LinuxQuestions.org
Download your favorite Linux distribution at LQ ISO.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Software
User Name
Password
Linux - Software This forum is for Software issues.
Having a problem installing a new program? Want to know which application is best for the job? Post your question in this forum.

Notices


Reply
  Search this Thread
Old 11-26-2008, 11:44 AM   #1
kaplan71
Member
 
Registered: Nov 2003
Posts: 810

Rep: Reputation: 39
OpenSSL Encryption with AES


Hi there --

I am running a script that encrypts a newly created tar file with des3 encrytion. The user is prompted for a password that is to be associated with the file.

I wanted to explore the possibility of using aes as a possible replacement for des3 encryption. If I were to go down that route, will I still be able to associate a password with the encrypted tar file? Also, will there a be a speed degradation involved with aes encryption? Thanks.
 
Old 11-26-2008, 12:26 PM   #2
Berhanie
Senior Member
 
Registered: Dec 2003
Location: phnom penh
Distribution: Fedora
Posts: 1,625

Rep: Reputation: 165Reputation: 165
Yes, both aes and des3 are symmetric algorithms and therefore require a key (which is derived from the passphrase). Not sure about the speed difference, but there are various versions of aes, differing in the length of key (e.g. aes128, aes256).
 
Old 11-26-2008, 12:39 PM   #3
kaplan71
Member
 
Registered: Nov 2003
Posts: 810

Original Poster
Rep: Reputation: 39
Hi there --

Thanks for your reply. Based on your answer, the command in question:

Code:
$cmd= "(cd $source; tar -cvf - . |openssl des3 -salt -k $password > $destination/archive.tar.des3)";
Could be changed to one of the following:

Code:
$cmd= "(cd $source; tar -cvf - . |openssl aes128 -salt -k $password > $destination/archive.tar.aes128)";
Code:
$cmd= "(cd $source; tar -cvf - . |openssl aes256 -salt -k $password > $destination/archive.tar.aes256)";
The speed issue would probably be dependent on the CPU. That being the case, it would probably take, in theory, twice as long to encrypt the file using aes256 as opposed to aes128 encryption. Correct?

One other question: Is des3 truly 168-bit encryption due to its triple layer of 56-bit, or is it three separate 56-bit instances of DES? Thanks.
 
Old 11-26-2008, 01:46 PM   #4
Berhanie
Senior Member
 
Registered: Dec 2003
Location: phnom penh
Distribution: Fedora
Posts: 1,625

Rep: Reputation: 165Reputation: 165
Quote:
in theory, twice as long to encrypt the file using aes256 as opposed to aes128 encryption. Correct?
I would think not. Here's what Wikipedia says:
Quote:
AES has 10 rounds for 128-bit keys, 12 rounds for 192-bit keys, and 14 rounds for 256-bit keys.
des3 is 3 separate instances of des placed back-to-back in some fashion, from what I understand. See Wikipedia again about the placement possibilities.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Openssl Certificate Generation Question AES richinsc Linux - Security 11 09-18-2008 11:48 AM
AES for openssh and openssl powah Linux - Software 1 04-21-2008 09:59 AM
Encryption with openssl and gpg szim90 Linux - Security 1 10-22-2007 04:13 PM
winzip strong (AES) encryption for linux 0ptix Linux - Software 2 10-03-2006 06:19 PM
Need help with loop-aes encryption. yanik Linux - Software 0 04-20-2006 08:59 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Software

All times are GMT -5. The time now is 05:50 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration