public key and private key encryption decryption Lab:asymmetric cryptography

Posted: 25 Aug 2018 in cryptography
Tags: , , , , , , , , ,

Here I am going to Introduce Asymmetric encryption decryption technology with an example lab in Redhat Enterprise Linux.
So I will show you how to create Private key and how to create Public Key.Also we will learn how to encrypt a file using Publick Key
and How to Decrypt it using Private key. So Basically We use Public Key for Encryption and Private key For Decryption.We will also learn how to password protect the Private key and how to remove the password from private key.I have used openssl command line tool to perform all this private key public key encryption decryption Lab.

Step 1:How to create a Private key?

here I am showing you how to create a  1024 bit Private key using RSA key. You can also create a Private Key using DSA Algorithm but here I am
using RSA Algorithm.

[root@one cryptography]# openssl genrsa -out private.pem 1024
Generating RSA private key, 1024 bit long modulus
........................++++++
...................++++++
e is 65537 (0x10001)
[root@one cryptography]#

private key

 

Step 2: Now Using Private key I am going to create  Public Key.

here I am going to create a Public key with the help of Private key i have created above.

[root@one cryptography]# openssl rsa -in private.pem -out publick.pem -outform PEM -pubout

public key

Step 3:Now create a File

I am going to create afile to test encryption decryption of the file through Private and Public key generated above.

[root@one cryptography]# echo " ethical hacking Tuition center" > satish.txt

 

using above command i have created a text file named satish.txt you can verify it using below command.

[root@one cryptography]# ls
private.pem publick.pem satish.txt

 

Step 4: How to encrypt File using Public Key

see carefully I am going to encrypt the file satish.txt with Public Key.

[root@one cryptography]# openssl rsautl -encrypt -inkey publick.pem -pubin -in satish.txt -out encryption.bat

 

Step 5:Now Delete the satish.txt file

When we have encrypted File now we use to delete the simple text file which is not encrypted or which is not secure.

[root@one cryptography]# ls
encryption.bat private.pem publick.pem satish.txt

[root@one cryptography]# rm -rf satish.txt

[root@one cryptography]# ls
encryption.bat private.pem publick.pem
[root@one cryptography]#


Step 6: Now how to Decrypt the File using Private Key

Now I am going to decrypt the encrypted file named encryption.bat with the help of Private key.If you don’t have Private key you can’t decrypt the File.
[root@one cryptography]# openssl rsautl -decrypt -inkey private.pem -in encryption.bat -out hacking.txt

 

Now you can see I have decrypted encryption.bat to hacking.txt.

[root@one cryptography]# ls
encryption.bat hacking.txt private.pem publick.pem
[root@one cryptography]#

 

you can also check or verify the content of the decrypted text.
[root@one cryptography]# cat hacking.txt
ethical hacking Tuition center
[root@one cryptography]#

 

 

How to Encrypt Private RSA key with a PASSPHRASE.

[root@one cryptography]# openssl genrsa -des3 -out private.pem 1024
Generating RSA private key, 1024 bit long modulus
...++++++
....++++++
e is 65537 (0x10001)
Enter pass phrase for private.pem:
Verifying - Enter pass phrase for private.pem:
[root@one cryptography]#

 

How to remove the passphrase from Private key

[root@one cryptography]# openssl rsa -in private.pem -out newprivate.pem
Enter pass phrase for private.pem:
writing RSA key

Now Check the output:

root@one cryptography]# ls


encryption.bat hacking.txt newprivate.pem private.pem publick.pem


[root@one cryptography]#

This is a snapshot for you guys.
key encryption

 

Private Key can be generated using RSA and DSA Algorithm:

 Both RSA and DSA algorithm private key can be simple or password protected.

Create a Private key using RSA algorithm Without Password Protection.

[root@localhost linux]# openssl genrsa -out private.pem 2048
Generating RSA private key, 2048 bit long modulus
...................................+++
.....................................................................................................................+++
e is 65537 (0x10001)
[root@localhost linux]#

 

Create a Private Key using RSA Algorithm With Password Protection.

 

[root@localhost linux]# openssl genrsa -des3 -out private_key.pem 2048
Generating RSA private key, 2048 bit long modulus
........................................+++
....................+++
e is 65537 (0x10001)
Enter pass phrase for private_key.pem:
Verifying - Enter pass phrase for private_key.pem:

 

Create a Private Key using DSA Algorithm without Password Protection.

Generating Private key for the DSA Algorithm is a two step process.

