Project Phase Ib

CSCI 4830 - Network Security - Fall 2003

Project Phase Ib

Due: Nov 25th, 2003

This is the 2nd part of Phase I of the project. Phase II (which we've already seen) is the completion. This exercise is just to get you to figure out the basics of the OpenSSL commands we'll be using.

I will give you a test message and you have to verify the signature on it and decrypt it. This is one of the steps that your main project will be doing, so learning how to do this now is progress toward that goal.

We already have see the project description. So we'll start with a sample message which was sent from John Black (a user in our system who has a cert signed by the CA) to someone named "Test User".

Your job is to do the following:

Verify that this message is properly signed by John Black. To do this, you'll need my certificate.
Get the session password from the message. To do this, you'll need both the private key of the Test User and his password, which is "csci4830".
Decrypt the message using that password you obtained above.

It would probably be helpful for you to see what OpenSSL commands I used to generate the test message. So here they are.

What to hand in

Hand in a print out showing that you have verified the signature on both my cert and on the message. State what the session password was. And show the decrypted message.

Also, you must show each OpenSSL command you used along the way, and explain what each one is doing.