Quick and strong file-encryption with OpenSSL
2009-12-03 09:09
357 查看
Tuesday 16 June 2009 @ 17:31 CEST
Contributed by: lars
To quickly encrypt a file with a password of your choice you can use OpenSSL. OpenSSL supports a whole range of ciphers, including government approved encryption algorithms. The encryption algorithm AES is the only accepted open confidentiality algorithm here in Norway (read more here). AES is the new algorithm replacing DES. You can read all about AES and DES elsewhere.
To encrypt a file using AES with a 256 bit key-length:
The encrypted file is now found as
Since symmetric block ciphers process one block of data at the time (AES uses a block length of 128 bits), it is important that we use CBC mode. CBC prevents repeating plaintext to create the same (repeating) ciphertext. Use option
To decrypt the file: Note! If you type in the wrong password, you'll get garbled output since there is no way to check if the password is correct.
And the decrypted file is found as
For example: You can encrypt a file with a password of your choice. Send the file to the receiver, and then communicate to him over another secure communication channel what the password is (and that you've used "aes-256-cbc").
Contributed by: lars
To quickly encrypt a file with a password of your choice you can use OpenSSL. OpenSSL supports a whole range of ciphers, including government approved encryption algorithms. The encryption algorithm AES is the only accepted open confidentiality algorithm here in Norway (read more here). AES is the new algorithm replacing DES. You can read all about AES and DES elsewhere.
To encrypt a file using AES with a 256 bit key-length:
$ openssl enc -e -aes-256-cbc -salt -in filename.odp -out filename.odp.enc enter aes-256-cbc encryption password: Verifying - enter aes-256-cbc encryption password:
The encrypted file is now found as
filename.odp.enc
Since symmetric block ciphers process one block of data at the time (AES uses a block length of 128 bits), it is important that we use CBC mode. CBC prevents repeating plaintext to create the same (repeating) ciphertext. Use option
-pto have OpenSSL print out the salt, key and IV used:
$ openssl enc -e -aes-256-cbc -salt -p -in filename.odp -out filename.odp.enc enter aes-256-cbc encryption password: Verifying - enter aes-256-cbc encryption password: salt=92BCA2EA0EABCA62 key=1BCE6E251E86A6379066B634FD20CD3090981B50CDF3FF5634C49DCF4A1812A5 iv =9604DF84236BB3965083830396277636
To decrypt the file: Note! If you type in the wrong password, you'll get garbled output since there is no way to check if the password is correct.
$ openssl enc -d -aes-256-cbc -in filename.odp.enc -out filename.odp enter aes-256-cbc decryption password:
And the decrypted file is found as
filename.odp
For example: You can encrypt a file with a password of your choice. Send the file to the receiver, and then communicate to him over another secure communication channel what the password is (and that you've used "aes-256-cbc").
相关文章推荐
- File transfer in android with asmack and Openfire
- Invalid configuation file. File "**********" was created by a VMware product with more feature than this version of VMware Workstation and cannot be
- Generate a quick and easy custom pcap file using Python
- Quick and easy Watir test suites with Test::Unit
- 转:How to generate Certificate Signing Request (CSR) file with Apache OpenSSL
- Linux file system events with C, Python and Ruby
- Verify certificate with OPENSSL and CryptoAPI
- Powershell with file and directory
- some useful links for dealing with blg file and performance analyses
- backup, file manipulation operations (such as ALTER DATABASE ADD FILE) and encryption changes on a database must be serialized.
- How to increase swap size with a swap file and Partition
- Web Publishing with PHP and FileMaker 9
- IDs associated with each process and file’s mode word
- Ubuntu_Missing Icons and file names with Xfce
- bulid runnable jar file with dependencies and main class
- Howto base64 encode with C/C++ and OpenSSL
- [Computer and Network Security] Programming with OpenSSL
- Downloading a Remote File With cURL and PHP
- Read a Text File with VBA in Excel, and Write the Text to a Spreadsheet
- Back Up and Restore with Filesystem Snapshots