Re: FW: FW: File encryption with smime
--- "Buicliu, Ion VSA:EX" <[EMAIL PROTECTED]> wrote: > > > > > > > What we are trying to do is to place an encrypted > file on our ftp > > server for a specific user. The ftp server is > behind a firewall, and > > the user can access and see only its account, and > they are supposed to > > > get the file and decrypt it. As far as we are > concerned, we'd like to > > make sure that the file on our ftp server is as > safe as possible. This > > > can work if only that user has the private key to > decrypt the file. > > > > I would like to hear any suggestions to make this > file transfer as > > secure as possible. > > The problem with PKI is not so much what is possible > and what is not. It > is only a question of how cleverly you design the > solution such that it > causes the least inconvenience to users at the same > time ensuring the > best possible security. > > Let me suggest a possible solution to you. It is not > scalable and > elegant but at least it can give you what you want. > > You have to generate a keypair for each user with > the genrsa command. > Make sure the user's private keys are protected with > a well chosen > passphrase or USB dongle or something. Anyway you > can distribute the > private keys to the users in a secure out of band > mechanism. I am > assuming they are colocated in which case you could > do it physically. > > Or else the remote users can generate their own > keypairs and you could > obtain their public keys in which case you might > have to go in for > certificates since you have to ensure that the > public key really belongs > to the user... > > Now, you have to store the files corresponding to > each user encrypted > with the public key of that particular user. For > instance, > > File meant for A is encrypted with A's public key > File meant for B is > encrypted with B's public key and so on. > > Now, the user just goes ahead, downloads the file , > decrypts it with his > private key and you are set. > > Since a file encrypted with a public key can be > decrypted only with the > corresponding private key this guarantees good > security as long as the > user's private keys are not compromised. > > Of course, you could go for some creative combos > like having two private > keys for one public key with simple X-ORing and so > on ... > > Remember what I told you is just a conceptual > overview of how things > could be. SMIME might be suited for this. > > > Thank you again Girish. This is what I do and it > works well except for 2 > things: > 1. why is the public cert (.cert) file needed for > decryption, shouldn't > be enough to have the private key (.key) for that? You encrypt with the public key in the cert. Decryption is done with the private key by the user. Wonder where the confusion comes from? > 2. how to put a 'well chosen password' on the > private key? With the > -passout and what arguments? Read the man page for that. You could use -1 for MD5 password generation. If you are paranoid you could use sha256 or sha512... > > Here is what I did, and it worked: > > Create private and public keys: > openssl genrsa -out test.key 1024 > openssl req -new -key test.key -out test.csr > openssl x509 -req -days 30 -in test.csr -signkey > test.key -out test.cert > Encrypt: > openssl smime -encrypt -des3 -binary test.cert > File.enc > Decrypt: > openssl smime -decrypt -in File.enc -inkey test.key > -recip test.cert > >File.out > > My final question: is des3 a high enough level of > encryption (168 bits)? > Should we go higher, and if yes, what is > recommended? DES3 is good enough and is arguably the most widely used cipher being the default in many places including SSL/TLS and OpenSSH. However it is an old slow and somewhat ugly algo. I would go with 256 bit AES in CBC. HTH, Girish > > Thank you. > > Ion Buicliu > __ > OpenSSL Project > http://www.openssl.org > User Support Mailing List > openssl-users@openssl.org > Automated List Manager > [EMAIL PROTECTED] > __ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
FW: FW: File encryption with smime
> > What we are trying to do is to place an encrypted file on our ftp > server for a specific user. The ftp server is behind a firewall, and > the user can access and see only its account, and they are supposed to > get the file and decrypt it. As far as we are concerned, we'd like to > make sure that the file on our ftp server is as safe as possible. This > can work if only that user has the private key to decrypt the file. > > I would like to hear any suggestions to make this file transfer as > secure as possible. The problem with PKI is not so much what is possible and what is not. It is only a question of how cleverly you design the solution such that it causes the least inconvenience to users at the same time ensuring the best possible security. Let me suggest a possible solution to you. It is not scalable and elegant but at least it can give you what you want. You have to generate a keypair for each user with the genrsa command. Make sure the user's private keys are protected with a well chosen passphrase or USB dongle or something. Anyway you can distribute the private keys to the users in a secure out of band mechanism. I am assuming they are colocated in which case you could do it physically. Or else the remote users can generate their own keypairs and you could obtain their public keys in which case you might have to go in for certificates since you have to ensure that the public key really belongs to the user... Now, you have to store the files corresponding to each user encrypted with the public key of that particular user. For instance, File meant for A is encrypted with A's public key File meant for B is encrypted with B's public key and so on. Now, the user just goes ahead, downloads the file , decrypts it with his private key and you are set. Since a file encrypted with a public key can be decrypted only with the corresponding private key this guarantees good security as long as the user's private keys are not compromised. Of course, you could go for some