In this assignment, you will use Cryptool to generate encryption keys (if you deleted your earlier one, you will need to generate another one), sign a document, verify a signature, and extract a signature. Before we continue, let's recap how a signature works. A document has a unique hashed value. The hash value can be encrypted with an individual's private key to tie the document to the holder of the private key. The encrypted hashed value is called signing a document.
To start this exercise, open Cryptool (installed in Week 2). Click on File and Open. In the open window, type the following message: “It is a great day at DeVry University.” Click on Digital Signature/PKI from the menu bar. Select Generate/Import keys. In the pop-up window, select RSA and complete the User Data portion on the right panel. Select a PIN. I recommend “1234” for now. Click on Generate new key pair at the bottom of the screen. You will receive a message that the keys were generated successfully. Close any open windows except the windows with our message: “It is a great day at DeVry University.” Now, select SHA-1 (160 bits) for hash function and choose RSA for signature algorithm and now select your key pair from the bottom pane. Remember to enter your PIN (1234). The digital signature will be displayed in another window. Capture this screen and paste it in the Week4_Template.
Leave the signature page and click on Digital Signature/PKI and click on Verify Signature. Select the key pair and click on Verify Signature. You will get a message that the signatures are correct. They have to be because we just created the signatures. Capture the Signature Verification page and paste it in your Week4_Template. Now click on Digital Signatures/PKI and Click on Extract a Signature. A pop-up window will be displayed with the extracted signature. The signature and the signed message are displayed. Capture the page and paste it in the Week4_Template. Close all open Windows.
Now, create a text file in your document folder on your PC (save it as MYTEST.txt). This text document can contain any you would like and can be created using Notepad. Back to Cryptool, click on Digital Signatures/PKI. Select Signature Demonstration. The pop-up will contain a diagram of a schematic of the digital signature process. Click on Open document. Select the text document you created earlier. Click on Select Hash function. Choose SHA-1 and then click on OK. Click on Compute hash value and click on Hash value. The hash value of your file will be displayed at the bottom of the window. Now click on Generate key. Click on Generate Primes (accept default values) and Accept Primes. Click on Store Key. Now click on Encrypt Hash Value. Click on Encrypted Hash value. The Encrypted Hash value will be displayed at the bottom of the window. Now you are going to click on Provide Certificate. Enter your first and last name and a PIN (confirm the PIN). Click on Generate Signature. The signature will be displayed at the bottom of the window. Now click on Store signature. Capture the display screen and paste it in your Week4_Template. Click OK and close Cryptool.
2. Signature Verification Screen Capture
3. Extracted Signature Screen Capture
4. Stored Signature Screen Capture