First we have to generate parameters from which to generate the key.
[root@localhost linux]# openssl dsaparam -out dsaparam.pem 2048
Generating DSA parameters, 2048 bit long prime
This could take some time

 

Then we will generate the private key itself with the help of dsaparam.pem

Create a Private Key using DSA Algorithm without Password Protection.

[root@localhost linux]# openssl gendsa -out prikey.pem dsaparam.pem
Generating DSA key, 2048 bits
[root@localhost linux]#

 

 

Create a Private key using DSA Algorithm with Password Protection.

[root@localhost linux]# openssl gendsa -des3 -out pri.pem dsaparam.pem
Generating DSA key, 2048 bits
Enter PEM pass phrase:
Verifying - Enter PEM pass phrase:
[root@localhost linux]#

How to create DSA Public key through DSA Private key.

[root@localhost linux]# openssl dsa -in prikey.pem -outform PEM -pubout -out dsapublickey.pem
read DSA key
writing DSA key
[root@localhost linux]#

 

Print Components of a Private Key to standard output.

 

[root@localhost linux]# openssl dsa -in prikey.pem -text -noout
read DSA key
Private-Key: (2048 bit)
priv:
77:90:17:96:4d:d3:60:ff:e2:30:2c:c3:ab:6f:38:
5c:28:67:c3:88
pub:
79:f5:83:a2:dc:74:ac:86:a3:d2:26:05:0d:a7:d0:
28:b0:10:0b:f2:c5:28:09:df:b9:83:23:66:87:cd:
8c:b3:22:42:57:db:5d:ee:a2:b4:e7:e3:d9:83:64:
38:4f:04:11:ee:84:59:7b:c2:08:2b:be:c9:3e:8e:
2c:9f:69:47:4e:2f:96:bf:40:f0:56:f9:36:5c:61:
6c:92:17:a2:59:6a:7f:81:4d:dc:93:ab:17:f1:ed:
71:8b:d2:2c:68:9e:3c:bc:9d:8c:2e:1b:20:30:58:
e0:74:c4:b1:cd:7b:9e:e2:80:e3:99:56:6a:55:56:
cf:f4:d1:e1:9c:7e:8d:96:cc:73:f8:45:8c:22:48:
df:d6:61:38:43:67:cb:6d:11:bd:db:a7:bf:08:01:
3c:00:77:b4:b4:d8:c7:7a:9a:79:b8:57:38:5a:64:
55:8b:5d:dd:ab:45:d0:64:5a:41:72:e6:a5:98:87:
70:64:32:55:f8:9c:4f:01:d7:f4:b0:79:ee:71:c1:
fd:df:8e:97:b8:85:8e:d7:05:9b:91:c7:5d:33:09:
9b:89:f7:1c:df:e5:bb:59:c3:44:52:19:5a:a4:1b:
b8:d6:00:12:e6:b3:21:1d:36:e2:a5:76:4f:8f:52:
23:a3:b2:7d:c1:3b:d7:94:c6:48:71:fa:37:87:1c:
72
P:
00:87:48:99:ee:0f:35:82:31:97:88:13:49:fd:5f:
45:05:a2:bf:06:94:9f:32:31:6a:e6:53:36:57:fe:
af:85:35:90:46:75:6a:2e:d1:7e:1d:86:cd:d1:ee:
9a:1a:f5:f2:d6:fc:77:25:66:b4:4c:66:7b:b1:a7:
dd:d2:89:ea:b3:8c:5f:91:ad:a2:fd:c8:29:cc:52:
8c:0a:93:f9:cf:ba:b1:c6:e5:e6:a6:88:5e:88:35:
e7:0c:03:b9:fa:e9:26:5a:93:02:94:e6:e5:19:d0:
e6:4f:dd:80:f8:99:90:e5:a3:1d:08:7a:76:47:7a:
fd:63:2c:aa:74:59:d7:6f:7c:7b:ac:d3:bb:e2:1c:
dc:b8:3c:2c:cb:9d:57:22:f6:90:67:1f:6b:a8:73:
a2:d7:de:0e:04:9a:7d:4d:a0:eb:20:cc:c3:ff:43:
5b:e1:fd:12:9a:08:7c:ac:19:0a:d8:20:0c:90:2c:
bc:9f:1a:85:48:34:c2:24:d3:83:42:34:83:92:79:
16:48:ac:1d:3b:a5:4d:05:36:c7:4a:bb:b8:de:6b:
62:92:4f:b7:0a:4c:12:7b:7e:b2:d1:60:2b:19:61:
79:e6:89:e2:27:03:76:2e:41:e8:2f:4d:5f:59:61:
7c:87:c0:45:24:d5:d5:e3:23:5a:99:bc:6c:0f:20:
86:af
Q:
00:eb:52:67:7e:bd:c0:7a:25:fe:66:8a:1e:22:40:
ba:5c:79:42:37:b7
G:
1b:db:e7:61:9e:8e:2b:ed:ec:a3:5c:76:81:6e:82:
01:00:4e:d1:ec:e7:d8:9c:ae:69:37:c6:19:ea:2b:
ef:72:8d:23:26:00:cc:79:31:67:ae:fe:1b:40:73:
95:83:98:15:32:83:1b:9b:d2:1c:8a:5f:27:66:c7:
0f:88:d2:61:25:81:c8:09:cc:f3:72:d7:28:1e:b1:
6a:8a:83:b9:8f:fb:7e:cd:b1:2e:82:d5:01:10:bc:
72:6d:e8:84:5e:34:64:6c:59:52:5f:69:00:23:a0:
1b:57:ce:3a:b5:07:e8:57:9f:b1:d6:05:08:62:8f:
6f:d1:58:ed:a2:6b:dc:87:e6:bf:18:3b:c5:67:26:
65:20:b3:6a:9b:43:3f:93:59:30:a4:60:8e:e0:f1:
b4:ea:e8:6d:8e:72:f4:2d:73:f9:14:e8:de:d8:e7:
30:af:ba:22:ab:e8:35:5b:bf:7c:5d:c5:8c:8b:f8:
ed:d1:5f:f2:00:76:2f:ec:72:8e:e0:f5:07:1c:a9:
b2:c2:59:af:f8:56:18:8b:57:ac:05:90:6a:3f:17:
44:a8:8a:c1:36:24:7f:7b:74:dc:9b:7c:c3:cd:e3:
d3:5d:53:a7:6d:39:ba:50:45:aa:e2:c8:48:5e:94:
72:cd:25:9e:b7:04:d1:f8:b0:09:cb:fc:84:d6:6d:
50
[root@localhost linux]#

 

Print the public part of a private key

[root@localhost linux]# openssl dsa -in prikey.pem -pubout -out pubkey.pem
read DSA key
writing DSA key

 

[root@localhost linux]# cat pubkey.pem
-----BEGIN PUBLIC KEY-----
MIIDOjCCAi0GByqGSM44BAEwggIgAoIBAQCHSJnuDzWCMZeIE0n9X0UFor8GlJ8y
MWrmUzZX/q+FNZBGdWou0X4dhs3R7poa9fLW/HclZrRMZnuxp93SieqzjF+RraL9
yCnMUowKk/nPurHG5eamiF6INecMA7n66SZakwKU5uUZ0OZP3YD4mZDlox0IenZH
ev1jLKp0WddvfHus07viHNy4PCzLnVci9pBnH2uoc6LX3g4Emn1NoOsgzMP/Q1vh
/RKaCHysGQrYIAyQLLyfGoVINMIk04NCNIOSeRZIrB07pU0FNsdKu7jea2KST7cK
TBJ7frLRYCsZYXnmieInA3YuQegvTV9ZYXyHwEUk1dXjI1qZvGwPIIavAhUA61Jn
fr3AeiX+ZooeIkC6XHlCN7cCggEAG9vnYZ6OK+3so1x2gW6CAQBO0ezn2JyuaTfG
Geor73KNIyYAzHkxZ67+G0BzlYOYFTKDG5vSHIpfJ2bHD4jSYSWByAnM83LXKB6x
aoqDuY/7fs2xLoLVARC8cm3ohF40ZGxZUl9pACOgG1fOOrUH6FefsdYFCGKPb9FY
7aJr3Ifmvxg7xWcmZSCzaptDP5NZMKRgjuDxtOrobY5y9C1z+RTo3tjnMK+6Iqvo
NVu/fF3FjIv47dFf8gB2L+xyjuD1BxypssJZr/hWGItXrAWQaj8XRKiKwTYkf3t0
3Jt8w83j011Tp205ulBFquLISF6Ucs0lnrcE0fiwCcv8hNZtUAOCAQUAAoIBAHn1
g6LcdKyGo9ImBQ2n0CiwEAvyxSgJ37mDI2aHzYyzIkJX213uorTn49mDZDhPBBHu
hFl7wggrvsk+jiyfaUdOL5a/QPBW+TZcYWySF6JZan+BTdyTqxfx7XGL0ixonjy8
nYwuGyAwWOB0xLHNe57igOOZVmpVVs/00eGcfo2WzHP4RYwiSN/WYThDZ8ttEb3b
p78IATwAd7S02Md6mnm4VzhaZFWLXd2rRdBkWkFy5qWYh3BkMlX4nE8B1/Swee5x
wf3fjpe4hY7XBZuRx10zCZuJ9xzf5btZw0RSGVqkG7jWABLmsyEdNuKldk+PUiOj
sn3BO9eUxkhx+jeHHHI=
-----END PUBLIC KEY-----
[root@localhost linux]#

