Secure Documents

From
Revision as of 12:51, 20 April 2005 by Jeschke (talk | contribs)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search

Secure Electronic Documents with PDF

Encryption

Signatures

Possibility of Encrypting Files with UNIX and Linux

With Linux you have in general two ways of encrypting files effectively:

  • File based Encryption
  • File System based Encryption

File based Encryption with OpenSSL

OpenSSL supports a great variety of strong encryption algorithms.

Symmetric Encryption with AES

To encrypt a file (e.g. document.txt) symmetrically with AES-256 just use: 

$ openssl aes-256-cbc -e -in document.txt -out document.enc
enter aes-256-cbc encryption password:
Verifying - enter aes-256-cbc encryption password:

You will be asked for a password twice. This is the symmetric key for encryption/decryption. To decrypt the secured file use: 

$ openssl aes-256-cbc -d -in document.enc -out document.txt
enter aes-256-cbc decryption password:

Asymmetric Encryption with RSA

OpenSSL also supports asymmetric encryption, e.g. with RSA. First you need a private key to decrypt files, addressed to you later. Use a key with a minimal key size of 1024: 

$ openssl genrsa -out bob.priv 1024
Generating RSA private key, 1024 bit long modulus
...........++++++
......++++++
e is 65537 (0x10001)

Than export your public key from the private one: 

$ openssl rsa -in bob.priv -out bob.pub -pubout

This public key could be sent to the sender, who encrypts the file, addressed to you. Your correspondence (e.g. Alice) encrypts the file with your public key: 

$ openssl rsautl -encrypt -in document.txt -out document.enc -inkey bob.pub -pubin

You can decrypt the file with your private key (bob.priv): 

$ openssl rsautl -decrypt -in document.enc -out document.txt -inkey bob.priv

File based Encryption with GnuPG

The GnuPG (GPG) program is optimized for e-mail-embedded encryption especially with asymmetric algorithms. Default the ElGamal/DSA encryption will be used. A nice feature is the possibility to save public keys on so called "key servers".

To encrypt a file for Bob, Alice needs the public of Bob. A simple way is to import the key, which Alice get from Bob over a secure channel: (cut and paste to stdin) 

$ gpg --import
-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: GnuPG v1.2.5 (GNU/Linux)

mQGiBDyFlIkRBACfVHJxv47r6rux7TwT4jHM7z/2VfyCrmcRegQEsbdLfqu3mEmK
RouuaDQukNINWk2V2ErOWzFnJqdzpapeuPJiOWp0uIEvU3FRPhYlytw9dFfwAHv4
MJ7639tAx9PfXBmZOd1PAoE451+VLhIGlLQiFGFppJ57SZ1EQ71/+/nkSwCg8Mge
XFDxWgC+IH7CSUlLeLbJzU0D/AwpEG732YmcH8JmMCN3LpvuOh11fa4GmE4Su7nb
Ze4buY4NEiV4gYBDvSIuixSyfQK4fxFDXrgCyV6TiCN0dLlshaFsVDHlci9/Qkpz
uwTFi0fsDAAA4JgWSFhX++obaLAqbSiYQXYlrfOS5r8q2O/gd8f3INCwo/t8NzHO
Xcm0A/4r6h5qVqcI39SOpRwJ057hnFbOhCDKkdVkJ3u974NrnvMkVolneaI8gt4Y
PSCo2u65pOULedmkY9r03v0jA+CHYBRqaZlTUkaZSxPIai8nWFXwwUXyk6lbE5l6
Zp3PmscDhRMIN82lwWvDbQb7cPf5nGvHaKja4E7PeZjCnqhyW7Q3QWRlbGUgKERl
ciBmcmV1bmRsaWNoZSBFLU1haWwtUm9ib3RlcikgPGFkZWxlQGdudXBwLmRlPohX
BBMRAgAXBQI8hZSJBQsHCgMEAxUDAgMWAgECF4AACgkQ5XM0aZKrP/cVUQCcCg0D
7UdPqImr+uMHbhmpa+sp0YsAnikvdHStgyYGVH11WxpwUbZ7pFh0iEYEEBECAAYF
AjysOCIACgkQ1KFFRITexqY/gQCgl8e3xWo0e4XmxZFXyf/alFNPXpMAnjCW2PF6
r8Qop5yOKqwAF77Yf57biEYEEBECAAYFAjzJKAEACgkQRzhZddU/jsNWxwCeP17t
FqcnEwhSR+x0VKryNhaQGqoAoL5ONyTQagld+3eo1KJmC/ioTVByiEYEEBECAAYF
Ajz2xlcACgkQvrH7jXtexdeXnACcDuZ8ccba4B5SJ1jvqPH1LNQ24IAAoNrGYLUr
FWGbmDJ+K6d5uoimy46WiEYEEBECAAYFAj1SZXAACgkQg+j6cbVROcAIHgCePJY0
L4dZ7NXtPWCDMRMeRfn/AiAAoN2JmArlNBeGhoBLNTcD1D3RJZR3iEYEEBECAAYF
Aj1XtVgACgkQBxToOlwvD1Hj7QCdFqY9IV+IfmITpG7GWXJsKyqpUSoAn1cqqXrp
p25McK4Xe92zUv4fHwsriEYEEBECAAYFAj2kd0kACgkQ3Wfq6WhVEt0y1QCgjRL7
YKiZ8PJ2Hqilj4UHO0na7ZEAnjjAj7LhehGpDLfhaWzKJDcwjYTPiEYEEBECAAYF
Aj57Dp8ACgkQ61LGAMC0CWLeWwCdFQdl3u3XPcoyu1cnx49oxXhxzkgAoPmPy1uT
hSDsQcgCiIB7WOK46LMJiEYEERECAAYFAj1wpz8ACgkQY0wYHEsQySSTTACgnITA
JbYypobQRqRgC98Hjh3m6wkAoI0igVEHiG+EdH1zRbOJQ+ZWHfYRiEYEEBECAAYF
Aj+NTiIACgkQyJDKlzI3w7lZtQCgturczIt1Nxdlu2Y2dHFryi3NAxUAn3Jt7bSH
JMT1mSfEGpfHhNpUX5odiEYEEBECAAYFAkAx194ACgkQ25KzDkKyFYjZmQCfYt4z
0czZh/BTsG7lSbgByD6HJ6gAn2m+iKvEn/2lf0Wx+/FoVpxqtNEcuQENBDyFlJUQ
BACF7J+9d+E1aPlyIdFaF4aZqI/w0NAYkpteYKfo3PVcgXB0okWf81d7dHm/z1tB
IVf+STxG8zygq2NuD4fGJWmkzHb0pz12MjzMphnR8CcuwumpF64iB5s8MxIwTWZC
LEFtqNPh///m2FxP4XfsutnLDQllc62RisWL6psc6cvi6wADBQP/WKMatekcBZPz
0L6FOCJqtFa4+9jmvHKi5nLtVwuIFdvrc7e8LNZw6oVrCP44xZrmfryOUuhU05ee
TM4CBJiO4NzqhbST1NWl6AvB+KMy+fP5t8VHqnADngY07e/JKIbrLtylTdeQQO/z
m3U3F/e4UotBhI8VJ4aXy+5/841o7HyIRgQYEQIABgUCPIWUlQAKCRDlczRpkqs/
979tAKCSRnnmYzAkm17ZjUsH1kLCzndPuACgnV8LeedsovXQX1z6PKQdSg54bW0=
=I1/Y
-----END PGP PUBLIC KEY BLOCK-----

or from a file: 

$ gpg --import bob.pub.gpg

Now you can encrypt your file for Bob with: 

$ gpg -o document.gpg -er Bob document.txt

Bob should be able to decrypt the file with: 

$ gpg -o document.txt -d document.gpg

In addition GPG supports symmetric cryptography with the switch -c. See man gpg for further information.

Encrypted File Systems and related Stuff

Instead of encrypt/decrypt every file alone, it can make sense to use encryption for whole filesystems, which encrypt/decrypt file on-the-fly at access. Linux comes with some built-in solutions to obtain this feature.

EncFS/FUSE

FUSE is a combination of kernel module and a userspace library to provide the implementation of userspace filesystems. The EncFS program is such a program using the FUSE library. The big advantage is, that you are independent from your systems administrator if you want to use encrypted file systems. EncFS stores the encrypted files as encrypted files in another directory with also encrypted file names. The Usage is very simple: once you have configured an directory storing EncFS data, you only have to run: 

# fuse doesn't shipped with default SuSE kernels
$ modprobe fuse
$ encfs ~/.crypto ~/.secret

and enter your encryption passphrase to save/read files to/from ~/.secret while the encrypted data are inside ~/.crypto. If you don't need the secret data, just run: 

$ fusermount -u ~/.secret

and your decrypted data are unaccessible for other user on your system.

To setup a directory for EncFS run encfs in the shown way with encfs [srcdir] [destdir]. If the directory wasn't prepared you will be asked for some details: 

$ encfs ~/.crypto ~/.secret


  • Cryptoloop
  • loop-AES
  • dm-crypt

Encrypted FileSystem (EFS) with Windows 2000/XP/2003

What is EFS?

EFS is part of the OS and makes encryption of files and folders on a NTFS-partition possible. It is very easy for a user to encrypt or decrypt a file.

Why EFS?

With EFS you have an file access authorization. F.e. if an other user have physical access to your machine too maybe he has access to your private files. so you can encrypt the files with EFS and only you, with your private key, can open the file. EFS works transparently in the background.

Encryption

EFS use a combination of symmetric and asymmetric encryption. At first the file will be encrypted via DESX(128bit) or 3DES(168bit), the symmetric encryption, and then the key will be assymmetric encrypted via RSA(1024bit). The private key is saved on the machine encrypted via the user master key.

Security

The only way (at the moment) to hack the symmetric or asymmetric key is brute-force and that takes a long time. So the best solution is to save the private key on a smartcard, but if you will lose the key you will have no longer access to the files. EFS provides the service of an Recovery Agent and he(normaly the administrator of the domain) will get automaticly access to all encrypted files of all user on his domain. => ATTENTION! Access to the recovery agent means access to all files!!!

Recovery agents can be designated either for the local computer or the complete domain.

Problems

  • Saving an encrypted file on a non NTFS-Partition means lost of encryption.
  • tmp-files are normaly not encrypted => best solution is to encrypt a folder so all files in the folder are encrypted (f.e. word always creates the tmp-files in the same folder)
  • EFS provides only non-encrypted transfer over network
  • packed and system-files can be not encrypted
  • with pysical access and a bootdisk its possible to get access to files on a Win2k System
  • EFS is not a 100%security ,it makes it more difficult to get access but not impossible(so don't save files on the harddisk if it is not necessary)

Problems

Intersystem Communication or Using

Attacks

Physical Attacks

Decrypted Copies

/proc/kmem

Literature

  • Die PostScript- & PDF-Bibel, Thomas Merz, Olaf Drümmer, Dpunkt Verlag, ISBN: 3935320019
  • Windows Server 2003, Eric Tierling, Addison-Wesley, ISBN: 3827320763
  • google.de ;)
Retrieved from "https://sarwiki.informatik.hu-berlin.de/index.php?title=Secure_Documents&oldid=3051"