Linux – OpenSSL and what encryption method to use

encryptionlinuxmacosopensslSecurity

I am on OS X 10.8.3, savvy with a command-line and I want to use OpenSSL to start encrypting sensitive information on my MacBook Pro

I know that I can use openSSL in a syntax like:

openssl enc -aes-256-ecb -in in.txt -out encrypted.txt

Can anyone explain what encryption type to use and why?

Also, Can I paste in a string to that openSSL command and get back an encrypted string to store in a file? (say a password list). Store each password encrypted in the text file and then encrypt the entire file as well.

I also assume that one can encrypt one way, then encrypt a second time using a different method for added protection.

if I encrypt this on OS X I also assume that I could decrypt it on Linux.

Best Answer

You need to pay attention to this points while crypting anything:

● Confidentiality
● Integrity
● Authenticity
● Non-repudiation
● Access control
● Difficulty compromise

Taking this as the base you shoud choose the method wich helps you the most. (Being an Asymetric cypher a great way of accommplish a lot of the above.[Use a private and a public key..])

Also Here's the GPG QuickStart Guide.

In the symetric ways there is AES(128, 192, 256 bits) and DES(64 bit per block)

Check this part of this OpenSSL Manual

As someone says above using GPG is a great Idea beacuse of the use of Assymetric Keys which is always safer than just Passwords in any access...

To get a list of Cipher methos you can use:

openssl list-cipher-commands

So for example an AES Cipher:

openssl enc -aes-256-cbc -salt -in file.txt -out file.enc

And to decrypt

openssl enc -d -aes-256-cbc -a -in file.enc

Still, you may have occasion to want to encrypt a file without having to build or use a key/certificate structure.

In the link there is the How do I base64-encode something? part and the How do I simply encrypt a file? part. Hope this can help you

For more info Dive onto Asymmetric key techniques and Symmetric-key

Here's the RFC for Determining Strengths For Public Keys Used For Exchanging Symmetric Keys

Hope this helps. Remember Always to read the manual of what you use.

Related Solutions

Linux – File encryption in a bash script without explicity providing password

reading man openssl (especially the section PASS PHRASE ARGUMENTS):

Several commands accept password arguments, typically using -passin 
and -passout for input and output passwords respectively. These allow
the password to be obtained from a variety of sources. Both of these
options take a single argument whose format is described below. If no
password argument is given and a password is required then the user is
prompted to enter one: this will typically be read from the current
terminal with echoing turned off.

   pass:password
             the actual password is password. Since the password is visible
             to utilities (like 'ps' under Unix) this form
             should only be used where security is not important.

   env:var   obtain the password from the environment variable var. Since 
             the environment of other processes is visible on
             certain platforms (e.g. ps under certain Unix OSes)
             this option should be used with caution.

   file:pathname
             the first line of pathname is the password. If the same 
             pathname argument is supplied to -passin and -passout
             arguments then the first line will be used for the input 
             password and the next line for the output password.
             pathname need not refer to a regular file: it could for 
             example refer to a device or named pipe.

   fd:number read the password from the file descriptor number. This 
             can be used to send the data via a pipe for example.

   stdin     read the password from standard input.

openssl enc accepts -pass <arg> ... so, pick your arg from the list given above. eg:

 echo -n "secret" | openssl enc -aes-256-cbc -salt \
        -in file1 -out file1.enc \
        -pass stdin

OpenSSL 3DES encrytion parameters

The Key and IV are derived from the password you specify, using an OpenSSL-specific algorithm that the OpenSSL team is not proud of. They keep it around for backward compatibility's sake, but they recommend that you use better password-based key derivation functions, such as PKCS's PBKDF2.

OpenSSL's bespoke key derivation algorithm is in the function EVP_BytesToKey(3).

Key:

-K key the actual key to use: this must be represented as a string comprised only of hex digits.

IV:

In cryptography, an initialization vector (IV) or starting variable (SV)[1] is a fixed-size input to a cryptographic primitive that is typically required to be random or pseudorandom.

So the IV is additional input used to encrypt the file. It is not the key (I guess it's just terminology).

2 A salt is an additional (prefix) to the key you specify. (see Wikipedia. It makes it impossible to use rainbow tables or precalculated hash tables on your key. The salt is usually stored unencrypted.

3 The output will be binary and will quite likely contain non-printable characters. Your terminal emulator will try to render those byte values as printable characters in its default character encoding and typeface, but they will probably look like "garbage text" and not be safe for copy/paste, FTP or email.

4 To decrypt an encrypted text, you need the Key and IV. If you don't have one or both of those, and the ones you're missing were derived from the Password, then if you have the Password, you can re-derive they missing Key and/or IV from the Password. You don't need the Salt, because you already have it; it's pre-pended to the beginning of the encrypted text. The Salt isn't really a secret, it's just a way to foil pre-computed hash tables and rainbow tables.

5 As defined in EVP_BytesToKey(3), if you use a password of "1" and --nosalt, the first 16 Bytes of your Key will be:

md5( D_0 || password || salt)

(note that in this context, || means concatenation, not logical or)

which is equivalent to

md5 ( `null` || "1" || `null`)

which is equivalent to

md5("1")

Which turns out to be

0xc4ca4238a0b923820dcc509a6f75849b

This value is what the man page calls D_1.

The remaining needed bytes of the Key and IV are generated like this:

md5( D_1 || password || salt)

which is equivalent to

md5( 0xC4CA4238A0B923820DCC509A6F75849B || "1" || `null` )

which is equivalent to

md5( 0xC4CA4238A0B923820DCC509A6F75849B31 )

(note that the ASCII "1" becomes 0x31 concatenated at the end of the D_1 value)

which turns out to be:

0x7976c7161415c830816dd4068a1d9a52

which is what that man page calls D_2.

The Key only needs 8 more bytes than D_1 already proved, so it takes the first 8 bytes of D_2 and becomes:

Key: C4CA4238A0B923820DCC509A6F75849B7976c7161415c830

The IV only needs 8 bytes, and since there are 8 unused bytes from D_2, they become the IV:

IV: 816dd4068a1d9a52

Here's a command-line to generate D_1, the first 16 bytes of the Key (given your example of password "1" and --nosalt):

echo -n "1" | openssl md5

Here's a command-line to generate D_2, the remaining 8 bytes of the Key, plus all 8 bytes of the IV (again, given your example inputs):

echo -n "$(echo -n "1" | openssl md5 -binary)1" | md5

This works by taking the output of D_1 (making sure to keep it in binary rather than translating it into ASCII-encoded hex digits), appending "1" (0x31) to it, and taking the md5 of that.

Best Answer

Related Solutions

Linux – File encryption in a bash script without explicity providing password

OpenSSL 3DES encrytion parameters

Related Question