lab
RIET, Jaipur COURSE FILE Year : 4th

(Approved by AICTE & (General Information)


Affiliated to RTU, Kota) Semester : 7th
Subject: Cyber Security Lab

RESULT:

Thus the study of installation of Rootkit software and its variety of


options were developed successfully.
RIET, Jaipur COURSE FILE Year : 4th

(Approved by AICTE & (General Information)


Affiliated to RTU, Kota) Semester : 7th
Subject: Cyber Security Lab

6. Perform an Experiment to Sniff Traffic using ARP Poisoning.

Address Resolution Protocol (ARP) is a stateless protocol used for resolving IP


addresses to machine MAC addresses. All network devices that need to communicate
on the network broadcast ARP queries in the system to find out other machines’ MAC
addresses. ARP Poisoning is also known as ARP Spoofing.

Here is how ARP works −

 When one machine needs to communicate with another, it looks up its ARP
table.
 If the MAC address is not found in the table, the ARP_request is broadcasted
over the network.
 All machines on the network will compare this IP address to MAC address.
 If one of the machines in the network identifies this address, then it will respond
to the ARP_request with its IP and MAC address.
 The requesting computer will store the address pair in its ARP table and
communication will take place.

What is ARP Spoofing?

ARP packets can be forged to send data to the attacker’s machine.

 ARP spoofing constructs a large number of forged ARP request and reply
packets to overload the switch.
 The switch is set in forwarding mode and after the ARP table is flooded with
spoofed ARP responses, the attackers can sniff all network packets.

Attackers flood a target computer ARP cache with forged entries, which is also known
as poisoning. ARP poisoning uses Man-in-the-Middle access to poison the network.

What is MITM?

The Man-in-the-Middle attack (abbreviated MITM, MitM, MIM, MiM, MITMA) implies
an active attack where the adversary impersonates the user by creating a connection
between the victims and sends messages between them. In this case, the victims think
that they are communicating with each other, but in reality, the malicious actor controls
the communication.
RIET, Jaipur COURSE FILE Year : 4th

(Approved by AICTE & (General Information)


Affiliated to RTU, Kota) Semester : 7th
Subject: Cyber Security Lab

A third person exists to control and monitor the traffic of communication between two
parties. Some protocols such as SSL serve to prevent this type of attack.

ARP Poisoning − Exercise

In this exercise, we have used BetterCAP to perform ARP poisoning in LAN


environment using VMware workstation in which we have installed Kali Linux
and Ettercap tool to sniff the local traffic in LAN.

For this exercise, you would need the following tools −

 VMware workstation
 Kali Linux or Linux Operating system
 Ettercap Tool
 LAN connection

Note − This attack is possible in wired and wireless networks. You can perform this
attack in local LAN.

Step 1 − Install the VMware workstation and install the Kali Linux operating system.

Step 2 − Login into the Kali Linux using username pass “root, toor”.

Step 3 − Make sure you are connected to local LAN and check the IP address by typing
the command ifconfig in the terminal.
RIET, Jaipur COURSE FILE Year : 4th

(Approved by AICTE & (General Information)


Affiliated to RTU, Kota) Semester : 7th
Subject: Cyber Security Lab

Step 4 − Open up the terminal and type “Ettercap –G” to start the graphical version of
Ettercap.

Step 5 − Now click the tab “sniff” in the menu bar and select “unified sniffing” and
click OK to select the interface. We are going to use “eth0” which means Ethernet
connection.
RIET, Jaipur COURSE FILE Year : 4th

(Approved by AICTE & (General Information)


Affiliated to RTU, Kota) Semester : 7th
Subject: Cyber Security Lab

Step 6 − Now click the “hosts” tab in the menu bar and click “scan for hosts”. It will
start scanning the whole network for the alive hosts.

Step 7 − Next, click the “hosts” tab and select “hosts list” to see the number of hosts
available in the network. This list also includes the default gateway address. We have to
be careful when we select the targets.
RIET, Jaipur COURSE FILE Year : 4th

(Approved by AICTE & (General Information)


Affiliated to RTU, Kota) Semester : 7th
Subject: Cyber Security Lab

Step 8 − Now we have to choose the targets. In MITM, our target is the host machine,
and the route will be the router address to forward the traffic. In an MITM attack, the
attacker intercepts the network and sniffs the packets. So, we will add the victim as
“target 1” and the router address as “target 2.”

