Data Integrity
Laboratory Assignment: Command Tools For Data Integrity
Objective
- Understand the concept of hashing and electronic signatures.
- Learn to use command line programs for creating and checking hash values.
- Gain hands-on experience in creating and verifying electronic signatures.
Tools Required
- Command line interface (e.g., Terminal on Unix/Linux, Command Prompt on Windows)
- OpenSSL (for electronic signatures)
Part 1: Hashing
Task 1: Introduction to Hashing
- Read the theory: Data Integrity
Task 2: Generating Hash Values
- Use the command line to create a text file with some sample content (e.g.,
sample.txt
). - Use a hashing algorithm (e.g., SHA-256) to generate a hash value for the contents of the file.
- Save the hash value in a separate file (e.g.,
hash.txt
).
Creating a Text File with Sample Content:
This command uses echo
to write the specified text into a file named sample.txt
.
Generating a Hash Value (SHA-256) for the Contents of the File:
This command uses the sha256sum
command to generate the SHA-256 hash value for the contents of sample.txt
and redirects the output to a file named hash.txt
.
Verifying Hash Value:
This command checks the integrity of the file by verifying its hash value against the one stored in hash.txt
. If the file has been modified, this command will indicate a mismatch.
Task 3: Verifying Hash Values
- Modify the content of the
sample.txt
file. - Use the hashing algorithm to generate a new hash value for the modified content.
- Compare the new hash value with the one stored in
hash.txt
to verify the integrity of the file.
Modifying the Content of sample.txt
:
This command modifies the content of sample.txt
with a new text.
Generating a New Hash Value for the Modified Content:
This command uses the sha256sum
command to generate the SHA-256 hash value for the modified contents of sample.txt
and redirects the output to a new file named new_hash.txt
.
Comparing the New Hash Value with the Original Hash Value:
This command uses the diff
command with the -s
option to show the differences between the two hash files (hash.txt
and new_hash.txt
). If the content of sample.txt
was modified, this command should indicate a mismatch between the original hash and the new hash.
Alternatively, you can also use the following command to directly compare the hash values:
This command uses cmp
to compare the contents of hash.txt
and new_hash.txt
. If they match, it prints “File integrity verified”; otherwise, it prints “File has been modified.”
Part 2: Electronic Signatures
Task 4: Introduction to Digital Signatures
- Read the theory: Electronic Signatures
Task 5: Creating Electronic Signatures
- Use OpenSSL to generate a private key (
private.pem
) and a corresponding public key (public.pem
). - Create a digital signature for the
sample.txt
file using the private key. - Save the digital signature in a separate file (e.g.,
signature.txt
).
Generating a Private Key and Corresponding Public Key:
The first command generates a private key (private.pem
) using the RSA algorithm, and the second command extracts the corresponding public key (public.pem
) from the private key.
Creating a Digital Signature for sample.txt
using the Private Key:
This command uses the openssl dgst
command to create a digital signature (signature.txt
) for the contents of sample.txt
using the SHA-256 hash algorithm and the private key (private.pem
).
Now, you have a digital signature saved in the signature.txt
file.
Task 6: Verifying Electronic Signatures
- Modify the content of the
sample.txt
file. - Use OpenSSL to verify the digital signature using the public key and the modified content.
- Document the results and ensure that the verification fails for the modified file.
Modifying the Content of sample.txt
:
This command modifies the content of sample.txt
with a new text.
Verifying the Digital Signature using the Public Key and Modified Content:
This command uses the openssl dgst
command with the -verify
option to verify the digital signature (signature.txt
) against the modified contents of sample.txt
using the public key (public.pem
). If the verification fails (which it should after modifying the file), OpenSSL will output a message indicating the failure.
After running the verification command, document the results and confirm that the verification fails for the modified file. The output should indicate that the signature is not valid for the given data.
This process simulates the scenario where the content of the file has been tampered with, and the digital signature verification fails as a result.
Submission Guidelines
- Submit a report that includes:
- A detailed explanation of the tasks performed.
- Screenshots or command line snippets for each task.
- Reflection on the importance of hashing and digital signatures in ensuring data integrity and authenticity.