 

How to Check RSA Private key

 

[root@localhost linux]# openssl rsa -in private.pem -check
RSA key ok
writing RSA key
—–BEGIN RSA PRIVATE KEY—–
MIIEpAIBAAKCAQEA1li2JQAHJroWO2xDyTsO5gv0haJbrLiJtGaBEqquBxiYfY2B
6hRk7AURZGGtabTmJoljDx69dJmJKcKLAMaC7JUnq38qz7LDOVyfWULdK8xRpLyQ
MHZUJan4Snfvc3KeURDA4ruxX31ezVn5f7J6UaPYynkD4QB9kvIJxbDrDyZdSogU
uhvNWV0/uwyGgejUMCqzDOltX87jEmE3GERzUhYLt4dnGw2kLdrIQgW7W7u2k7nK
fC2epPENu8//8pkhQonbDHyjVl24U5ShJAC78sJLsnUD7R83ycc4A/UhUStKRiPB
fEAd6jKHpYPY42mgrVW0rBFLCpWSchBa91JagQIDAQABAoIBAQCCltmiATpaJdWV
rog9+XVCQtZe9GPV/zgmaK0KqmIMgLenBqe37WTvRscp2TjFxijSIbHwbFIQz9n5
T0VQ26C4cscQfRGgKNE4CW4r+8iz/m9fZmKSpATwTXWwKRIBzDsYOJTLjn6qJr+z
bLXNTvem9aQG92Odmabn9/5sKzWKrD8foUX8BEPNQ7C/swWDOM34DQRgsCRnv3Fs
GxJQOJpIMgkyYLwCxEF4cni8uyr09w9nwPB49TAiKA531W4pADdBdDLbje7Ul38n
+rsbCBkvWN/l/tebw7Yjl5E52hGSbM4sWDI4HDXWGYqq9HP7GRKZd40Dlmu2eo/U
RDkDaBVhAoGBAPdOFRJRCv4fvfwTyhqRNC+j5ZAfk8PQvj5P8dqzVxzLDJTaTsob
OFFTJ4OaZpacaNnr/vtJ2YOCEMfoI1t/wgLJ6wr2GHf8dNRwgwwX7TfUQkQUvD1o
aO6hE2p4FUEh0M0l6tzbXToNp4ohwbs1cgtdDrqFPkAMW0vKR6tavMaLAoGBAN3h
+tjHRnZggUVgJOUnwMqZ8isY53QqC7ZHWxxPG/JZNIp7Fie4/zPK016dIgsm0ZPG
wmYwZPlj3LrGKNV+fnv3ZJGDLV+0WUyG1T4e+4kZGelcYih4VE4jiVpv80sm5pB0
qOy7DjGoOo8a0d6XxsSJm7jI/RttLxrpGrhITdCjAoGAU9j5c/heTcLdWzYqc89/
bheXocHTC7Uei2n3ijr78hs17NIHnKaV9ZzH7OrQlYf6VMia7wAe62OR5PVj54Xt
dZyYQGMn8KZ7xftPsy35k9A3l3WgTQG1chLSzmpganDYpnWQp8kIVsKCZ2cClEKO
pCOs9rhuXrDR02SF4CcnkfkCgYBcgGuNmHZdv5nlDFIVXt9XF5sIMJe9rBG56kGn
qati+6GV4f64jL2IIBTCqwuYTpSs4P4GkEJoXiOVkitP5i5hDCBXMbLm5U8dQlEA
VvZSj65nxWX+rTuoX9RRab6qJAuXSatrFgiy1wmiw3GfNPNe2GedP92VY41x0KCd
FzeptQKBgQCCVhVRPDNqDmxCp9voLNA7Ny856cArkNWClk9tguXlvs81zPlTxLoZ
RKsyVRzzRQzZK2KERduNgh1UnrSBlKc0XYd++SFijKWEO8ZvGNZX9H3Ieh5yxnNl
aBBE6rd8ZrnzSjMMd5K+cit1YchXVdMUA0kIE2KKrITLdLQdmXsURA==
—–END RSA PRIVATE KEY—–
[root@localhost linux]#

If you have any doubt or suggestion regarding Public key or Private key generation or usage you can ask me or suggest me through comment section.

 

I will try to enhance my article and also update if required.


donation for linuxtiwary.com!

Advertisements

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.