File Encryption

Previous page
Table of content
Next page

You may want to keep some of your files confidential, so that no other user can read them, including the superuser. For instance, you may have some confidential personnel records that you do not want others to read. Or you may have source code for some application program that you want to keep secret. You can protect the confidentiality of files by encrypting their contents. When you encrypt the contents of a file, you use a procedure that changes the contents of the file into seemingly meaningless data, known as ciphertext. However, by decrypting the file, you can recover its original contents. The original contents of the file are known as plaintext or cleartext.

Many UNIX variants, other than Linux distributions, provide the crypt command for file encryption. We will describe how to use the crypt command here. Note that the crypt command, if available on your system, cannot withstand serious attack. After we discuss how to use crypt, we will explain why files encrypted using it are vulnerable to attack and why it is not included in Linux. We will also describe replacements for it that can be used for serious encryption.

Using crypt

To use crypt to encrypt a file, you need to supply an encryption key, either as an argument on the command line, as the response to a prompt, or as an environment variable. Do not forget the key you use to encrypt a file, because if you do, you cannot recover the file-not even the system administrator will be able to help. The type of encryption used by the crypt command is called private key encryption, since anyone who knows the encryption key can easily find the decryption key In fact, for crypt the encryption key and the decryption key are exactly the same! (Later in this chapter we will discuss a different kind of encryption system, known as a public key system, where knowing the encryption key does not provide useful help for decryption. In particular, we will discuss the popular Pretty Good Privacy [PGP] system.)

Providing the key on the command line is almost always a bad idea (you’ll see why later in this chapter). However, you may want to use the crypt command in this way inside a shell script. The following example shows this use of crypt. The command line

 $   crypt   buu2   <     letter    >   letter.enc

encrypts the file letter using the encryption key “buu2”, putting the encrypted contents of the file letter in the file letter.enc. Generally, you won’t be able to view the contents of the file letter.enc, because it probably contains non-ASCII characters.

For instance, if the file letter contains the following text,

 $ cat letter Hello, This is a sample letter.

then using crypt with the key “buu2” gives

 $ crypt buu2 < letter R-Sw1;M>6X_4#=R ;w0M4K\$

where the last character, the dollar sign, is the prompt for your next command.

Hiding the Encryption Key

When you use crypt with your encryption key as an argument, you are temporarily making yourself vulnerable. This is because someone running the ps command with the -a option will be able to see the command line you issued, which contains the encryption key

To avoid this vulnerability, you can run crypt without giving it an encryption key When you do this, it will prompt you for the key The string you type as your key is not echoed back to your display Here is an example showing how crypt is run in this way:

 $ crypt < letter > letter.enc Enter Key: buu2

You enter your encryption key at the prompt “Enter Key:”.

Using an Environment Variable

You can also use an environment variable as your key when you encrypt a file with crypt. When you use the -k option to crypt, the key used is the value of the variable CRYPTKEY. For instance, you may have the following line in your .profile: 

 CRYPTKEY=buu2

To encrypt the file letter, you use the command line

 $ crypt -k letter

The preceding example encrypts letter using the value of CRYPTKEY, buu2, as the key.

Generally, it is not a good idea to use this method because it uses the same key each time you encrypt a file. This makes it easier for an attacker to cryptanalyze your encrypted files. Also, storing your key in a file makes it vulnerable if an unauthorized user gains access to your .profile.

Decrypting Files

To decrypt your file, run crypt on the encrypted file using the same key This produces your original file, because the process of decrypting is identical to the process of encrypting. Make sure you remember the key you used to encrypt a file. You will not be able to recover your original file if you forget the key, and your system administrator won’t be able to help you.

Using the -x Editor Option

One way to protect a file is to create it using your favorite editor and then encrypt the file using crypt. To modify it, you first need to decrypt the file using crypt, run your editor, and then encrypt the results using crypt. When you use this procedure, the file is unprotected while being edited, since it is in unencrypted form during this time.

To avoid this vulnerability, you can encrypt your files by invoking your editor (ed or vi) with the -x option. For instance, to use vi to create a file named projects using “ag20v3n” as your encryption key, do the following:

 $ vi   -x projects Key:  ag20v3n

The system prompts you for your encryption key You have to remember it to be able to read and edit this file. To edit the file, run vi -x and enter the same key when you are prompted. You can read the file using this command:

 $ crypt < projects Key:  ag20v3n

The Security of crypt

Unfortunately, the encryption provided by this command is quite weak; files encrypted using it cannot withstand a serious attack. The algorithm used by crypt to encrypt files simulates the action of a mechanical encrypting machine known as the Enigma, which was used by Germany during World War II. Files made secret using crypt are vulnerable to attack. For example, tools have been developed by Jim Reeds and Peter Weinberger and publicized in the Bell Laboratories Technical Journal to cryptanalyze files encrypted using crypt. There has even been a distribution on netnews of a program written by Bob Baldwin in 1986 called the Crypt Breaker’s Workbench that performs this cryptanalysis. The moral is that you should not consider files encrypted this way to be very secure.

Strong Replacements for crypt

The primary reason that the crypt command is not included with Linux is that until the mid-1990s, U.S. government regulations prohibited the export of systems that included cryptographic functions, including UNIX with crypt. Surprisingly, such systems were classified as munitions. Computer vendors exporting their UNIX systems outside of the United States. and Canada had to remove the crypt command. Because Linux was meant for worldwide use, Linux developers avoided implementing this command. Furthermore, in the early 1990s more powerful cryptographic capabilities were developed to provide encryption that could withstand serious attacks, including the Pretty Good Privacy system (and the GNU version, the GNU Privacy Guard). We will discuss the Pretty Good Privacy system and the GNU Privacy Guard later in this chapter.

