Showing posts with label encryption. Show all posts
Showing posts with label encryption. Show all posts

Friday 8 March 2013

Encrypt/Decrypt Confidential Data Using OpenSSL

If you wish to perform encrypted file transfers, openssl provides a robust implementation of SSL v2/3 and TLS v1 as well as full strength generic cryptographic functionalities. Available for almost every commonly used operating system, openssl can be used as a general purpose tool instead of looking for other specialized tools.

If you wish to have full strength cryptographic functions, openssl is a perfect choice. Forget about all other tools that promise to provide high end encryption for your confidential data. Openssl is more than enough for most of your cryptographic needs. Personally, I can't just rely on some random software that promises to provide full strength cryptography but lacks documentations and detailed reviews. Openssl, however, has a well structured documentation and is an open source implementation.

Openssl supports several ciphers such as AES, Blowfish, RC5, etc., several cryptographic hash functions such as MD5, SHA512, etc., and public key cryptographies such as RSA, DSA, etc. Openssl has been widely used in several softwares most notably the OpenSSH.

Now that we know some basics about what OpenSSL is, lets move on encrypting/decrypting files/data using openssl. OpenSSL can take any file and then apply one of the cryptographic functions to encrypt the file. As an example, we encrypt a confidential file 'priv8' with a password "hello" below:

samar@Techgaun:~$ openssl aes-256-cbc -e -in priv8 -out priv8.enc -pass pass:hello

In order to decrypt the encrypted file, we can run the following command:

samar@Techgaun:~$ openssl aes-256-cbc -e -in priv8.enc -out priv8 -pass pass:hello

Now that you know the basic syntax, you can choose among several available cryptographic functions. There are several other symmetric ciphers available for use. The full list of these ciphers is provided by the command:

samar@Techgaun:~$ openssl list-cipher-algorithms

I hope this helps for your file encryption needs :)


Wednesday 3 October 2012

Keccak Wins The SHA-3 Competition

After five years of competition, National Institute of Standards and Technology (NIST) has announced the winner of SHA-3 competition. The Keccak has been selected as the standard for SHA-3 algorithm among the 64 entries made for SHA-3 cryptographic algorithm announced by NIST back in November 2, 2007.

After three rounds of competitions, the finalists were five hash algorithms. On December 9, 2010, NIST announced five third-round candidates – BLAKE, Grøstl, JH, Keccak and Skein, to enter the final round of the competition. And, the winner is Keccak.

Keccak was designed by a team of cryptographers from Belgium and Italy, they are:

  • Guido Bertoni (Italy) of STMicroelectronics,
  • Joan Daemen (Belgium) of STMicroelectronics,
  • Michaël Peeters (Belgium) of NXP Semiconductors,
  • Gilles Van Assche (Belgium) of STMicroelectronics.

The NIST team praised the Keccak algorithm for its many admirable qualities, including its elegant design and its ability to run well on many different computing devices. The clarity of Keccak’s construction lends itself to easy analysis, and Keccak has higher performance in hardware implementations than SHA-2 or any of the other finalists.

Keccak has the added advantage of not being vulnerable in the same ways SHA-2 might be,” says NIST computer security expert Tim Polk. “An attack that could work on SHA-2 most likely would not work on Keccak because the two algorithms are designed so differently.

Though SHA-2 is still considered to be still secure enough for general usage, SHA-3 is thought to provide a new security tool for system and protocol designers, and that may create opportunities for security in networks that did not exist before.

If you are interested in quick summary about the pseudocode of Keccak, you can read the summary of Keccak.


Saturday 24 March 2012

Thoughts On Combining Compression and Encryption

One of the issues while talking about encryption and cryptography is how should we combine compression with encryption. Data compression is one of the tasks people often do. Combining compression and encryption needs some addressing since compression should always be done before the encryption and not the other way.

The results are generally not good if encryption is done before compressing the data. This is because of the nature of the encryption. Compression takes advantage of non-randomness of data but a good encryption generates the random stream of data which is unlikely to get good compression in cases of loss-less compressions. Of course, some image compression which are not loss-less will still get some compression.

Compression technology looks for the repeatability of data and performs compression by looking such patterns. Most encryption schemes transform the data such that it is random or very very close to being random. Output of good encryption scheme must be indistinguishable from truly random. And compressing the truly random data would not produce effective result. Hence, compress first and then do the encryption. :)


Tuesday 28 February 2012

List of Hashing Algorithms Used In Major CMS & Forums

Just found this random image from one digital friend and its a pretty good list of hashing algorithms used in many web based applications such as CMS and forum softwares. Some of these algorithms might get outdated with newer versions, but still it will be a good reference.

list of hash algorithms for major web apps

View Full Size Image

Note for creator: If you are the owner of this image, please let me know so that I can give you the credit.


Wednesday 9 November 2011

Encoder/Decoder Tool From Techgaun [New Release]

I am glad to release this very small encoder and decoder tool that I coded just now around 10 minutes ago. I hope this tool will be useful for you.

Right now, the tool has the following options.

Base64 Encoding and Decoding
URL Encoding and Decoding
String Reverse
MD5 and SHA1 Hash
HEX Encoding and Decoding
ASCII to Binary and Binary to ASCII

Encoder and Decoder Tool Online