Basic Cryptography

1
© 2021 C-DAC, Hyderabad
Table of Contents
Objective 3

Prerequisites 3

Problem Statement 3

Summary 3

Fundamental Concepts 4

Template for each step 5

Step 1 : OpenSSL basic commands 5
To get overview of openSSL commands 5
To list available algorithms supported by openSSL. 6
Step 2: Symmetric Algorithms 6
Encryption 6
Decryption 7
Step 3 : Asymmetric Algorithms 8
Key Generation 8
Encryption 8
Decryption 9
Step4: Message Digest & Digital signature 9

References 10

2
© 2021 C-DAC, Hyderabad
1. Objective

The Objective of this lab is to understand and implement the basic cryptographic
concepts for Encryption, Decryption, Hashing and Digital signature.

2. Prerequisites

Prerequisites Version

Tools required openssl

Operating System Linux

3. Problem Statement

Select any file and do the following activities on the selected file:
● OpenSSL basic commands
● Symmetric Algorithms
○ Encryption/Decryption with various modes
● Asymmetric Algorithms
○ Key Generation
○ Encryption/Decryption
● Message Digest & Digital signature

4. Summary

Steps Description

Step 1 ● OpenSSL basic commands

Step 2 ● Symmetric Algorithms

○ Encryption/Decryption with various modes

Step 3 ● Asymmetric Algorithms

○ Key Generation
○ Encryption/Decryption

Step 4 ● Message Digest & Digital signature

3
© 2021 C-DAC, Hyderabad
5. Fundamental Concepts

Introduction

OpenSSL is a software library that implements the SSL (secure sockets layer) and TLS
(transport layer security) web security protocols.

SSL and TLS are methods for using cryptography to secure communication between two
parties. Although there are some important differences at a technical level (and SSL has
largely been made obsolete in favor of the more secure TLS), they both work essentially
the same way. (In fact, many people simply refer to both protocols as "SSL".)

The following description of how SSL/TLS works is very simplified, but it gives you a
basic understanding of what is going on:
● Once a connection is made between a client and server, the client requests a
secure connection. It requests information about what types of cryptographic
security the client supports.
● The server chooses the most secure option that both the server and client
support, and then sends a security certificate signed with the server's public key.
● The client verifies the certificate and generates a secret key to send to the server,
encrypted with the server's public key.
● The client and server use the secret key to generate a pair of symmetric keys (or
two pairs of public-private keys), and communication commences securely.

6. Template for each step

1. Step 1 : OpenSSL basic commands

To open the command prompt go to the top left corner of your screen, click on
“Applications”and then select “Terminal Emulator”. Execute the following
commands.

4
© 2021 C-DAC, Hyderabad
a. To get overview of openSSL commands

b. To list available algorithms supported by openSSL.

Note: -in : input file and -out: output file

5
© 2021 C-DAC, Hyderabad
2. Step 2: Symmetric Algorithms

a. Encryption
Following commands is used to apply encryption on any date using
symmetric algorithms

i. Let's check the input file which is going to be used for encryption.

ii. Apply the encryption technique using a symmetric algorithm with

$ openssl aes-128-ecb -e -in sample.txt -out enc_aes-ecb.binc
command.

6
© 2021 C-DAC, Hyderabad
 iii. Lets check whether the output file has been generated or not.

iv. The generated Encrypted file will look like this:

b. Decryption
i. Once the encryption is applied and if one wants to view the data of
Sample.txt then decryption operations need to be performed.
Command for decryption is $ openssl aes-128-ecb -d -in
enc_aes-ecb.binc

ii. To view your encryption and decryption salt and key value, -p is
used after the command, for example:

7
© 2021 C-DAC, Hyderabad
3. Step 3 : Asymmetric Algorithms

a. Key Generation
Need to generate a pair of keys (Public/Private)

i. Private Key Generation with key size 1024 bit: $ openssl genrsa
-out private.pem 1024

ii. Public Key Generation : $ openssl rsa -in private.pem -pubout -out
public.pem -outform PEM

b. Encryption
Encrypt data stored in sample.txt with the public key and store it in
encrypt.txt : $ openssl rsautl -encrypt -inkey public.pem -pubin -in
sample.txt -out encrypt.txt.

c. Decryption
Decrypt encrypt.txt using private key : $ openssl rsautl -decrypt -inkey
private.pem -in encrypt.txt -out decrypted.txt

8
© 2021 C-DAC, Hyderabad
4. Step4: Message Digest & Digital signature

a. To know available hash algorithms : openssl dgst --help

b. To compute Message digest : openssl dgst -<hash_algorithm> -out

<digest> <input_file>

c. To Digitally sign a file or document : $ openssl rsautl -sign -in

<SampleFileName> -out <signature> -inkey <Private key>

d. To check & verify digital signature : $ openssl rsautl -verify -in

<signature> -out <AnyFileName> -inkey <PublicKey> -pubin

e. In order to verify use the command as $ openssl dgst -sha1 <FileName>

9
© 2021 C-DAC, Hyderabad
7. References
● https://www.geeksforgeeks.org/practical-uses-of-openssl-command-in-linux/

10
© 2021 C-DAC, Hyderabad