Because the crypt command is cryptographically weak and because it is not available for all UNIX variants, several stronger replacement commands, ccrypt and mcrypt, have been developed. These replacement commands are designed to be used in the same way the crypt command is used, taking options that are almost identical to the command-line options for crypt. This makes it easy to upgrade shell scripts written using crypt to provide strong encryption. These replacements commands support extremely strong encryption capabilities that can withstand powerful attacks. The ccrypt command is available for Linux, Solaris, HP-UX, AIX, Mac OS X, FreeBSD, OpenBSD, and NetBSD. Encryption in ccrypt is based on the Advanced Encryption Standard, a U.S. government standard. You can learn more about ccrypt and download it by going to http://ccrypt.sourceforge.net/. To learn more about mcrypt, which supports a wide range of cryptographic algorithms, go to http://mcrypt.sourceforge.net/.

Compressing and Encrypting Files

You can protect a file from cryptanalysis by first compressing it and then encrypting it. In this section you’ll first learn how to compress files and then see how to use compression to help make files more secure.

Compressing Files

Compression replaces a file with an encoded version containing fewer bytes. The compressed version of the file contains the same information as the original file. The original file can be recovered from the compressed version by undoing the compression procedure. A compressed version of the file requires less storage space and can be sent over a communications line more quickly than the original file.

Most UNIX variants provide several commands that you can use to compress files. For example, systems based on SVR4 include both the pack and the compress commands. Other systems, including Linux, provide the gzip command (and usually also provide pack or compress).

THE pack COMMAND   When you use the pack command on a file, it replaces the original file with a compressed file. The compressed file has the same name as the original file except that it has a .z at the end of the filename. Also, the pack command uses standard error to report the compression percentage (which is the percentage that the compressed file is smaller than the original file). For instance, this is how you would compress the report file using pack:

 $ pack report pack: report:    41.3% Compression

Listing all files that begin with the string report then gives this:

 $ ls report* report.z

You can recover your original file from the compressed version by running the unpack command with the original filename as the argument, as shown here:

 $ unpack report unpack: report: unpacked

THE compress COMMAND   The pack command uses a technique known as Huffman coding to compress files. Typically this technique achieves 30–40 percent compression of a text file. However, other methods can compress files into fewer bytes. One such compression technique is the Lempel-Ziv method used by the compress command. This command originally came from the BSD System. Because the Lempel-Ziv method is almost always more efficient than Huffman coding, compress will almost never use more bytes than pack to compress a file. Generally, Lempel-Ziv reduces the number of bytes needed to code English text or computer programs by more than 50 percent.

When you run the compress command on a file, your original file is replaced by a file with the same name but appended with .Z. For instance,

 $ compress records $ ls records* records.Z

Note that the compress command does not report how efficient its compression is (unlike the pack command) unless you supply it with the -v option, as shown here:

 $ compress -v records records: Compression: 49.17% -- replaced with records.Z

To recover the original file, use the uncompress command. This uncompresses the compressed version of the file, removing the compressed file. For instance, this is how you would obtain the original file records: 

 $ uncompress records

If you wish to display the uncompressed version of your file but leave the compressed version intact, use this command:

 $ zcat records

THE gzip COMMAND   The gzip command is the standard GNU compression program. When you use the gzip command on a file, this file is replaced by a compressed version that has the same name as the original file but with the extension .gz added. For example, the command

 $ gzip records

replaces the file records with the compressed file records.gz. To decompress files that were encrypted using gzip, you can either use the gunzip command or the gzip command with the -d (decrypt) option. Note that it is not necessary to provide the extension .gz when using either of these decryption commands. For example, either

 $ gunzip records

or

 $ gzip -d records

will replace the encrypted file records.gz with the original file records.

Compression and Encryption as Security Measures

To make it harder for an intruder to recover the plaintext version of a file from the encrypted file, you can first compress the file and then encrypt it, preferably by a strong encryption program. Programs designed to cryptanalyze files encrypted using particular algorithms will not work well when you do this. For instance, if you only have the crypt command available, you can make your file more secure by using the pack command followed by the crypt command. (Note that your files will still be vulnerable to serious attack, but this approach will provide some added security)

 $ pack records pack: records: 41.1% Compression $ crypt < records.z > records.enc Enter key: buu2 $ rm records.z

To recover your file, use the crypt command followed by unpack:

 $ crypt < records.enc > records.z Enter key: buu2 $ unpack records unpack: records: unpacked

You can also combine compress and crypt. To make your file secure, use the compress command followed by the crypt command:

 $ compress records $ crypt < records.Z > records.enc Enter key: buu2

To recover your original file, use the crypt command followed by uncompress:

 $ crypt < records.enc > records.Z Enter key: buu2 $ uncompress records



Previous page
Table of content
Next page
UNIX. The Complete Reference
UNIX: The Complete Reference, Second Edition (Complete Reference Series)
ISBN: 0072263369
EAN: 2147483647
Year: 2006
Pages: 316
Authors: Kenneth Rosen, Douglas Host, Rachel Klee, Richard Rosinski
BUY ON AMAZON
Professional Java Native Interfaces with SWT/JFace (Programmer to Programmer)
Managing Enterprise Systems with the Windows Script Host
Data Structures and Algorithms in Java
Microsoft VBScript Professional Projects
InDesign Type: Professional Typography with Adobe InDesign CS2
Visual Studio Tools for Office(c) Using C# with Excel, Word, Outlook, and InfoPath
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy