Decrypting a file encrypted on a different system

encryptionopenbsdopenssl

My home server runs OpenBSD 5.3 with Samba serving files to several Windows machines. I wrote a script to backup video files by encrypting each file with openssl enc -aes-256-cbc and uploading it to Amazon S3. To test one possible restore scenario, I tried running the script on a file, downloading the file to one of the Windows machines, and decrypting it using several programs advertised as decrypting AES-encrypted files, but they weren't able to decrypt it. Can a file encrypted by OpenSSL be decrypted only by OpenSSL? Can a file encrypted by OpenSSL on OpenBSD be decrypted only by OpenSSL on OpenBSD?

For the record, I had no problem downloading the file to my server and decrypting it using OpenSSL. However, I'm interested in knowing if my videos on S3 (quickly archived to Glacier) can remain accessible regardless of my choice of server setup.

Best Answer

AES-CBC-256 fully specifies an encryption algorithm and a decryption algorithm. Given a plaintext, a key and an IV, two implementations of AES-256-CBC encryption will produce the same ciphertext. Given a ciphertext, a key and an IV, two implementations of AES-256-CBC will produce the same plaintext.

The IV is a random string that is generated when you encrypt a messsage. If you encrypt the same data twice, you'll get different ciphertexts because the IV will be different. This is in part so that someone who can only see two ciphertexts with the same length cannot detect whether the ciphertexts are equal. Most tools prepend the IV to the ciphertext, so that all the data needed for decryption is in one place (except the key, of course).

The OpenSSL command line tool generates a file containing a 16-byte header, the IV, and the ciphertext. This format is specific to OpenSSL but does not depend on the platform.

OpenSSL's command line is intended more as a demo of the possibilities of the library than a production-grade command line tool. I don't recommend using it, it's too easy to make a mistake and either end up with non-recoverable data or insecure data. Also OpenSSL won't help you with key management.

Instead, use a tool that is intended to encrypt file. GPG is designed for this purpose. Generate a key pair, and then encrypt files with gpg -e your-gpg-id@example.com /path/to/file.

Related Question