Generate Public Key- Private Key Pair and Test them

The Public and Private key pair comprises of two uniquely related cryptographic keys.The Public Key is made available to everyone via a publicly accessible repository or directory. On the other hand, the Private Key must remain confidential to its respective owner. Because the key pair is mathematically related, whatever is encrypted with a Public Key may only be decrypted by its corresponding Private Key and vice versa.In this post we will see how to generate a set of private and public keys and then test to encrypt with public and decrypt with private key.I have a Ubuntu system...and I attempt all here on the terminal.The following commands will be used as we work with RSA keys:

openssl genrsa: Generates an RSA private keys.
openssl rsautl: Encrypt and decrypt files with RSA keys.
openssl rsa: Manage RSA private keys (includes generating a public key from it).

Firstly to generate the key,the terminal command will be as follows and shown in the screenshot :

 :~ openssl genrsa -des3 -out private.pem 2048

 The following command will generate a public key from the private key generated above
: ~ openssl rsa -in private.pem -outform PEM -pubout -out public.pem

 So now we have generated a set of private key and public key with the extension .pem

 To just verify the generation,chk the contents inside as seen below :

:~ more public.pem

 :~ more private.pem

 Use the following command to generate the random key:
 :~ openssl rand -base64 128 -out key.bin

 Encrypt the sample pdf or any other file you want to encrypt with this key vide the following command :

:~ openssl enc -aes-256-cbc -salt -in anupam.pdf -out anupam.pdf.enc -pass file:./key.bin

 So now you have the original file here anupam.pdf and the encrypted file as anupam.pdf.enc

 We see that the files do not have much of a size difference but the file is encrypted.

Now use the following command to encrypt the random keyfile with the other persons public key:

:~ openssl rsautl -encrypt -inkey public.pem -pubin -in key.bin -out key.bin.enc

 The key.bin is encrypted now.
: ~ openssl rsautl -decrypt -inkey private.pem -in key.bin.enc -out key.bin1

 and finally we decrypt the pdf.enc file to original .pdf extension

:~ openssl enc -d -aes-256-cbc -in anupam.pdf.enc -out anupam1.pdf -pass file:./key.bin

ENCRYPTED E-MAILS @ DARK MAIL ALLIANCE

1.   How often we keep reading so much about privacy and IT security issues across the web and daily surf's!!!....but we only have more to believe that privacy with times to come will be a matter of past...be it your mobile with loads of applications inbuilt already or your exchange on yahoo or gmail etc..every one is trying to vie for your data in some form or the other...your sms..your mms...your contacts..your stored data on the SD card,your browsing history or your location at various times of the day etc etc.....every one wants all this to make your profile and then in the long run use all this to market or even blackmail you(who knows!!!!!)...future will buzz a lot with our past....

2.  In such times it is good to read about "Dark Mail Alliance". Extract from their website is produced below for general direction of purpose :

" To bring the world our unique end-to-end encrypted protocol and architecture that is the 'next-generation' of private and secure email. As founding partners of The , both Silent Circle and Lavabit will work to bring other members into the alliance, assist them in implementing the new protocol and jointly work to proliferate the worlds first end-to-end encrypted 'Email 3.0' throughout the world's email providers. Our goal is to open source the protocol and architecture and help others implement this new technology to address privacy concerns against surveillance and back door threats of any kind."

3.   Silent Circle’s team as mentioned in the extract is a unique and eclectic mix of world-renowned cryptographers, Silicon Valley software engineers, German VoIP engineers, Latvian system analysts and former US Navy SEALs & British Special Air Service (SAS) security experts....while Lavabit was an encrypted email service, founded in 2004, that suspended operations on August 8, 2013 after it was ordered to turn over its Secure Sockets Layer (SSL) private key to the US government.So the combo of these two majors can be a force to reckon with provided the policies and strategies do not bar them again in some manner...till then lets give a "good night" to privacy!!!

4.   More at http://darkmail.info/

Snake oil Cryptography

1.     While reading a post about unhackable codes here , I came across a interesting term know as SNAKE OIL CRYPTOGRAPHY......as Alex Gostev, chief security expert at Kaspersky Labs, dismissed ENIGMA-DS "snake-oil cryptography,"....so found out in brief from wiki...where else!!!

In cryptography, snake oil is a term used to describe commercial cryptographic methods and products which are considered bogus or fraudulent. The name derives from snake oil, one type of quack medicine widely available in 19th century United States.Distinguishing secure cryptography from insecure cryptography can be difficult from the viewpoint of a user. 

2.  Thanks WIKI

Steganography : Hide in a JPEG/BMP

1. Steganography is the art and science of writing hidden messages in such a way that no one,apart from the sender and intended recipient, suspects the existence of the message, a form of security through obscurity while Cryptography is the practice and study of hiding information.

2. The advantage of steganography, over cryptography alone, is that messages do not attract attention to themselves. Plainly visible encrypted messages no matter how unbreakable will arouse suspicion,therefore, whereas cryptography protects the contents of a message,steganography can be said to protect both messages and communicating parties.

3. Just for how it works..i tried one free Steganography software "Invisible Secrets" that allows one to encrypt and hide files in other files (carriers) which are not suspect of encryption (JPG, PNG, BMP).The link I downloaded from can be accessed by clicking here.

4. Now this is a small 1.8 MB software good enough to do the job.The file u see below of golden temple is just not a jpeg,it consists of a text file with a message...the password to access the text file is 12_34....for those of u who r interested to experiment

5. The scope of utility involves provisioning solutions to the following queries of any user across :

(a) Are you afraid that someone else can see your sensitive and secret data stored on your computer ?

(b) Are you afraid that hackers or other people can penetrate your system and find your valuable information ?

(c) Your wife, boss and kids can see what you used the internet for?

(d) You have many passwords in your mind or spread all over your computer and you can't organize them?

(e) You want to send a secure email to your friend or partner and you want nobody to read or to access it?

(f) You want to password protect certain applications to be used only by you? Do you want them not to be visible in the Start Menu, but still have quick access to them?

(g) You want to delete an email or a file but you think someone else can restore it and use it against you ?

(h) You want to combine file encryption with steganography (hide files and folders) to better protect your documents and emails?

(j) You want to hide files on your computer so that nobody finds them?

6. Thanks http://www.invisiblesecrets.com