Re: FW: FW: File encryption with smime

2006-08-17 Thread Girish Venkatachalam 


--- "Buicliu, Ion VSA:EX" <[EMAIL PROTECTED]>
wrote:

>  
> 
> 
> > 
> > What we are trying to do is to place an encrypted
> file on our ftp 
> > server for a specific user. The ftp server is
> behind a firewall, and 
> > the user can access and see only its account, and
> they are supposed to
> 
> > get the file and decrypt it. As far as we are
> concerned, we'd like to 
> > make sure that the file on our ftp server is as
> safe as possible. This
> 
> > can work if only that user has the private key to
> decrypt the file.
> > 
> > I would like to hear any suggestions to make this
> file transfer as 
> > secure as possible.
> 
> The problem with PKI is not so much what is possible
> and what is not. It
> is only a question of how cleverly you design the
> solution such that it
> causes the least inconvenience to users at the same
> time ensuring the
> best possible security. 
> 
> Let me suggest a possible solution to you. It is not
> scalable and
> elegant but at least it can give you what you want.
> 
> You have to generate a keypair for each user with
> the genrsa command.
> Make sure the user's private keys are protected with
> a well chosen
> passphrase or USB dongle or something. Anyway you
> can distribute the
> private keys to the users in a secure out of band
> mechanism. I am
> assuming they are colocated in which case you could
> do it physically.
> 
> Or else the remote users can generate their own
> keypairs and you could
> obtain their public keys in which case you might
> have to go in for
> certificates since you have to ensure that the
> public key really belongs
> to the user...
> 
> Now, you have to store the files corresponding to
> each user encrypted
> with the public key of that particular user. For
> instance, 
> 
> File meant for A is encrypted with A's public key
> File meant for B is
> encrypted with B's public key and so on. 
> 
> Now, the user just goes ahead, downloads the file ,
> decrypts it with his
> private key and you are set. 
> 
> Since a file encrypted with a public key can be
> decrypted only with the
> corresponding private key this guarantees good
> security as long as the
> user's private keys are not compromised.
> 
> Of course, you could go for some creative combos
> like having two private
> keys for one public key with simple X-ORing and so
> on ...
> 
> Remember what I told you is just a conceptual
> overview of how things
> could be. SMIME might be suited for this. 
> 
> 
> Thank you again Girish. This is what I do and it
> works well except for 2
> things:
> 1. why is the public cert (.cert) file needed for
> decryption, shouldn't
> be enough to have the private key (.key) for that?

You encrypt with the public key in the cert.
Decryption is done with the private key by the user.
Wonder where
the confusion comes from? 

> 2. how to put a 'well chosen password' on the
> private key? With the
> -passout and what arguments?
Read the man page for that. You could use -1 for MD5
password generation. If you are paranoid you could use

sha256 or sha512...

> 
> Here is what I did, and it worked:
> 
> Create private and public keys:
> openssl genrsa -out test.key 1024
> openssl req -new -key test.key -out test.csr
> openssl x509 -req -days 30 -in test.csr -signkey
> test.key -out test.cert
> Encrypt:
> openssl smime -encrypt -des3 -binary test.cert 
> File.enc
> Decrypt:
> openssl smime -decrypt -in File.enc -inkey test.key
> -recip test.cert
> >File.out
> 
> My final question: is des3 a high enough level of
> encryption (168 bits)?
> Should we go higher, and if yes, what is
> recommended?
DES3 is good enough and is arguably the most widely
used cipher being the default in many places including
SSL/TLS and OpenSSH.

However it is an old slow and somewhat ugly algo.

I would go with 256 bit AES in CBC.

HTH,
Girish
> 
> Thank you.
> 
> Ion Buicliu
>
__
> OpenSSL Project
> http://www.openssl.org
> User Support Mailing List   
> openssl-users@openssl.org
> Automated List Manager  
> [EMAIL PROTECTED]
> 


__
Do You Yahoo!?
Tired of spam?  Yahoo! Mail has the best spam protection around 
http://mail.yahoo.com 
__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager   [EMAIL PROTECTED]

FW: FW: File encryption with smime

2006-08-17 Thread Buicliu, Ion VSA:EX 
 


> 
> What we are trying to do is to place an encrypted file on our ftp 
> server for a specific user. The ftp server is behind a firewall, and 
> the user can access and see only its account, and they are supposed to

> get the file and decrypt it. As far as we are concerned, we'd like to 
> make sure that the file on our ftp server is as safe as possible. This

> can work if only that user has the private key to decrypt the file.
> 
> I would like to hear any suggestions to make this file transfer as 
> secure as possible.

The problem with PKI is not so much what is possible and what is not. It
is only a question of how cleverly you design the solution such that it
causes the least inconvenience to users at the same time ensuring the
best possible security. 

Let me suggest a possible solution to you. It is not scalable and
elegant but at least it can give you what you want.

You have to generate a keypair for each user with the genrsa command.
Make sure the user's private keys are protected with a well chosen
passphrase or USB dongle or something. Anyway you can distribute the
private keys to the users in a secure out of band mechanism. I am
assuming they are colocated in which case you could do it physically.

Or else the remote users can generate their own keypairs and you could
obtain their public keys in which case you might have to go in for
certificates since you have to ensure that the public key really belongs
to the user...

Now, you have to store the files corresponding to each user encrypted
with the public key of that particular user. For instance, 

File meant for A is encrypted with A's public key File meant for B is
encrypted with B's public key and so on. 

Now, the user just goes ahead, downloads the file , decrypts it with his
private key and you are set. 

Since a file encrypted with a public key can be decrypted only with the
corresponding private key this guarantees good security as long as the
user's private keys are not compromised.

Of course, you could go for some creative combos like having two private
keys for one public key with simple X-ORing and so on ...

Remember what I told you is just a conceptual overview of how things
could be. SMIME might be suited for this. 


Thank you again Girish. This is what I do and it works well except for 2
things:
1. why is the public cert (.cert) file needed for decryption, shouldn't
be enough to have the private key (.key) for that?
2. how to put a 'well chosen password' on the private key? With the
-passout and what arguments?

Here is what I did, and it worked:

Create private and public keys:
openssl genrsa -out test.key 1024
openssl req -new -key test.key -out test.csr
openssl x509 -req -days 30 -in test.csr -signkey test.key -out test.cert
Encrypt:
openssl smime -encrypt -des3 -binary test.cert  File.enc
Decrypt:
openssl smime -decrypt -in File.enc -inkey test.key -recip test.cert
>File.out

My final question: is des3 a high enough level of encryption (168 bits)?
Should we go higher, and if yes, what is recommended?

Thank you.

Ion Buicliu
__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager   [EMAIL PROTECTED]