In this section, we learn about encryption algorithms. For this practical assignment, we will put them to use using OpenSSL in our Astro accounts. You will need to work with your case study group in order to complete this three part exercise. One of you will need to create directory in your Astro home, and use the CHMOD command to give access to the directory to your other group members, where you will share the encrypted files and keys.
Part One: Using OpenSSL to work with synchronous encryption algorithms
In this exercise, we will use OpenSSL on Astro to encrypt/decrypt files using some of the protocols we learned about.
To begin, log in to your Astro account using an SSH client of your choice, and complete the following steps (adopted from http://users.dcc.uchile.cl/~pcamacho/tutorial/crypto/openssl/openssl_intro.html#htoc1)
- Use the openssl version command to determine which version of OpenSSL is being used on Astro.
- What version of OpenSSL is being used on Astro? Are there any concerns or issues with this version?
- Take a look at the various commands available using openssl list-standard-commands
- Research and explain the following commands:
- enc
- password
- rand
- Research and explain the following commands:
- Lets take a look at the various encryption algorithms available using the openssl list-cipher-commands command.
- Which of these do you recognize from this unit?
- There are many types of files we may want to encrypt… the base64 algorthm is not really an encryption algorithm, but is included in OpenSSL since it allows us to encode any file as a binary, which we can then encrypt. If working with text files, this is not always necessary, but we will use this command in this exercise to familiarize ourselves with its use.
- First, use Google to find a Haiku poem you like—or create your own.
- Next, use VI to create a text file using the Haiku poem you chose.
- Use the Base64 command to encode the file as binary: openssl enc –base64 -in yourfile.txt –out yourfile.bin
- What are the contents of this file? (copy/paste into your answers).
- Now that we have our encoded file, we will encrypt this file. Use the following command to encrypt the file using the AES algorithm: openssl enc –aes-256-cbc –in yourfile.bin –out youruserid.cipher (when asked, use your Temple userID as the password, as well as the filename).
- What are the contents of this file? Has it been encrypted?
- Place your encrypted in the shared class directory on Astro, where another student will attempt to decrypt your file.
- Copy another student’s file to your home directory, and attempt to decrypt the file: openssl enc –aes-256-cbc –d –in theirfile.cipher –out theirfile.bin –pass pass:theirpass (the password and file name should be the other student’s userID).
- What are the contents of this file? Did the other student encode to base64
8. Finally, you can decode the base64 encoded file using the following command: openssl enc -base64 -d -in theirfile.bin -out theirfile.txt
a. What are the contents of the file? Did it work? If not, why do you suppose it failed (you may need to contact the other student to do some troubleshooting).9.
Turn in your answers from the questions above.
- What are the contents of this file? Did the other student encode to base64