Professional Documents
Culture Documents
2017521460117
Part I: Read this post and then answer the questions: how can we prevent
deriving of the corresponding private key from a public key? (5 points)
When we generate our key pair with Openssl, we see a 256-bit private key
(and made from 32 bytes), along with a 65 bytes of a public key. The 04 at the
start of the public key is an identifier. There are two 256-bit points which
define the public key (and each are 32 bytes long):
Part II: Public and private key lab (20 points)
There are a lot of ways to generate a pair of public key/private key pair as long as you do not want to
register them for public use. For example, you can open an account for Bitcoin to receive your public
key and private key pair. Putty is something I used in the past for this but you have to convert the public
key to a format readable by openssl rsautl. This URL has that
https://superuser.com/questions/576506/how-to-use-ssh-rsa-public-key-to-encrypt-a-text. This
discussion uses Python https://stackoverflow.com/questions/30056762/rsa-encryption-and-decryption-
in-python . I looked a few and think this one https://stuvel.eu/python-rsa-doc/usage.html is the
easiest. To get more info about this implementation, go to https://github.com/sybrenstuvel/python-
rsa/tree/483700ada63972e600c7770c124f5aa0568dabf7/rsa. You may have to install the library.
Answer #1:
It's possible to convert your ssh public key to PEM format(that
'openssl rsautl' can read it):
Example:
ssh-keygen -f ~/.ssh/id_rsa.pub -e -m PKCS8 > id_rsa.pem.pub
Assuming 'myMessage.txt' is your message which should be public-key
encrypted.
Then just encrypt your message with openssl rsautl and your converted
PEM public-key as you would normally do:
openssl rsautl -encrypt -pubin -inkey id_rsa.pem.pub -ssl -in myMessage.txt -out
myEncryptedMessage.txt
The result is your encrypted message in 'myEncryptedMessage.txt'
To test your work to decrypt the with Alice' private key:
openssl rsautl -decrypt -inkey ~/.ssh/id_rsa -in myEncryptedMessage.txt -out
myDecryptedMessage.txt
Answered By: Dirk Thannhäuser
Answer #2:
Give a try to ssh-vault it uses ssh-rsa public keys to encrypt "create
a vault" and the ssh-rsa private key to decrypt "view content of the
vault"
Answered By: nbari
Answer #3:
Why not do this the super obvious way that doesn't require rolling
your own crypto.
Alice sftps to alice@bobserver.com which is setup to only allow public
key authentication for the account alice. The properties of ssh nicely
ensure that only alice can authemticate. Even a man in the middle
attack fails since (assuming you disable ssh1 and insist on the right
settings) the initial communication using DH creates a value known to
both alice and bob but not to any man in the middle and this can be
used to authenticate that no reply or MITM attack can see the contents
of the communicatino.
So have alice sftp into your box and download the file.
Answered By: Peter Gerdes
here I install most library
Doing things in the following steps (20 points):
1. Form a team with another one or two students in the class.
2. Each student needs to generate a public key/private key pair. You may need to include the rsa
library. Once you have done that, here is how I did that
import rsa
publicKey, privateKey = rsa.newkeys(2048)
METHOD-01:
import rsa
from _cffi_backend import string
key = Fernet.generate_key()
Decryption
Recipient B does the following:-
1. Uses his private key (n,d)(n,d) to compute m=cdmodnm=cdmodn.
2. Extracts the plaintext from the message representative mm.
4. Convert your public key into its PEM format and pass it to your team member (s);
you team member (s) encrypts a message, say, This blockchain class is the best
class ever; pass the encrypted message to you; you decrypt the message using your
private key. What function did you use (the one provided by the library) to convert
your public key into its PEM format (answer it below)?
Function name:
import rsa
# Use at least 2048 bit keys nowadays, see e.g. https://www.keylength.com/en/4/
publicKey, privateKey = rsa.newkeys(2048)
key = Fernet.generate_key()
with open('my_file.a', 'wb') as Mykey:
Mykey.write(key)
with open("my_file.a", 'rb') as mykey:
key = mykey.read()
print(key)
# create a csv file
f = Fernet(key)
with open('SummerCourse.csv', 'rb') as original_file:
original = original_file.read()
# csv data encrypted and keep it enc_grades.csv
encrypted = f.encrypt(original)