CST 620 Project 1

profileManny4747
Enterprise_Key_Management_Systems_Lab.docx.pdf

Running head: Key Management Systems Lab 1

Starting off using Kleopatra the first thing I did was create a new key pair. Pictured here

I then filled out personal credentials to start the key pair creation.

After I created a passphrase which is used to create my key.

Running head: Key Management Systems Lab 1

I repeated these steps for 5 user names.

The first step in encrypting was creating a text file and then clicking on sign and the encryption is

complete.

Running head: Key Management Systems Lab 1

Running head: Key Management Systems Lab 1

In the new file there was a message stating that I do not know who encrypted the file because it was not

signed. Is the only difference I notice.

Running head: Key Management Systems Lab 1

The signature is valid and trusted. What can you infer from this process?

I can infer that this is a very safe, quick and secure way to decrypt files.

Running head: Key Management Systems Lab 1

Did the CST620-msg.txt and CST620-original-msg.txt files match?

A: Yes the files did match, the only difference I noticed was the CST620-original-msg.txt could not be

verified.

Running head: Key Management Systems Lab 1

How do you encrypt and decrypt a message using a certificate?

A: To encrypt and decrypt a message using a certificate a txt file has to be created, and then from

Kleopatra open of file selecting encrypt with a specific username. To decrypt the file that was just

encrypted. There is a new file created and via Kleopatra select decrypt that certain file and enter the

preset paraphrase that was previously created.

Did the CST620-msg-dsg.txt and CST620-original-msg-dsg.txt files match?

A: Yes they matched, only thing that was different was the verification.

How do you sign a message? Why would you?

A: In order to do so you create a text file and in Kleopatra select sign as option and encryption options.

Once this is done you can enter the paraphrase that was created. You use digital signatures to provide

a way to verify a message came from its owner.

What happens when you try to decrypt an encrypted message with the wrong key or certificate?

A: When trying to decrypt an encrypted message with the wrong key or certificate an error message is

given which tells the correct key has not been given, and the file is not decrypted.

Running head: Key Management Systems Lab 1

How can you verify a message has not been altered or tampered with?

A: To verify a message has not been altered with you can try and open a txt file from notepad and try

and decrypt it. If the file can be decrypted, then the file has not been tampered with. However, if you

cannot open the file it has been tampered with.

What happens when a message is altered in transit before getting to its destination, such as in a man-

in-the-middle attack?

A: By tampering with an encrypted message, you will not be able to decrypt the message because the

digital signature will not be recognized.

I can say that the public key is secured and it initiates the beginning and ending of the public keys.

Running head: Key Management Systems Lab 1

The private key is a little longer then the public key. Under probrties the private key is almost double

the size of the public key.

Why would you change the expiry date for a certificate?

A: The reason to change the expiry date of a certificate is defined by the data. If the data is extremely

sensitive, the data should be moved accordingly.

Running head: Key Management Systems Lab 1

What happens when you try to use the wrong passcode?

A: When entering the wrong passcode an error message will be given.

How often would you recommend changing a passphrase and why?

A: I would change a passphrase every 90 days because that is enough time to remove frustration from a

user perspective, and hackers can easily discover passwords that are frequently kept.

What are some good ways to manage key pairs?

A: Good ways to manage key pairs are to store them in notepad text files encrypted. Also use a

combination of command-line options, configuration settings, and passphrase caching agents.

What are some good ways to manage certificates?

A: Some good ways to manage certificates are remove unused, unknown, and rogue certificates, and

diversify digital certificate vendors.