With a similar OpenSSL command, it is possible to decrypt message.enc. The encrypted message can now be copied and pasted in an email message, for example. Ĭan you think of a benefit of having message.enc Base64-encoded? While message.enc is encrypted, it is now correctly displayed because it has been converted from binary to text and encoded with Base64. Is message.enc displayed correctly now? Explain. SJmR3+3C+dmgzZIKEHWsJ2pgLvj2Sme79J/XxwQVNpw= XMufkv+FOGn+SoEEuh7l4fk0LIPEfGsExVFB4TGdTiZQApRw74rTAZaE/dopaJn0 Rfnth5Q8NHValEw8vipKGM66dNFyyr9/hJUzCoqhFpRHgNn+Xs5+TOtz/QCPN1biĠ8LGTSzOpfkg76XDCk8uPy1hl/+Ng92sM5rgMzLXfEXtaYe5UgwOD42U/U6q73pjĪ1ksQrTWsv5mtN7y6mh02Wobo3A1ooHrM7niOwK1a3YKrSp+ZhYzVTrtksWDl6Ci U2FsdGVkX19ApWyrn8RD5zNp0RPCuMGZ98wDc26u/vmj1zyDXobGQhm/dDRZasG7 Note : The contents of message.enc will vary. Once again, use the cat command to display the contents of the, now re-generated, message.enc file:.]$ openssl aes-256-cbc -a -in letter_to_grandma.txt -out message.enc
Note : Base64 is a group of similar binary-to-text encoding schemes used to represent binary data in an ASCII string format. The -a option tells OpenSSL to encode the encrypted message using a different encoding method of Base64 before storing the results in a file. To make the file readable, run the OpenSSL command again, but this time add the – a option.The symbols are shown because OpenSSL has generated a binary file. The file seems broken as just symbols are displayed. ]$ cat message.enc Question:ĭid the contents of the message.enc file display correctly? What does it look like? Explain. When the process is finished, use the cat command again to display the contents of the message.enc file.Verifying – enter aes-256-cbc encryption password: ]$ openssl aes-256-cbc -in letter_to_grandma.txt -out message.enc Provide the password as requested and be sure to remember the password. OpenSSL will ask for a password and for password confirmation. The command will use AES-256 to encrypt the text file and save the encrypted version as message.enc. From the same terminal window, issue the command below to encrypt the text file.I got them this morning and I have already eaten half of the box! They are absolutely delicious! I am writing this letter to thank you for the chocolate chip cookies you sent me. Type the command below to list the contents of the encrypted letter_to_gra n dma.txt text file on the screen:.Because the text file to be encrypted is in the /home/analyst// directory, change to that directory:.To use AES to encrypt a text file directly from the command line using OpenSSL, follow the steps below: Step 1: Encrypting a Text File While many encryption algorithms can be used, this lab focuses on AES. OpenSSL can be used as a standalone tool for encryption. Instructions Part 1: Encrypting Messages with OpenSSL The methods presented here should NOT be used to secure truly sensitive data. This lab should be used for instructional purposes only. The ONLY security is introduced by a very strong password.Ģ) The method described in this lab does n o t guarantee the integrity of the text file. Below are two security problems with this lab:ġ) The method described in this lab uses a weak key derivation function. Note : While OpenSSL is the de facto cryptography library today, the use presented in this lab is NOT recommended for robust protection. In this lab, you will use OpenSSL to encrypt and decrypt text messages. It is also a general-purpose cryptography library. OpenSSL is an open source project that provides a robust, commercial-grade, and full-featured toolkit for the Transport Layer Security (TLS) and Secure Sockets Layer (SSL) protocols. Part 2: Decrypting Messages with OpenSSL Background / Scenario Lab – Encrypting and Decrypting Data Using OpenSSL (Answers Version)Īnswers Note : Red font color or g ray highlights indicate text that appears in the instructor copy only.