LinuxQuestions.org
Visit the LQ Articles and Editorials section
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices

Reply
 
Search this Thread
Old 09-16-2008, 11:36 AM   #1
richinsc
Member
 
Registered: Mar 2007
Location: Utah
Distribution: Gentoo Linux (3.0.6-gentoo)
Posts: 222

Rep: Reputation: 31
Openssl Certificate Generation Question AES


I have seen that openssl can generate RSA, DSA, EC keys but what about AES? I have a mainframe that can't use RSA because I don't understand RSA. Mainframe is AS/400. Currently trying to utilize vsftpd with ssl. While I have gotten this to work with RSA cert. I need to know if it's possible to generate and AES cert.

All the documents that I have found for openssl thus far to do not mention utilizing AES. Currently also looking to see if modules can be installed to allow RSA on mainframe.

Also from what reading i have done if I understand this correctly AES would require keys to be manually exchanged while RSA does exchange at the connection point. Thus RSA will be simpler to maintain when having multiple connections top server.

Any help with this would be much appreciated, and if I have misunderstood something please speak up and let me know.

This is the command structure i used to gen cert.

Code:
openssl req -x509 -nodes -newkey rsa:1024 -keyout /etc/vsftpd/vsftpd.pem -out /etc/vsftpd/vsftpd.pem

Last edited by richinsc; 09-16-2008 at 11:47 AM. Reason: Command Structure Added
 
Old 09-16-2008, 12:14 PM   #2
Matir
Moderator
 
Registered: Nov 2004
Location: San Jose, CA
Distribution: Ubuntu
Posts: 8,507

Rep: Reputation: 118Reputation: 118
OpenSSL is based on public-key cryptography: e.g., a pair of private/public key. AES is a symmetric crypto system: e.g., one key being used at both ends. In this way, they're very different. I believe many implementations using OpenSSL use RSA or DSA to actually exchange an AES or Blowfish or similar key which actually encrypts the channel. I hope this helped clear things up a bit -- I'm not sure I totally understood the question.
 
Old 09-16-2008, 12:33 PM   #3
richinsc
Member
 
Registered: Mar 2007
Location: Utah
Distribution: Gentoo Linux (3.0.6-gentoo)
Posts: 222

Original Poster
Rep: Reputation: 31
Yes, you cleared things up quite a bit... If RSA is only the "transfer medium" as I would call it, then I just need to create and AES cert. Which I think I am on the right track to doing. I am following the following instructions. http://www.tc.umn.edu/~brams006/selfsign.html The only thing I did was change des3 to aes256. We'll see what happens.
 
Old 09-16-2008, 09:47 PM   #4
chort
Senior Member
 
Registered: Jul 2003
Location: Silicon Valley, USA
Distribution: OpenBSD 4.6, OS X 10.6.2, CentOS 4 & 5
Posts: 3,660

Rep: Reputation: 69
RSA is not a transfer mechanism. It's used to authenticate the identity of each side of a transmission so that trust can be established when you exchange information securely. The authentication key never changes (well, rarely), so it needs to be very strong. The keys used to encrypt a transmission are created on the fly, and they're symmetric, so they can be much smaller (symmetric key encryption is much faster than asymmetric key encryption, but since the same key is used for decryption as encryption, you can't use this for authentication).

The -des3 argument to genrsa is used to wrap encryption around the RSA key, requiring a passphase in order to access the RSA key. It does not generate a "3DES certificate". Certificates are signed by asymmetric keys, so they nearly always signed by RSA keys (some times DSA). A certificate is just an encoded set of information with a signature.

You are confusing the term "certificate" with the term "key"; they are not the same thing.
 
Old 09-18-2008, 08:21 AM   #5
richinsc
Member
 
Registered: Mar 2007
Location: Utah
Distribution: Gentoo Linux (3.0.6-gentoo)
Posts: 222

Original Poster
Rep: Reputation: 31
Ok, thank you for clearing that up. So right now I am trying to figure out why my encryption level is set to 3DES 168-bit encryption when I connect. Is it because I signed AES 256 level cert with my OWN CA which was 3DES although at what level I don't know? Does the CA Determine what the level the encryption will be.

Basically I have to meet IRS Fed Requirements which states the level must be more then 256. However since this is a private server and not a public server, it doesn't require that i have cert signed by a real CA such as Verisign or other CA.

This is what I am getting when I connect to vsftpd server.

Code:
220 (vsFTPd 2.0.5)
AUTH TLS
234 Proceed with negotiation.
TLSv1, cipher TLSv1/SSLv3 (DES-CBC3-SHA) - 168 bit
USER testuser
331 Please specify the password.
PASS **********
SYST
215 UNIX Type: L8
Keep alive off...
PWD
257 "/"
PBSZ 0
200 PBSZ set to 0.
PROT P
200 PROT now Private.
PASV
227 Entering Passive Mode (XXX.XXX.XXX.XXX)
LIST
Connect socket #612 to XXX.XXX.XXX.XXX, port 6001...
TLSv1, cipher TLSv1/SSLv3 (DES-CBC3-SHA) - 168 bit
150 Here comes the directory listing.
226 Directory send OK.
Transferred 81 bytes in 0.008 seconds
Sensitive Information remove of course.Just need to get an AES 256-bit cert. I created one but signed with 3DES.
 
Old 09-18-2008, 09:23 AM   #6
chort
Senior Member
 
Registered: Jul 2003
Location: Silicon Valley, USA
Distribution: OpenBSD 4.6, OS X 10.6.2, CentOS 4 & 5
Posts: 3,660

Rep: Reputation: 69
They key type in the certificate has nothing to do with what encryption ciphers are supported.

There should be a cipher configuration parameter in your vsftpd configuration file.
 
Old 09-18-2008, 09:39 AM   #7
chort
Senior Member
 
Registered: Jul 2003
Location: Silicon Valley, USA
Distribution: OpenBSD 4.6, OS X 10.6.2, CentOS 4 & 5
Posts: 3,660

Rep: Reputation: 69
In fact, there is a ssl_ciphers option for vsftpd.conf (as described by the man page), which accepts ciphers in the format used by OpenSSL, so read the manpage for ciphers for details.

Code:
ssl_ciphers=ADH-AES256-SHA:DHE-RSA-AES256-SHA:DHE-DSS-AES256-SHA:AES256-SHA
 
Old 09-18-2008, 10:23 AM   #8
richinsc
Member
 
Registered: Mar 2007
Location: Utah
Distribution: Gentoo Linux (3.0.6-gentoo)
Posts: 222

Original Poster
Rep: Reputation: 31
Thanks for that Chort. Specifying the chiphers to use really helped. Now it explicitly uses 256-bit. Now if I can just wrap my head around how this all works. If I have a 1024 bit cert but the connection is only 256-bits. I'll get it figure out when I can.
 
Old 09-18-2008, 10:24 AM   #9
Matir
Moderator
 
Registered: Nov 2004
Location: San Jose, CA
Distribution: Ubuntu
Posts: 8,507

Rep: Reputation: 118Reputation: 118
And might I just say EWWW to anything that falls back to 3DES? Specifically: http://en.wikipedia.org/wiki/Data_En..._cryptanalysis
 
Old 09-18-2008, 10:27 AM   #10
richinsc
Member
 
Registered: Mar 2007
Location: Utah
Distribution: Gentoo Linux (3.0.6-gentoo)
Posts: 222

Original Poster
Rep: Reputation: 31
If I had my way I would want the connection to be encrypted to 2048 or even 4096 but then again I am just paranoid that way.
 
Old 09-18-2008, 10:34 AM   #11
Matir
Moderator
 
Registered: Nov 2004
Location: San Jose, CA
Distribution: Ubuntu
Posts: 8,507

Rep: Reputation: 118Reputation: 118
richinsc:

The security of a given key length is highly dependent upon the cipher in use. Symmetric-key cryptosystems (AES, DES, etc.) need a significantly shorter key length to withstand an attack than a public-key (or asymmetric, as in RSA, DSA, and ElGamal) cipher. Specifically, a 1024 bit RSA key is about equivalent to an 80-bit AES key. See http://en.wikipedia.org/wiki/Key_size for details on why this is the case.
 
Old 09-18-2008, 10:48 AM   #12
chort
Senior Member
 
Registered: Jul 2003
Location: Silicon Valley, USA
Distribution: OpenBSD 4.6, OS X 10.6.2, CentOS 4 & 5
Posts: 3,660

Rep: Reputation: 69
Quote:
Originally Posted by Matir View Post
And might I just say EWWW to anything that falls back to 3DES? Specifically: http://en.wikipedia.org/wiki/Data_En..._cryptanalysis
3DES is the "minimum to implement" level for many standardized protocols, so it's a violation of various protocols to not support it. Remember, most of the Internet standards were created before AES existed, and even though they've been updated since then, there's still a significant amount of software out there written to the original standard (particularly on mainframes).
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Automating openssl certificate generation megaspaz Linux - Security 4 08-20-2012 02:42 PM
AES for openssh and openssl powah Linux - Software 1 04-21-2008 08:59 AM
Can I retrieve certificate expiry date from an openssl certificate (command line) davee Linux - Security 1 07-21-2006 10:28 AM
certificate generation and FreeRADIUS setup ahuebel Linux - Wireless Networking 1 12-19-2003 05:01 PM
Certificate with OpenSSL gr33ndata Linux - Security 3 10-03-2003 07:39 AM


All times are GMT -5. The time now is 05:53 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration