PA5.2: Using OpenSSL to work with asynchronous encryption algorithms
In this exercise, we will use OpenSSL on Astro to encrypt/decrypt files using some of the protocols we learned about.
To begin, log in to your Astro account using an SSH client of your choice, and complete the following steps (adopted from http://users.dcc.uchile.cl/~pcamacho/tutorial/crypto/openssl/openssl_intro.html#htoc1)
- Use OpenSSL to generate a key pair:
- Use the command openssl genrsa -out key.pem 1024 to generate your key file.
- Take a look at the contents of the key file, and paste into your answers. Are there two keys here?
- We can also look at the details of the key file using the following command: openssl rsa -in key.pem -text –noout
- Explain what each section of this output means.
- Next, we will extract the private key using openssl rsa -in key.pem -des3 -out enc-key.pem
- Note that you will be asked for a password, since we are encrypting this key using 3DES. Why are we encrypting this key?
- Next, we will extract the public key using openssl rsa -in key.pem -pubout -out pub-key.pem
- Use the command openssl genrsa -out key.pem 1024 to generate your key file.
- Next, make a copy of your public key, naming is <userid>.pem, and place this in the shared class folder.
- Find another student’s public key, and copy to your home directory.
- You will now encrypt a file to send securely to another student:
- Create a file whose contents are the name a character from a work of fiction.
- Encrypt that file using the other student’s public key using the following command: openssl rsautl -encrypt -in yourfile.txt -inkey <their userid>.pem -pubin -out <their userid>_<your userid>.enc
- Copy the file to the shared class directory for this assignment
- Next, check the shared class directory for files left for your userid, which you will decrypt using your private key:
- Use this command to decrypt the file, using your private key: openssl rsautl -decrypt -inkey enc-key.pem -in <your userid>_<their userid>.enc -out decrypted.txt
- View the contents of your file.
- What are the contents? Did it work? (If not, repeat with another student, or contact another student and try resolving the issue).