all things encryption
links
RSA Key Extraction using sound
Please note the -nosalt option when using AES-256. A salt is random data that is sometimes used in cryptography functions to make the output more secure.
Encrypt a file using AES-256
openssl enc -aes-256-cbc -a -nosalt -in [input file] -out plaintext.enc
Decrypt a file using AES-256
openssl enc -aes-256-cbc -d -pbkdf2 -nosalt -in [input file] -out [output file]
Decrypt a file using an RSA private key
openssl rsautl -decrypt -inkey [private key file] -in [input file] -out [output file]
Decrypt a file using RC4
openssl enc -rc4 -d -pbkdf2 -nosalt -in [input file] -out [output file]
Decrypt a file using Triple DES
openssl enc -des-ede3-cbc -d -pbkdf2 -nosalt -in [input file] -out [output file]
Encryption algorithms
There are a wide range of encryption algorithms used in modern computing. The following sections introduce some of the more common symmetric key and public key algorithms.
Symmetric key
DES
The Data Encryption Standard (DES) is a symmetric key algorithm developed by IBM in the 1970s. With its short key length of 56 bits — DES it is not secure by today’s standards, however, it does provide the foundation for a much more secure encryption algorithm.
3DES
Triple DES (or 3DES) is a symmetric key cipher that applies the DES algorithm three times to each block of data. By using three 56-bit keys, the problems associated with using a single short key are mitigated. Although 3DES has been used by many applications including Microsoft Office and Mozilla Firefox, in July 2017 The National Institute of Standards and Technology (NIST) proposed to retire 3DES, suggesting AES as an alternative solution.
AES
The Advanced Encryption Standard (AES) was established by NIST in 2001. AES refers to three different block ciphers: AES-128, AES-192 and AES-256. The number denotes the size of the key used by each implementation. AES is considered faster and more secure than 3DES and can be used on a wide range of low-power devices.
Public key
RSA
Rivest-Shamir-Adleman (RSA) is an asymmetric cryptographic algorithm that works on the basis that it is computationally expensive to find the factor of large prime numbers. The relationship between these prime numbers forms the basis of the public and private keys which are used by RSA.
Elliptic-curve cryptography
This type of cryptographic algorithm uses an elliptic curve, which is a specific type of curve defined by a mathematical equation. By using the properties of elliptic curves, it is easy to generate secure asymmetric keys but extremely difficult to reverse the process. An example of an elliptic curve can be seen on the graph below.
OpenSSL
OpenSSL is an open source toolkit and general-purpose cryptography library, available across Windows, Linux, and MacOS operating systems. A wide range of algorithms have been implemented as part of OpenSSL, including all of those mentioned above. In Linux operating systems, OpenSSL can be called from the command line. The general syntax for calling OpenSSL is shown below.
openssl command [ command_options ] [ command_arguments ]