In VMware environment, the default gateway will always end with “2” because “1” is
assigned to the physical machine.

Step 9 − In this scenario, our target is “192.168.121.129” and the router is


“192.168.121.2”. So we will add target 1 as victim IP and target 2 as router IP.

Step 10 − Now click on “MITM” and click “ARP poisoning”. Thereafter, check the
option “Sniff remote connections” and click OK.
RIET, Jaipur COURSE FILE Year : 4th

(Approved by AICTE & (General Information)


Affiliated to RTU, Kota) Semester : 7th
Subject: Cyber Security Lab

Step 11 − Click “start” and select “start sniffing”. This will start ARP poisoning in the
network which means we have enabled our network card in “promiscuous mode” and
now the local traffic can be sniffed.

Note − We have allowed only HTTP sniffing with Ettercap, so don’t expect HTTPS
packets to be sniffed with this process.

Step 12 − Now it’s time to see the results; if our victim logged into some websites. You
can see the results in the toolbar of Ettercap.

This is how sniffing works. You must have understood how easy it is to get the HTTP
credentials just by enabling ARP poisoning.

ARP Poisoning has the potential to cause huge losses in company environments. This is
the place where ethical hackers are appointed to secure the networks.

Like ARP poisoning, there are other attacks such as MAC flooding, MAC spoofing,
DNS poisoning, ICMP poisoning, etc. that can cause significant loss to a network.

In the next chapter, we will discuss another type of attack known as DNS poisoning.

7. Demonstrate intrusion detection system using any tool (snort or any other
RIET, Jaipur COURSE FILE Year : 4th

(Approved by AICTE & (General Information)


Affiliated to RTU, Kota) Semester : 7th
Subject: Cyber Security Lab

7. Demonstrate intrusion detection system using any tool (snort or any other s/w)

SNORT is a network based intrusion detection system which is written in C


programming language. It was developed in 1998 by Martin Roesch. Now it is
developed by Cisco. It is free open-source software. It can also be used as a packet
sniffer to monitor the system in real time. The network admin can use it to watch all
the incoming packets and find the ones which are dangerous to the system. It is based
on library packet capture tool. The rules are fairly easy to create and implement and it
can be deployed in any kind of operating system and any kind of network
environment. The main reason of the popularity of this IDS over others is that it is a
free-to-use software and also open source because of which any user can be able to use
it as the way he wants.
Features:
 Real-time traffic monitor
 Packet logging
 Analysis of protocol
 Content matching
 OS fingerprinting
 Can be installed in any network environment.
 Creates logs
 Open Source
 Rules are easy to implement

Installation Steps:
In Linux:

 Step-1: wget https://www.snort.org/downloads/snort/snort-2.9.15.tar.gz


 Step-2: tar xvzf snort-2.9.15.tar.gz
 Step-3: cd snort-2.9.15
 Step-4: ./configure –enable-sourcefire && make && sudo make install
In Windows:
 Step-1: Download SNORT installer from
https://www.snort.org/downloads/snort/Snort_2_9_15_Installer.exe
 Step-1: Execute the Snort_2_9_15_Installer.exe

Different SNORT Modes:


RIET, Jaipur COURSE FILE Year : 4th

(Approved by AICTE & (General Information)


Affiliated to RTU, Kota) Semester : 7th
Subject: Cyber Security Lab

1. Sniffer Mode –
To print TCP/IP header use command ./snort -v
To print IP address along with header use command ./snort -vd
2. Packet Logging –
To store packet in disk you need to give path where you want to store the logs. For
this command is./snort -dev -l ./SnortLogs.
3. Activate network intrusion detection mode –
To start this mode use this command ./snort -dev -l ./SnortLogs -h 192.127.1.0/24 -c
snort.conf

Types of Rules in SNORT:


There are 3 types of rules in SNORT, those are
1. Alert Rules: This uses the alert technique to produce notifications.
2. Logging Rules: It logs each individual alert as soon as it is generated.
3. Pass Rules: If the packet is deemed malicious, it is ignored and dropped.

