WolfMUD: Journal for Tuesday 30th January, 2018


  Up to Main Index                           Up to Journal for January, 2018

                    JOURNAL FOR TUESDAY 30TH JANUARY, 2018
______________________________________________________________________________

SUBJECT: Cryptography with Alice, Bob & Theresa
   DATE: Tue 30 Jan 20:24:24 GMT 2018


    This entry was written on Friday, but I didn’t publish it. In fact I
    didn’t know if I would publish or just delete it. In the end, after a
    lot of cogitating, I thought it might be interesting and maybe useful
    to some. So, for better or worse, here it is…


A minor detour from my usual ramblings, but it seems that our Prime Minister
Theresa May is banging on about encryption again. This time in relation to
messaging apps because they are “home to criminals and terrorists”. No, sorry,
they are also used by all sorts of people for various reasons, like privacy
and security. Should we remove, weaken or otherwise hobble encryption for
everyone else? What about online banking because “criminals and terrorists”
might use it? What about secure online commerce?

So I want to make a small point about using ANY unencrypted medium, not just
messaging apps. It nothing new or original, but it is important.

If you want to play along and try this yourself, all of the examples below
were tested using OpenSSL 1.1.0g on Debian Linux (Testing). In the examples
that follow, lines that start with ‘>’ show the commands to type in. Don’t
type the ‘>’ itself, it is just there to represent the prompt on a command
line.

Let us assume Alice wants to send a message to Bob without Theresa being able
to read it, but they both use an app that sends insecure, plain text messages
with no encryption. We also assume that Alice and Bob have pre-shared a secret
password. What can they do? They can send text that is already encrypted if
the app isn’t going to do it for them automatically!

Alice starts by preparing her message:


  > echo "Hello World" | openssl aes256 -a
  enter aes-256-cbc encryption password: ············
  Verifying - enter aes-256-cbc encryption password: ············
  U2FsdGVkX1/UsERDIi+1wNvmErOlI2nkp2cFjJH6gD0=


Alice copies, pastes and sends "U2FsdGVkX190xCjmJYPn+qwSQVfSkATBhPE4VV6TTac="
as plain text to Bob via email, SMS, message app, postcard, etc. Bob receives
the message, copies it and pastes it onto a command line:


  > echo "U2FsdGVkX1/UsERDIi+1wNvmErOlI2nkp2cFjJH6gD0=" | openssl aes256 -a -d
  enter aes-256-cbc decryption password: ············
  Hello World


Oh no! Theresa can’t read the secret message! Even though the app is using
insecure, plain text and putting everybody — except Alice and Bob — at risk :(

It’s just as easy to write a long email and either copy and paste the
encrypted text or send it as an attachment. Here we assume email.enc is either
copied into the email or is the attachment:


  Alice:
    > openssl aes256 -in ./email.txt -out ./email.enc -a
    enter aes-256-cbc encryption password: ············
    Verifying - enter aes-256-cbc encryption password: ············

  Bob:
    > openssl aes256 -in ./email.enc -out ./email.txt -a -d
    enter aes-256-cbc decryption password: ············


These are just silly, simple — but workable — examples. Maybe we need an app
that has a drop down field to select the person’s secret password to use,  a
text area to copy/paste text and two buttons: one to encrypt and one to
decrypt the text[1].

If you just wanted to see the easy stuff, I’ve made my point — encrypted data
can just as easily be sent using an insecure, unencrypted medium. Making
messaging apps or any other software less secure is not going to do anyone any
favours. Point made — you can stop reading here. If you want an example of a
better, but slightly more complex solution keep reading…

Can Alice and Bob do better? What about using private and public keys instead
of a pre-shared shared secret password?

First of all, Alice and Bob need to generate their private and public keys,
with the private key password protected:


  > openssl genrsa -out private.pem -aes256 2048
  Generating RSA private key, 2048 bit long modulus
  .......................................+++
  ..................................................................+++
  e is 65537 (0x010001)
  Enter pass phrase for private.pem: ············
  Verifying - Enter pass phrase for private.pem: ············
  > openssl rsa -in private.pem -out pub.pem -outform PEM -pubout
  Enter pass phrase for private.pem: ············
  writing RSA key


Once this is done the public keys in the pub.pem file can be safely shared,
even publicly. When Alice wants to share a message she generates a random key,
encrypts the message with the random key, encrypts the random key with Bobs
public key and finally sends Bob the encrypted message and encrypted random
key. Phew! That’s a lot, but only three commands:


  > openssl rand -base64 -out key.bin 128
  > openssl aes256 -in email.txt -out ./email.enc -pass file:./key.bin -a
  > openssl rsautl -encrypt -inkey pub.pem -pubin -in key.bin -out key.bin.enc


This method requires a separate key file rather than using rsautl to encrypt
the data directly as rsautl can only encrypt small amounts of data

Bob soon receives the two files — the encrypted random key and the encrypted
message, key.bin.enc and email.enc. He then decrypts the random key using his
private key, then decrypts the message using the decrypted random key:


  > openssl rsautl -decrypt -inkey private.pem -in key.bin.enc -out key.bin
  Enter pass phrase for private.pem: ············
  > openssl aes256 -in email.enc -out ./email.txt -pass file:./key.bin -a -d


This is a little more complex than before and could certainly do with the
encrypting and decrypting commands being put into some simple scripts. Maybe
we need to make our theoretical app, mentioned earlier, a little smarter?

The ‘magic’ here is that because the random key is encrypted with Bob’s public
key only Bob can decrypt the random key using his password protected, private
key. Once again Theresa is thwarted from reading the message even though Alice
sent Bob the two files using an unencrypted plain text medium ;)

I don’t suppose for one minute that anyone is going to take any notice of me,
but the point is encrypted data can easily be sent using an insecure medium.
You just need to strongly pre-encrypt the data — at the end of the day it’s
all just data, encrypted or not.

The genie is out of the bottle, and it isn’t going back.

--
Diddymus

  [1] If you search the Google Play store for ‘aes encrypt decrypt’ there are
      apps like this already. As I have not used any I can’t recommend or
      endorse any of them. However I would highly suggest using one you can
      examine the source code for…


  Up to Main Index                           Up to Journal for January, 2018