Instead, you decide to use OpenSSL to encrypt the message before sending it over the internet. Here are the steps involved in this process:
1. Generate key pairs (public and private keys) using OpenSSL on both your computer and your friend’s computer. This is like getting a pair of matching socks one for you, one for them. The public key can be shared freely, while the private key must remain secret.
2. Share your friend’s public key with them so they can encrypt messages that only you can decrypt using your private key. You do this by copying their public key to a file and sending it over email or messaging app (just kidding!). In reality, you would use secure methods like scp or sftp to transfer the files between computers.
3. Write your secret message in a text file called “top_secret.txt”. This is where you put all of your juicy gossip and classified information.
4. Use OpenSSL to encrypt the contents of “top_secret.txt” using your friend’s public key. The output will be a new file called “top_secret.enc”, which contains the same message but in an unreadable format (like a secret code). This is like putting on a pair of socks and then hiding them inside another sock to make it harder for someone to steal them.
5. Send the encrypted file over email or messaging app, just like you would with any other attachment. Your friend can decrypt the message using their private key (which only they have) and read your secret gossip without anyone else being able to see it. This is like taking off one sock and putting on another pair of socks that matches the first ones now both pairs are hidden inside each other!
6. Your friend can also use OpenSSL to encrypt their own messages using your public key, which you received in step 1. They would follow steps 3-5 from above to send you a secret message.
7. When Alice receives the encrypted file “reply_secret.enc” from Bob via scp or sftp, she cannot make sense of it if she tries to read it using normal tools:
alice $ ls -l reply_secret.enc
-rw-r–r–. 1 alice alice 128 Mar 22 18:01 reply_secret.enc
Alice can use the hexdump tool to view the contents of “reply_secret.enc” in hexadecimal format, which might help her understand what’s inside:
alice $ hexdump -C ./reply_secret.enc
00000000 92 46 dd 87 04 bc a7 2e 34 22 01 66 1a 13 31 db |.F……4″.f..1.|>
00000010 c4 5c b4 8e 7b 6f d4 b0 24 d2 4d 92 9b 49 7b 35 |.\..{o..$.M..I{5|>
00000020 da 7c ee 5c bb 6c cd 82 f1 1b 92 65 f1 8d f2 59 |.|.\.l…..e…Y|>
00000030 82 56 81 80
Alice can then use OpenSSL to decrypt the message using her private key, which will reveal its contents:
alice $ openssl rsautl -decrypt -in reply_secret.enc -out reply_secret.txt -pk8 < /path/to/private-key.pem This command tells OpenSSL to use the RSA algorithm (rsautl) to decrypt the contents of "reply_secret.enc" using Alice's private key, which is stored in a file called "private-key.pem". The output will be saved to a new file called "reply_secret.txt", which contains Bob's secret message.