Labels

new blog 2.0

2009/11/01

Network Security with OpenSSL - exercises.

Set of exercises to the book of Network Security with OpenSSL by J. Viega, M. Messier, P. Chandra.
  1. Explain the following terms: SSL, TLS, CA, CRL, OCSP, PKI, PRNG
  2. List goals of cryptography.
  3. What is the difference between symmetric and public key encryption?
  4. List three cryptographic hash functions. What are their strengths and weaknesses?
  5. Explain what the term "digital signature" means.
  6. What are the challenges of SSL?
  7. Build OpenSSL from source.
  8. Use openssl to compute SHA1 and MD5 message digests for a given file.
  9. Encrypt and decrypt a file using 3DES.
  10. Generate parameters for Diffie-Hellman key exchange.
  11. Create a pair of DSA and RSA keys.
  12. What is the major difference between RSA and DSA?
  13. Explain the purpose of a CRL.
  14. What are Certificate extensions and how to use them?
  15. Do some research about OCSP (RFC2560)
  16. Create a CA environment.
  17. Generate a self signed certificate.
  18. Generate a certificate request.
  19. Issue a few certificates from certificate requests.
  20. Revoke some of the generated certificates.
  21. Retrieve HTTPS certificates of some of the Internet giants, e.g.
    $ echo|openssl s_client -connect www.google.com:443|\
    sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' > cert.txt
  22. Print the certificate in the text form
    $ cat cert.txt|openssl x509 -text