Basic Usages:
 Packet Sniffing: The way traffic is being transmitted can be thoroughly examined
by gathering the individual packets that travel to and from devices on the network.
 Generates Alerts: It generates warnings based on the configuration file’s rules when
it discovers unusual or malicious activity, the possibility of a vulnerability being
exploited, or a network threat that compromises the organization’s security policy.
 Debug Traffic: After the traffic has been logged, any malicious packets and
configuration problems are checked.
RIET, Jaipur COURSE FILE Year : 4th

(Approved by AICTE & (General Information)


Affiliated to RTU, Kota) Semester : 7th
Subject: Cyber Security Lab

8. Demonstrate how to provide secure data storage, secure data transmission and for
creating digital signatures.

Secure Data Storage using AES Encryption:

from Crypto.Cipher import AES


from Crypto.Random import get_random_bytes
import base64

def encrypt_data(data, key):


cipher = AES.new(key, AES.MODE_EAX)
ciphertext, tag = cipher.encrypt_and_digest(data.encode('utf-8'))
return base64.b64encode(cipher.nonce + tag + ciphertext)

def decrypt_data(encrypted_data, key):


encrypted_data = base64.b64decode(encrypted_data)
nonce, tag, ciphertext = encrypted_data[:16], encrypted_data[16:32],
encrypted_data[32:]
cipher = AES.new(key, AES.MODE_EAX, nonce=nonce)
return cipher.decrypt_and_verify(ciphertext, tag).decode('utf-8')

# Example usage
secret_key = get_random_bytes(16) # 128-bit key for AES
data_to_encrypt = "This is sensitive information."
encrypted_data = encrypt_data(data_to_encrypt, secret_key)
decrypted_data = decrypt_data(encrypted_data, secret_key)

print(f"Original Data: {data_to_encrypt}")


print(f"Encrypted Data: {encrypted_data}")
print(f"Decrypted Data: {decrypted_data}")

Secure Data Transmission using TLS/SSL:

For secure data transmission, using protocols like HTTPS is essential. Below is an
example using Python's requests library, which supports HTTPS:

import requests
RIET, Jaipur COURSE FILE Year : 4th

(Approved by AICTE & (General Information)


Affiliated to RTU, Kota) Semester : 7th
Subject: Cyber Security Lab

url = "https://example.com/api"
data_to_send = {"username": "user", "password": "pass"}

response = requests.post(url, json=data_to_send)


print(f"Response: {response.text}")

Make sure the server is configured to use HTTPS with a valid SSL/TLS certificate.

Creating Digital Signatures using RSA:

from Crypto.Signature import pkcs1_15


from Crypto.PublicKey import RSA
from Crypto.Hash import SHA256

def sign_data(data, private_key):


key = RSA.import_key(private_key)
h = SHA256.new(data.encode('utf-8'))
signature = pkcs1_15.new(key).sign(h)
return signature

def verify_signature(data, signature, public_key):


key = RSA.import_key(public_key)
h = SHA256.new(data.encode('utf-8'))
try:
pkcs1_15.new(key).verify(h, signature)
return True
except (ValueError, TypeError):
return False

# Example usage
private_key = """-----BEGIN RSA PRIVATE KEY-----
... (your private key here)
-----END RSA PRIVATE KEY-----"""

public_key = """-----BEGIN RSA PUBLIC KEY-----


... (your public key here)
-----END RSA PUBLIC KEY-----"""
RIET, Jaipur COURSE FILE Year : 4th

(Approved by AICTE & (General Information)


Affiliated to RTU, Kota) Semester : 7th
Subject: Cyber Security Lab

data_to_sign = "This is the data to be signed."


signature = sign_data(data_to_sign, private_key)
verification_result = verify_signature(data_to_sign, signature, public_key)

print(f"Data: {data_to_sign}")
print(f"Signature: {signature}")
print(f"Signature Verification Result: {verification_result}")
Ensure that you replace (your private key here) and (your public key here) with your
actual private and public keys.

You might also like