Everybody nowadays thinks in terms of securing data. For securing data cryptography comes into the picture. Cryptography is nothing but writing down your plain text into secure code format.
Basically, in Linux, there are two methods of cryptography.
Encryption: This method uses plain text as an input & transforms it into some other form using the coding technique “cipher” & this can only be decrypted using a key. Here the key plays a major role in converting the plain text into decrypted form “cipher text” & vice versa.
Hashing: This method also takes the plain text as input however it applies hash to represent a binary form of the plaintext input. We cannot convert the output into the plain text as in case of encryption. Hence it's a one-way process.
1. Encryption
Steps:
1. Create a file test.txt with a line in it: Test encryption
# cat test.txt
Test encryption
2. Now let’s Encrypt with 3DES and salt which introduces randomness and reduce vulnerabilities to brute force attacks.This command will ask for the password twice.
#openssl des3 -salt -in test.txt -out test_out.des3
enter des-ede3-cbc encryption password:
Verifying - enter des-ede3-cbc encryption password:
# ls -ltr
total 8
-rw-r--r--. 1 root root 20 Jun 21 06:19 test.txt
-rw-r--r--. 1 root root 40 Jun 21 06:19 test_out.des3
3. Now let’s decrypt the cipher(use the same password used in step 2):
# openssl des3 -d -salt -in test_out.des3 -out dec_test.txt
enter des-ede3-cbc decryption password:
# ls -ltr
total 12
-rw-r--r--. 1 root root 20 Jun 21 06:19 test.txt
-rw-r--r--. 1 root root 40 Jun 21 06:19 test_out.des3
-rw-r--r--. 1 root root 20 Jun 21 06:20 dec_test.txt
# cat dec_test.txt
Test encryption
The text in dec_test.txt is the same as in test.txt.
2. Hashing
Steps:
1. Create a file test.txt with a line in it: Test Hashing
# cat test.txt
Test Hashing
2. Now Let’s hash this file to use a digital signature. In this case, we are using MD5 as our hashing algorithm.
#openssl dgst -md5 -c -hex -out test.md5 test.txt
#ls -ltr
total 8
-rw-r--r--. 1 root root 20 Jun 21 06:19 test.txt
-rw-r--r--. 1 root root 67 Jun 21 06:28 test.md5
#cat test.md5
MD5(test.txt)= 1f:dc:18:6f:8c:d9:b3:49:98:65:b8:34:d8:94:b1:0a
Now if you make a minor change in the “test.txt” & if you apply the above command then the MD5 hash will be different which proves the changes made to the file.