Cryptography

Symmetric vs. Public

  • Cryptography
  • Standard Encryption Methods
  • Algorithm and Key

Symmetric-key Cryptography

  • Data Encryption Standard (DES)
  • Advanced Encryption Standard (AES)
  • Triple-DES
  • International Data Encryption Algorithm (IDEA)
  • Blowfish, Twofish, CAST5, TIGER

DES

  • 1977 National Security Agency, USA
  • 56 bit key (8 ASCII characters)
  • 64 bit block
  • 16 rounds Feistel function (F function)

Unix Password and DES

  • (Password + Salt)==(key&text) -> Encrypted Password
  • see (Basc Authentication)
  • PUxTsbPmLPw5s -> salt="PU":
       >>> import crypt
       >>> crypt.crypt('12345678', 'PU')
       'PUxTsbPmLPw5s'
    

How to use DES encryption on Mac OS X

  • Use openssl
  • Which is installed in /usr/bin/openssl
  • Create some plain text (plain.txt)
  • openssl enc -des -in plain.txt -out des.dat
    • Prompted for the symmetric key (password)
  • openssl enc -des -d -in des.dat

Try Other Symmetric encryption

  • Issue unknown command for openssl and get cipher commands
  • aes128, aes192, aes256, bf, cast, cast5, des3, rc2, rc5

Message Digest / Hash

  • Like DES password, one-way encryption
  • For long message, short and (almost) uniq value
  • MD5
  • SHA1
  • MD4, MD6, SHA0, SHA2(family) etc.

Try Hash

  • MD5:
       $ md5 plain.txt
       MD5 (plain.txt) = 37dc0b726db8aba5c32f256719894fa5
    
       $ openssl dgst -md5 plain.txt 
       MD5(plain.txt)= 37dc0b726db8aba5c32f256719894fa5
    
  • SHA1:
       $ openssl dgst -sha1 plain.txt 
       SHA1(plain.txt)= 03172a67a9770f970e7d74af06cdb6903d5a91f2
    

Public-key Cryptography

RSA

RSA Key by OpenSSL

  • Key generation:
       $ openssl genrsa -out key.pem
    
  • Public key extract:
       $ openssl rsa -in key.pem -pubout -out pubkey.pem
    

Encrypt/Decrypt

  • Encryption:
       $ openssl rsautl -encrypt -pubin -inkey pubkey.pem -in plain.txt -out rsa.dat
    
  • Decrypton:
       $ openssl rsautl -decrypt -inkey key.pem -in rsa.dat
    

Sign

  • Sign:
       $ openssl rsautl -sign -inkey key.pem -in plain.txt -out sign.dat
    
  • Verify:
       $ openssl rsautl -verify -pubin -inkey pubkey.pem -in sign.dat
    

Pretty Good Privacy (PGP/OpenPGP/GnuPG)

Quiz of the Day

  • Which key do you use to do followings, private key or public key ?
  • Encrypt a message
  • Decrypt the encrypted message
  • Sign a message
  • Verify the signature