Secret-Key Encryption and Cryptographic Analysis

Project Overview

This project provides a practical exploration of secret-key cryptography concepts through hands-on implementation and experimentation. It focuses on applying the Advanced Encryption Standard (AES) using multiple encryption modes and analyzing their security properties. In addition, the project includes a Java-based cryptographic program designed to identify an encryption key through brute-force techniques using known plaintext and ciphertext.

The project was completed as part of the CS334 - Information Security course and is based on exercises from the SEED Labs environment, emphasizing real-world cryptographic practices rather than purely theoretical concepts.

Why Secret-Key Cryptography Matters

• Data confidentiality: Protects sensitive information from unauthorized access.
• Security analysis: Highlights weaknesses in insecure encryption modes such as ECB.
• Real-world relevance: Forms the foundation of secure communication systems.
• Hands-on learning: Bridges the gap between cryptographic theory and implementation.

Encryption Algorithms and Modes

This project implements AES encryption using the following modes:

• CBC (Cipher Block Chaining)
• CFB (Cipher Feedback)
• CTR (Counter Mode)
• ECB (Electronic Code Book)

Each mode was applied to encrypt and decrypt plaintext files to verify correctness and observe behavioral differences between modes.

ECB vs CBC Image Encryption

To demonstrate encryption weaknesses visually, an image file was encrypted using both ECB and CBC modes:

• ECB Mode: Reveals visual patterns from the original image, making it unsuitable for encrypting visual data.
• CBC Mode: Effectively hides patterns and provides stronger confidentiality.

This comparison highlights why ECB is considered insecure for most real-world applications.

Cryptographic Programming (Java)

A Java program was developed using the Crypto library to determine an encryption key through brute-force search. Given both plaintext and ciphertext, the program systematically tested candidate keys until the correct key was identified.

This task demonstrates:

• Practical use of cryptographic libraries
• Key-search attacks
• Secure programming concepts in Java

Tools and Technologies

• Ubuntu (SEED Virtual Machine)
• OpenSSL
• Java Crypto Library
• VirtualBox

Challenges and Issues Encountered

During the implementation of this project, several technical challenges were encountered, primarily related to the virtual environment setup and configuration:

• Network Configuration (NAT):
  The Network Adapter option was initially unavailable during VM creation and required additional configuration to enable networking.
• Virtual Machine Aborted Error:
  The virtual machine aborted unexpectedly upon startup. This issue was resolved by adjusting the system and display settings in VirtualBox.
• Graphics Controller Compatibility:
  Display issues were resolved by switching the graphics controller from VMSVGA to VBoxVGA.

Overcoming these issues provided valuable experience in troubleshooting virtual environments and emphasized the importance of proper system configuration when working with security labs.

Conclusion

Through this project, I gained hands-on experience with AES encryption modes, their security implications, and cryptographic programming techniques. The experiments demonstrated how design choices in encryption modes directly affect security, particularly for visual data. Additionally, the Java implementation provided insight into key-search attacks and real-world cryptographic workflows.

References

• https://github.com/li-xin-yi/seedlab/blob/master/Secret-Key-Encryption/README.MD
• https://youtu.be/9ZG3i-iypAM
• https://youtu.be/ViQA-4IL_rQ
• https://youtu.be/Y_w8ZEl6fOI