cs458 - Information Security -Homework #2


The purpose of this homework is to give you a chance to get familiar with using public-key cryptography and encrypt/decrypt files. You may find this very handy when exchanging -- securely -- files with a business partner, or for protecting sensitive content on your disk drive.

Here is what you have to do:

  • Download and install GnuPG, free software, from www.gnupg.org
  • Run the executable (gpg) and generate a pair of public/private keys that will be stored under a directory called .gnupg in your home directory:
    • Make sure you select a key type that allows you to encrypt and sign
    • The key size must be at least 2048 bits
    • The email address you use should be your official IIT student email
    • Choose a passphrase
  • Once you're done generating your keys, do the following:
    • Add your instructor's public key (see below) to your keyring
    • Export your public key in ASCII format

NOTE: You can find GnuPG documentation at http://www.gnupg.org/documentation/.

Part (i), 50 points: Create a plain text file (named firstName-lastName-HW2-part-i.txt) that has three parts:

  • Your favorite poem (could be Shakespeare, a modern poet, a Haiku or some other form of poetry, it is ok with me either way); however, please don't give me what comes at the top of your Google search, chances are I've already seen it a number of times and have no patience to see it again. Be yourself, don't just try to knock this assignment off! Here is a list of poetry you should avoid in your submission. (10 points)
  • Your (ASCII) public key (20 points)
  • A link to your public key on MIT's Public Key Server (20 points)

Encrypt the file (ASCII armor) and send it by email to your instructor.

NOTE: In addition to posting your public key to a key server you may want to make it available in your web page.

Part (ii), 50 points:

Create a plain text file, named firstName-lastName-HW2-part-ii.txt, that includes:

  • Explain why choosing a passphrase for your private key is very important
  • Explain why just encrypting the file you sent your instructor in step (i) might not be enough to protect confidentiality, integrity, and availability.
  • An explanation of what you found hard about getting this assignment done.

Encrypt and sign the file and send it by email to your instructor.

You should complete this part within 24 hours from completing part (i).


Here is your instructor's public key, you can also find it on MIT's key server.

-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: GnuPG v1.4.6 (GNU/Linux)

mQGiBEc6dVIRBACgU4rxGnWFlBVO+qJodGdZ0beILw+tmju8k4UwoKxXBa6thdAy
a8xy6rfx+ORLjridsI9HT42RKDhgRigbXnt48u6vYXQdjBXXPI96AAUzleqlESfA
/Kw7Wb3mu6aBWIBUc7E8/QIHfmA+HnPR0szaD7Rpd3W72EQ0loTKtCuefwCgj+4u
CkQtggV4j9fYJYBtRcPwx50D/0BKheW+50nU7Z6z2UL/ZoXONTjx4+x6FjS/NUq0
HVeIRQ6fKDU2fPjKH2xDVj0RrCIaKDFXy/CBfOM57Yn2sAEAzLpSMmxq2qV3j/zT
wrgi6s+BM0xqDqopBQxt936AO9lNwCGKJTf8V2Jf9G0s6E3fG/mpUYWgEzPI0yzo
0HXpA/9o4CuaPqAKHyxIadN3Y9zcd6D6duzTKhc+kTSWpUoD32HqdeQnJVnTjkgd
eFNPhyF7w4RMEuZcc72SDU3cUjxqkiZ1vhU0DvvykI3fBghPbMiLW0yLJ7/ja1pN
S0/B2ckaCiwP8V2rKVvcx9y6tqvoe0wo4JweAn4V7P8r2VxhWLQ3VmlyZ2lsIEJp
c3RyaWNlYW51ICh0aGVTbGVlcGxlc3MpIDxiaXN0cmljZWFudUBpaXQuZWR1Pohg
BBMRAgAgBQJHOnVSAhsDBgsJCAcDAgQVAggDBBYCAwECHgECF4AACgkQDviO1WSs
9g0obACdHUfT6c2VTJ8deCMH2CGhJe6CulAAn3nc8P8htEvWLvsTWICbXa0LG73T
uQINBEc6dWIQCAC64MUxVKGBHXFnFTFWDgH3msvlkeBgF60LIsaCYxzwAWxi4cu0
edQ09mF+SnppJ5LLTPU5TJQH2pHoleMMcZcN2RQVrXpI4bkiHs2zqNpUfl6ohDSL
A06iPkY9qOiRsP5nFN/TW936xzPS8j5S+xhg/uagG06MopRqngpScooG4qJ1g22T
AYluciLISutuFjMMWXdMzffUYFFEYT/tRTyEZ7BWBbWGuDyR2t7UPXVS1q9cWN1s
B6NjgLm1MmzN59A/mRXi2Kf1+i87eumRk1+HAY1vq395YcBl7h4SStbRz1zfqgRJ
K+0J2sHHSuwP452zny9ubr7lof2qAffRszUbAAMFB/sG+F8KQhAkkKz9Xb56sMNR
9uZjUQVdTdusno8PQbZJeXqKhKZuYwOVP0wOIdxFj+yKgPy5d1sH4q9OBbK0epJu
pBYJdOyKVfMLgN9d1+VL7DgYY2ZjM+OuN3PmjpwbeDU/L8NgdXlK8vzOjguGEXA7
hijJNtDj6Q+KtXIciUGF66dsEhXgSAOCo6aS3om6DOXt6HoSJ7JNLZydM8ZSabhH
pAald7A1/Gpr/f0P/vj943akEWWnAp0cxkKU7T9pD8bOyejwOpvjzJzBce7okjrU
HIK+cDmvXv7VySj0EsWvYpM++ut0Nx1qhO2IbJzZk+jzQlKaeXAaiSeFSOkSKoMI
iEkEGBECAAkFAkc6dWICGwwACgkQDviO1WSs9g1gUQCfTI9JfDR1kBIu2ZZTQeYj
+XAXOBwAn0gnzS7D18QNbP2a7lUFLKkdfu6d
=ihFR
-----END PGP PUBLIC KEY BLOCK-----


$Id: hw2.html,v 1.1 2012/08/26 03:44:22 virgil Exp $