Elfcryption

Encryption

Symmetric Encryption

Symmetric encryption is where we use the same key to encrypt and decrypt data.

We can use gpg to encrypt a file, using the command gpg -c file.txt and typing the password when prompted, creating the file file.txt.gpg. This file is encrypted and the data is all scrambled. GPG uses the AES algorithm to encrypt the files.

Once encrypted, to decrypt the file we use the command gpg -d file.txt.gpg and type the password (key) used to encrypt it.

To check the integrity of a file, we can see it hash value with md5sum file.txt. If the hash value is different from the one when the file was first created, it means the file was modified, if not it means it is the original file.

Asymmetric Encryption

Asymmetric Encryption uses a public and a private key. If we encrypt data with someone else's public key, it can only be decrypted with that persons private key.

SSH key uses public and private keys. We generate a private key, and with that we have a public key generated also. The we place our public key onto the server, then when we want to SSH into a machine, we use our private key to authenticate ourselves as if the server can successfully decrypt our message with the public key.

So, if we use a public key to encrypt a message, it can only be decrypted with our private key. If we use a private key to encrypt a message, it can only be decrypted with our public key.

To generate a private key we use the following command (8912 creates the key 8912 bits long):

openssl genrsa -aes256 -out private.key 8912

To generate a public key we use our previously generated private key:

openssl rsa -in private.key -pubout -out public.key

Lets now encrypt a file (plaintext.txt) using our public key:

openssl rsautl -encrypt -pubin -inkey public.key -in plaintext.txt -out encrypted.txt

Now, if we use our private key, we can decrypt the file and get the original message:

openssl rsautl -decrypt -inkey private.key -in encrypted.txt -out plaintext.txt