Wednesday, October 8, 2008

UNIX Simple Encryption

UNIX has a simple encryption tool called GPG which can be invoked using the gpg command with appropriate parameters.
This command is used to encrypt the contents of a text file
The command works like this:
  1. Suppose you hav a file called abcd.txt which contains a single word : unix
  2. You encrypt the contents of the file using this format:
  3. gpg -c filename (OR) gpg -c abcd.txt (in this case).
  4. It asks for a passphrase which acts as a key used to encrypt the contents of the file. Passphrase acts like an encryption key used in common encryption algorithms like AES,DES algorithms and SH(Secure Hash) algorithm etc.
  5. On entering the passphrase, the data in the file abcd.txt gets encrypted and stored in a new file called 'abcd.txt.gpg'
  6. The file called 'abcd.txt.gpg' contains : <8c>^M^D^C^C^BGFt<84>UÌ2*`É#È ÿ,¡©;ÛXk^T|<8e>ãüÄv+^S(1} ^E<8c>¾á^CÑ2^GÈíò$
  7. This is the encrypted form of the word 'unix' when we give a passphrase of 123.
  8. To get the data back from the file 'abcd.txt.gpg' use the following command : 'gpg -d abcd.txt.gpg'
  9. It asks for the passphrase which you entered during encryption. Enter 123 (or whatever you entered)
  10. On entering the passphrase, you get back the original text from the encrypted format.
Drawbacks:
You have to specify which files' contents are to be encrypted when using : gpg -c filename
Then you have to specify a passphrase when prompted and reconfirm it
While decrypting it you hav to again enter : gpg -d filename.gpg
Then you have to re-enter the passphrase to get the original contents of the file

Another Implementation
I am in the process of creating a unix Script which takes as arguments a) the filename of the file whose contents are to be encrypted and b) the passphrase.
This script will be used during encryption
Command : encrypt abcd.txt 123

Similarly there will be another unix Script which takes as arguments a) the filename of the encrypted file and b) the passphrase
This script will be used during decryption
Command : decrypt abcd.txt.gpg 123

[Note:An expect script will be used to get arguments from the Shell and return the output back to the Shell]
This allows the user to just use 2 commands to encrypt and get back the original text

No comments: