Openssl Certificate Generation Question AES
 

I have seen that openssl can generate RSA, DSA, EC keys but what about AES? I have a mainframe that can't use RSA because I don't understand RSA. Mainframe is AS/400. Currently trying to utilize vsftpd with ssl. While I have gotten this to work with RSA cert. I need to know if it's possible to generate and AES cert.

All the documents that I have found for openssl thus far to do not mention utilizing AES. Currently also looking to see if modules can be installed to allow RSA on mainframe.

Also from what reading i have done if I understand this correctly AES would require keys to be manually exchanged while RSA does exchange at the connection point. Thus RSA will be simpler to maintain when having multiple connections top server.

Any help with this would be much appreciated, and if I have misunderstood something please speak up and let me know.

This is the command structure i used to gen cert.

OpenSSL is based on public-key cryptography: e.g., a pair of private/public key. AES is a symmetric crypto system: e.g., one key being used at both ends. In this way, they're very different. I believe many implementations using OpenSSL use RSA or DSA to actually exchange an AES or Blowfish or similar key which actually encrypts the channel. I hope this helped clear things up a bit -- I'm not sure I totally understood the question.

Yes, you cleared things up quite a bit... If RSA is only the "transfer medium" as I would call it, then I just need to create and AES cert. Which I think I am on the right track to doing. I am following the following instructions. http://www.tc.umn.edu/~brams006/selfsign.html The only thing I did was change des3 to aes256. We'll see what happens.

RSA is not a transfer mechanism. It's used to authenticate the identity of each side of a transmission so that trust can be established when you exchange information securely. The authentication key never changes (well, rarely), so it needs to be very strong. The keys used to encrypt a transmission are created on the fly, and they're symmetric, so they can be much smaller (symmetric key encryption is much faster than asymmetric key encryption, but since the same key is used for decryption as encryption, you can't use this for authentication).

The -des3 argument to genrsa is used to wrap encryption around the RSA key, requiring a passphase in order to access the RSA key. It does not generate a "3DES certificate". Certificates are signed by asymmetric keys, so they nearly always signed by RSA keys (some times DSA). A certificate is just an encoded set of information with a signature.

You are confusing the term "certificate" with the term "key"; they are not the same thing.

Ok, thank you for clearing that up. So right now I am trying to figure out why my encryption level is set to 3DES 168-bit encryption when I connect. Is it because I signed AES 256 level cert with my OWN CA which was 3DES although at what level I don't know? Does the CA Determine what the level the encryption will be.

Basically I have to meet IRS Fed Requirements which states the level must be more then 256. However since this is a private server and not a public server, it doesn't require that i have cert signed by a real CA such as Verisign or other CA.

This is what I am getting when I connect to vsftpd server.

Sensitive Information remove of course.Just need to get an AES 256-bit cert. I created one but signed with 3DES.

They key type in the certificate has nothing to do with what encryption ciphers are supported.

There should be a cipher configuration parameter in your vsftpd configuration file.

In fact, there is a ssl_ciphers option for vsftpd.conf (as described by the man page), which accepts ciphers in the format used by OpenSSL, so read the manpage for ciphers for details.

Thanks for that Chort. Specifying the chiphers to use really helped. Now it explicitly uses 256-bit. Now if I can just wrap my head around how this all works. If I have a 1024 bit cert but the connection is only 256-bits. I'll get it figure out when I can.

And might I just say EWWW to anything that falls back to 3DES? Specifically: http://en.wikipedia.org/wiki/Data_En..._cryptanalysis

If I had my way I would want the connection to be encrypted to 2048 or even 4096 but then again I am just paranoid that way.

richinsc:

The security of a given key length is highly dependent upon the cipher in use. Symmetric-key cryptosystems (AES, DES, etc.) need a significantly shorter key length to withstand an attack than a public-key (or asymmetric, as in RSA, DSA, and ElGamal) cipher. Specifically, a 1024 bit RSA key is about equivalent to an 80-bit AES key. See http://en.wikipedia.org/wiki/Key_size for details on why this is the case.

3DES is the "minimum to implement" level for many standardized protocols, so it's a violation of various protocols to not support it. Remember, most of the Internet standards were created before AES existed, and even though they've been updated since then, there's still a significant amount of software out there written to the original standard (particularly on mainframes).