creative combos like having two private keys for one public key with simple X-ORing and so on ... Remember what I told you is just a conceptual overview of how things could be. SMIME might be suited for this. Thank you again Girish. This is what I do and it works well except for 2 things: 1. why is the public cert (.cert) file needed for decryption, shouldn't be enough to have the private key (.key) for that? 2. how to put a 'well chosen password' on the private key? With the -passout and what arguments? Here is what I did, and it worked: Create private and public keys: openssl genrsa -out test.key 1024 openssl req -new -key test.key -out test.csr openssl x509 -req -days 30 -in test.csr -signkey test.key -out test.cert Encrypt: openssl smime -encrypt -des3 -binary test.cert File.enc Decrypt: openssl smime -decrypt -in File.enc -inkey test.key -recip test.cert >File.out My final question: is des3 a high enough level of encryption (168 bits)? Should we go higher, and if yes, what is recommended? Thank you. Ion Buicliu __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Re: FW: File encryption with smime
--- "Buicliu, Ion VSA:EX" <[EMAIL PROTECTED]> wrote: > Thank you Girish, I understand now. The > combination: encrypt with > public key - decrypt with private works. > > What we are trying to do is to place an encrypted > file on our ftp server > for a specific user. The ftp server is behind a > firewall, and the user > can access and see only its account, and they are > supposed to get the > file and decrypt it. As far as we are concerned, > we'd like to make sure > that the file on our ftp server is as safe as > possible. This can work if > only that user has the private key to decrypt the > file. > > I would like to hear any suggestions to make this > file transfer as > secure as possible. The problem with PKI is not so much what is possible and what is not. It is only a question of how cleverly you design the solution such that it causes the least inconvenience to users at the same time ensuring the best possible security. Let me suggest a possible solution to you. It is not scalable and elegant but at least it can give you what you want. You have to generate a keypair for each user with the genrsa command. Make sure the user's private keys are protected with a well chosen passphrase or USB dongle or something. Anyway you can distribute the private keys to the users in a secure out of band mechanism. I am assuming they are colocated in which case you could do it physically. Or else the remote users can generate their own keypairs and you could obtain their public keys in which case you might have to go in for certificates since you have to ensure that the public key really belongs to the user... Now, you have to store the files corresponding to each user encrypted with the public key of that particular user. For instance, File meant for A is encrypted with A's public key File meant for B is encrypted with B's public key and so on. Now, the user just goes ahead, downloads the file , decrypts it with his private key and you are set. Since a file encrypted with a public key can be decrypted only with the corresponding private key this guarantees good security as long as the user's private keys are not compromised. Of course, you could go for some creative combos like having two private keys for one public key with simple X-ORing and so on ... Remember what I told you is just a conceptual overview of how things could be. SMIME might be suited for this. Hope this helps. All the best! regards, Girish __ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
FW: File encryption with smime
Thank you Girish, I understand now. The combination: encrypt with public key - decrypt with private works. What we are trying to do is to place an encrypted file on our ftp server for a specific user. The ftp server is behind a firewall, and the user can access and see only its account, and they are supposed to get the file and decrypt it. As far as we are concerned, we'd like to make sure that the file on our ftp server is as safe as possible. This can work if only that user has the private key to decrypt the file. I would like to hear any suggestions to make this file transfer as secure as possible. Ion Buicliu --- "Buicliu, Ion VSA:EX" <[EMAIL PROTECTED]> wrote: > I am trying to do the following: > - create a private and public key (self-signed > certificate) > - encrypt a file and place on an ftp server > - the client will pick up the file and decrypt it using the PUBLIC key > > Here is what I did to create the certificate: > openssl genrsa -out sfu.key 1024 > openssl req -new -key sfu.key -out sfu.csr openssl x509 -req -days 30 > -in sfu.csr -signkey sfu.key -out sfu.cert > > Then encrypt: > openssl smime -encrypt -des3 -binary sfu.cert bfile.enc > > At this stage I was thinking that I would pass the public cert > (sfu.cert) to the user and ask them to do the decryption like this: > openssl smime -decrypt -inkey sfu.cert vsvic3f03.out > > This doesn't work. The error is: "unable to load signing key file" > > This is what works, using the private key: > openssl smime -decrypt -inkey sfu.key >vsvic3f03.out > > This is not what I want. > How can I encrypt a file, have it safe on a public site (for ftp) and > have the client use a public key to decrypt it? I am afraid you are doing things against the recommendations of public key crypto. If you really want the client use a public key to decrypt it, then remember that what you have is a signature and that you are merely verifying it. Since public key is public. OTOH, if you want to do public key decryption then you could do first encrypt with the client's public key... Since I am not quite clear what is it that you want to accomplish, I can only tell you this much that if you encrypt with public key, you decrypt with private key and vice versa. regards, Girish > > I am a bit new at this, so I am eager to learn as much as possible > about it. > Thank you. > > > Ion Buicliu > mailto:[EMAIL PROTECTED] > > > __ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]