Arvutiteaduse instituut
  1. Kursused
  2. 2024/25 sügis
  3. Infoturve (MTAT.07.028)
EN
Logi sisse

Infoturve 2024/25 sügis

  • Home
  • Lectures & labs
  • Homework & course rules
  • Terminology
  • Exam
  • Links

Deadline for submitting the solutions is on the 10th of November.

Lab2: secure communication

Table of contents

  • Overview of the lab
  • Setting up the lab environment
  • 1. TLS connection details
    • TLS task (2p)
  • 2. Overview of Signal
    • Signal task (1p)
    • Alternative Signal task (1p)
  • 3. Using DigiDoc4 for transport level encryption
    • DigiDoc4 task (2p)
  • 4. Syncing files with Syncthing
    • Syncthing task (2p)
  • 5. Security of email exchange - reading task
  • Ending the lab
  • Further reading

Overview of the lab

One of the aims of this lab is to introduce the students to the real life usage of public key cryptography. We will try out tools that use end-to-end encryption for messaging and for synchronizing files between multiple computers.

There are four main tasks in the lab. First, you will have to find information about a TLS connection and server certificate. This illustrates how public key cryptography is used in practice.

The second task is about trying out the Signal messaging application. Signal has one of the most secure implementations of end-to-end encryption while being easily usable. The cryptography used in Signal is designed by cryptographers and Signal is a non-commercial product. Being non-commercial and open source is a significant advantage compared to the other mainstream communication applications like WhatsApp and Facebook Messenger. This makes it possible for security researchers and for the community to audit the source code and check that it does not contain vulnerabilities and backdoors.

The third task is about the Estonian DigiDoc4 encryption software, which uses hybrid encryption and makes it possible to encrypt data to organisations and people in Estonia.

The fourth task and the main task of the lab is to use Syncthing for synchronizing files. Syncthing makes it possible to synchronize files between different computers over a direct TLS connection that does not rely on a server or cloud service. Thus, the files that are synchronized are not leaked to a cloud service provider.

The final task is to read about the security of email exchange.

Setting up the lab environment

Instructions for setting up the lab environment: https://courses.cs.ut.ee/2024/infsec/fall/Main/LabConfiguration.

1. TLS connection details

Find out how the TLS connection is setup between your browser and https://uttv.ee website. Check whether the server that is hosting uttv.ee website uses proper TLS configuration. In addition, find and read the certificate issued to uttv.ee.

Tools:

  • Google Chrome
  • SSL/TLS Capabilities of Your Browser
  • SSL Server Test
  • Burp Suite Community Edition

TLS task (2p)

You are given a template_file.txt that you will have to fill with correct answers. Right click the link and select Save As. The file type must not be changed! The answers must be precise and follow the requirements as the grading is done automatically. The square brackets instruct which format to use when writing down the answers. The answers have to be written into the square brackets. For example, in case of [Number], we expect a numeric value and no other text. YYYY:MM:DD refers to year, month, and date, for example 2021:01:20. The slashes denote options out of which one has to be chosen. Strictly follow the instructions, do not write sentences to the solution file!

Find the following information:

  1. What is the common name of the certificate authority who issued the certificate for uttv.ee? [Name]
  2. When will the certificate expire? [YYYY:MM:DD]
  3. Which TLS version is negotiated and used between your browser and the server? [TLS1.1 / TLS1.2 / TLS1.3]
  4. Is forward secrecy used? [YES / NO]
  5. Which symmetric encryption algorithm is used to encrypt the communication? [Algorithm name]
  6. Which public key encryption algorithm is used to negotiate the session key? [Algorithm name]
  7. What is the length of the public key for uttv.ee? [Number]
  8. Which grade does https://www.ssllabs.com/ssltest/ assign to uttv.ee? [Letter]

Enter the following information to the template file and submit the file as a solution.

Lahenduste esitamiseks peate olema sisse loginud ja kursusele registreerunud.

2. Overview of Signal

Signal is an open source messaging application that uses end-to-end encryption. It works on Android since version 4.0 and on iOS since version 9.0. Once Signal is activated on your phone you can also use a desktop client (it is supported on Windows, MacOS and on Debian based Linux distributions). You can get helpful information from Getting Started and Signal Security.

It is not possible to use the desktop application without having Signal on the phone. Before 2024 the only way to connect to Signal users was via their phone number, the phone number was an identifier of the user. This was also the main criticism of Signal. However, the situation changed in 2024 and now it is possible to pick a temporary username, which is used to initiate connections between users. Thus, now it is possible to use Signal without revealing your phone number.

In the past there have been also other important advancements that protect the privacy of Signal users. For example, cryptographic methods help the Signal application to identify other Signal users who are in the phone's contact list without revealing the contact list to Signal's servers. You can find more information about this method from the following blog post: Technology preview: Private contact discovery for Signal.

EFF has created helpful instructions for using Signal:

  • How to: Use Signal (2024)

Signal task (1p)

Use Signal to send end-to-end encrypted messages. This is part of the second homework. If you are not able (or do not want) to try out Signal, then an alternative task regarding Signal is provided when you scroll down the page.

  • Install Signal from Google Play / App Store.
  • New contact can be added either by using a username or by a phone number. You can add a new Signal contact directly from Signal by starting to write a new message to a username / phone number. If the phone number is already in the phones contact list, Signal automatically checks whether the number is linked to a Signal account. Therefore, you may see if anyone from your contact list is already using Signal. We are using a prepaid card that is only used for the homework task. Send a message to the information security Signal account (the lecturer will give the username or phone number for that account). The username is ⁨infsec24f.19⁩
  • Now you are able to send messages to the information security course Signal account. In case you have others Signal users in your contact list, you can now also communicate with them using end-to-end encrypted messages or calls.
  • To claim the homework points send a hello message to the test account. The message must contain either your name or pseudonym from this course as otherwise it is not possible to assign points.

Alternative Signal task (1p)

If you are not able (or do not want) to try out Signal, then as an alternative you can solve the following task. It is possible to get up to one point from the Signal task. We will not give two points in case both the practical and the theory task are solved.

  1. Signal protocol is considered cryptographically secure but there are still ways to break the privacy of the sent messages. One trivial way is to hack the corresponding phone to get access before the message is even encrypted (this applies to any communication device / tool / software). It may also be possible to attack the method, which connects identities to the encryption keys. Read the following text and based on that explain briefly how the message privacy of Signal messages could be attacked and what is needed for that attack.
    • Cybersecurity for the People: How to Keep Your Chats Truly Private With Signal
Lahenduste esitamiseks peate olema sisse loginud ja kursusele registreerunud.

Using Signal in practice

In case you plan to start using Signal it may be useful to also have a desktop client. However, in the past multiple security vulnerabilities have been found from the desktop implementation, which is build with the Electron framework. Due to being built with the Electron framework, some security people consider the desktop client implementation less secure compared to the phone application.

In order to activate your account of the desktop client, it has to be connected with the Signal application on the phone. This can be done by opening the Signal application on the phone and scanning the QR-code that is displayed in the desktop application. The QR-code scanning functionality can be found from Signal's settings.

Signal may have less functionalities compared to the mainstream communication applications. One of the reasons is the lack of resources for adding functionalities but the other reason is the consideration of security. For example, it is non-trivial to synchronize messages across different devices as each Signal application has its own cryptographic keys and there are protective measures to protect the exchanged messages.

3. Using DigiDoc4 to encrypt data for transport

The ID-card lecture materials describe that it is possible to encrypt to the public key of an ID-card. It is important to understand that the encryption functionality provided by the ID-card software (DigiDoc4) is designed to allow data to be transported over an insecure communication channel like email. DigiDoc4 must not be used to encrypt data for long time storage as it can not guarantee that data can be decrypted if something happens with the ID-card that contains the decryption private key. If the chip is damaged, lost, or the keys on the card are replaced, it will no longer be possible to decrypt the data.

The first time when DigiDoc4 is executed, a short tutorial is displayed to the user. It also contains instructions for using the encryption functionality.

More detailed instruction can be found from the id.ee website: Encryption and decryption of documents.

The encryption functionality provided by DigiDoc4 is often used to protect the files that have to be delivered over email, which is considered to be an insecure channel. The files can be encrypted to prevent the contents of the files from being accessed by the email servers. If a CDOC file is attached to an email, the email server can only see that encrypted content is being transmitted. In addition, it is also not guaranteed that emails are transmitted over an encrypted channel as the usage of TLS depends on the configuration of both the sending and receiving server. More detailed information about the security of the email protocol is provided in the subsection Securing email exchange.

DigiDoc4 task (2p)

Your task is to try out the encryption functionality provided by DigiDoc4. We will only do the encryption part, testing the decryption is voluntary as it requires access to an ID-card /Digi-ID along with PIN1.

Encryption task:

  • Create a new text file (.txt) and use your pseudonym as the filename (you can see your pseudonym by viewing your profile in courses.cs.ut.ee).
  • Encrypt the text file with DigiDo4.
    • The recipient to whom the file should be encrypted is yourself. If you have an ID-card or a residence permit card, then it should be possible to encrypt files to your public key. Use your ID-code to search and download your public key. If you do not have a public key, ask the lecturer to whom to encrypt the file.
  • (Voluntary task to try out at home: if you have never used DigiDoc4 for encryption and decryption, try to decrypt the previously created CDOC file.
    • You will need a card reader, the smartcard to which the file was encrypted, and the corresponding PIN1.)
  • Make a screeshot of DigiDoc4, which displays the encrypted CDOC container.
  • If you wish, you may blur your ID-code and the file path (as shown in the illustration).
  • Submit the solution via the submission form. The solution must be either in png or jpg format. (2p)

Use the following submission form to submit the solution.

Lahenduste esitamiseks peate olema sisse loginud ja kursusele registreerunud.

4. Syncing files with Syncthing

Syncthing is an open-source tool that allows to syncronise files between different computers. The file exchange is end-to-end encrypted between the connected devices. This is done with the help of TLS.

Find the icon for Syncthing from the desktop and start the program. A terminal window filled with text pops up. In case you scroll up you will see your new Syncthing ID that was just generated for you.

Let's try to understand what just happened and how the configuration was created. Navigate to C:\Users\Hacker\AppData\Local\Syncthing to view the keys and certificates. By default the certificates use the .pem file extension, which Windows is not able to read. But it can read .cer files that actually use the same internal format. So make a copy of cert.pem and rename it to cert.crt, then double click the file to view the certificate details.

With syncthing running, open its GUI by using a browser and navigating to 127.0.0.1:8384. In case it asks for anonymous usage reporting, select No.

Syncthing task (2p)

Your task is to connect to the lab supervisor's syncthing and create a shared folder.

First lets rename the name of our device in Syncthing as the device name is shown to the communication parties. To change the device name go to the upper right side of the Syncthing window and click on the button named "Actions". Once the menu appears, click on "Settings". Replace the device name with your name and click "Save".

Supervisor's syncthing ID is provided here:

  • Kristjan's group: QIPGCXP-SIESB4A-2QQDD2K-AYP36KV-HBZS6MB-CUKWKAM-KGGYBYP-JK6NGQQ
  • Riivo's group: S35X3KH-NELC43L-5CYYCL6-PC53WB4-5BN5CGO-JWG7D5H-QOWNUID-GIIRCAE

Copy the supervisor's syncthing ID and use it to create a connection. To do that click on the button that has the name "+Add Remote Device".

Now, fill in the required fields: Device ID and Device Name. You got supervisor's Device ID from the list above. You can choose yourself how to name the supervisor's device.

For the connection to be established the supervisor has to accept the connection request.

Once the connection has been established you should see a similar view to the one shown on the image below.

The next task is to create a new folder that can be shared. Each student creates a new shared folder and names it according to their pseudonym.

To share a folder click on the "+Add Folder" button and follow the aforementioned naming convention (shared folder name should be your pseudonym).

Now, share the newly created folder with supervisor's device. To do that click on the supervisor's device name on the list of remote devices and find the edit button. Click the edit button, find sharing tab, and the unshared folders. Mark the folder that you wanted to share.

Next, open the shared folder and create/place a text file into it. By clicking on the folder name in syncthing, you can see the folder path. For the virtual machines that we use in the lab, the path should be C:\Users\Hacker\name_of_shared_folder.

Now open this folder with file explorer. You can create a regular text file (.txt, not .docx) with Notepad. The name of the text file must be your pseudonym and the contents of the file must contain your name. In case connection is established between your syncthing and lab supervisor's syncthing, the file is transmitted and the supervisor can issue the points for this task.

Lab supervisor's syncthing must be online as otherwise it is not possible to establish connection. In case you are not able to connect after waiting a few minutes make a screenshot of the syncthing window. The screenshot must show the name of your shared folder and the short ID of supervisor's device. In case you were not able to share the file with the supervisor's device, submit the screenshot as a partial solution of this task.

Otherwise, if you succeeded, still make a screenshot of the syncthing window. Submit the screenshot of the browser window displaying a successfully shared folder as a solution.

Lahenduste esitamiseks peate olema sisse loginud ja kursusele registreerunud.

If you have reached this point, the mandatory practical tasks have been solved. However, we ask you to read the overview about the security of email exchange. That information may be included when creating the exam questions.

5. Security of email exchange -- reading task

The fifth and final task is to read about the (in)security of email exchange. The text also gives a short overview of how PGP could be used in Thunderbird to encrypt emails. Unfortunately very few people use PGP, which means that for regular people it does not have practical value. It is not sufficient for you to use PGP if the people who you send emails to are not using PGP as to encrypt and decrypt emails both communication parties would have to use PGP.

The following reading materials meant to be informative, you do not have to remember the acronyms and details. However, try to understand and remember what are the security issues with emails.

The reading material about email security:

  • Email security and encrypting emails with PGP

Finishing the lab - remove the virtual machine

In case you were able to successfully complete the PGP task, you can close and remove the virtual machine. However, if you installed the virtual machine to your own computer, it would be good to wait for the instructors confirmation that the email was received before removing the virtual machine.

  • Close the virtual machine: open the Start menu and select "Power" -> "Shut down".
  • Next, remove the previously imported virtual machine from the main VirtualBoxi window. To do that, right click on the name of the virtual machine and select "Remove...".

From the dialog window select "Delete all files".

  • Finally, make sure that you log out of the lab computer. We will give minus points to the students who leave the computer class without logging out from their accounts.
  • In case you are solving the tasks on your own computer, you can now also remove the .ova file from your own computer (the file, which you used to import the virtual machine).

Further reading

  • Relevant papers
    • Neither Snow Nor Rain Nor MITM ... An Empirical Analysis of Email Delivery Security (2015)
    • SoK: Securing Email—A Stakeholder-Based Analysis, Youtube video of the presentation (2021)
  • PGP
    • Why I Wrote PGP (1999)
    • Encrypted e-mail: How much annoyance will you tolerate to keep the NSA away? (2013)
    • Matthew Green: What's the matter with PGP? (2014)
  • Arvutiteaduse instituut
  • Loodus- ja täppisteaduste valdkond
  • Tartu Ülikool
Tehniliste probleemide või küsimuste korral kirjuta:

Kursuse sisu ja korralduslike küsimustega pöörduge kursuse korraldajate poole.
Õppematerjalide varalised autoriõigused kuuluvad Tartu Ülikoolile. Õppematerjalide kasutamine on lubatud autoriõiguse seaduses ettenähtud teose vaba kasutamise eesmärkidel ja tingimustel. Õppematerjalide kasutamisel on kasutaja kohustatud viitama õppematerjalide autorile.
Õppematerjalide kasutamine muudel eesmärkidel on lubatud ainult Tartu Ülikooli eelneval kirjalikul nõusolekul.
Courses’i keskkonna kasutustingimused