AltME groups: search

AES 256 is more than sufficient for most purposes. I am researching 
what Rebol can do so I am aware of the parameters I am working within. 
I am writing code that will be used to encrypt communication between 
clients who want a secure communication facility.


I am looking at the Rebol RSA algorithms now. Thanks for your input.

Thanks BrianH. I am aware of the need to "keep your untrustworthy 
data that you can't safely DO separate from that code."


I am creating a small Rebol server capable of communicating with 
clients, using RSA key exchange and the blowfish algorithm, both 
of which work to reasonably high encryption levels in Rebol, 4096 
for RSA and 512 for Blowfish (yes I know the effective upper limit 
for Blowfish is 448 bits, but that is good enough for my purposes).


I want to save the RSA key as a block so it can be loaded back into 
the program and used again, hence my question. It will be encrypted, 
wherever it gets saved, so there will be no chance of it being messed 
with.


Actually, I am writing a much simpler version of Rebol Services, 
since I could not get that to work and my ability to code in Rebol 
was not sufficiently developed yet to see how to get it working.


I am in a steep learning curve right now with Rebol and the time 
I am investing is starting to pay off. Thanks for the information 
about keeping code and data separate. It's always good to be reminded 
of 'obvious' truths.

So I have a question about RSA encryption. When I run the following 
code:

  rsa-key: rsa-make-key
  rsa-generate-key rsa-key 1024 3

  crypt-key: copy/part checksum/secure mold now/precise 16
  print crypt-key

  crypt-key: rsa-encrypt rsa-key crypt-key
  print crypt-key

  crypt-key: rsa-encrypt/private/decrypt rsa-key crypt-key
  print crypt-key


it runs perfectly, encrypts the crypt-key and then decrypts it sucessfully.


As you probably know, the purpose of the RSA algorithm is to allow 
someone else to encrypt data that only you can decrypt using your 
private key. I tried this with a different public key using the following 
code:

  rsa-key1: rsa-make-key
  rsa-generate-key rsa-key1 1024 3

  rsa-key2: rsa-make-key
  rsa-key2/n: rsa-key1/n

  crypt-key: copy/part checksum/secure mold now/precise 16
  print crypt-key

  crypt-key: rsa-encrypt rsa-key2 crypt-key
  print crypt-key

  crypt-key: rsa-encrypt/private/decrypt rsa-key2 crypt-key
  print crypt-key


So I put the public key from rsa-key1 into another object, rsa-key2 
and tried using it to encrypt the data and get the following error.

	#{DD44AC1810E9A7020FAD72A7CFA54100}
	Segmentation fault


How do I get the public key from the first object into the second 
object so that it can be used to encrypt data?

;key1 - contains public and private keys
rsa-key1: rsa-make-key
rsa-generate-key rsa-key1 1024 3

;key2 - contains only public key
rsa-key2: rsa-make-key
rsa-key2/e: 3
rsa-key2/n: rsa-key1/n

;data to ecrypt encrypt 
data: copy/part checksum/secure mold now/precise 16

;encrypt data using the key2 (with pub key only)
crypt-key: rsa-encrypt rsa-key2 data


;decrypt data(that have been encrypted using key2) using the key1(needs 
to contain private key)
data2: rsa-encrypt/private/decrypt rsa-key1 crypt-key

either equal? data data2 [
	print "decrypted data match the original - decription passed"
][

 print "decrypted data differs from the original - decryption failed"
]

the problem was you forgot to set the generator value (key/e) when 
makeing rsa-key2

and also you tried to decrypt the data using rsa-key2 which doesn't 
contain the private key

When R3 was open sourced, I presume the SDK was not also open sourced? 
I am looking for the 'C' source code for the RSA, AES and Blowfish 
encryption functions.

I simply wrote the TLS scheme :-) I've also added the neccessary 
crypto algorithms at the native level (only RSA with ARC4 cipher 
suite is supported at the moment).

IMO this solution gives us much better flexibility: the encryption 
code is native(fast) and the TLS protocol logic is in REBOL so it 
is possibel to enhance it much more easily.

the URL is just an example. you just need a way to generate a key 
from who you are (could even be your public RSA key)

i know it's you by your authorization. this could be your RSA signature.

hmm, knowing Maarten, I guess he's actually using AES, which is 128 
bit; the RSA key is probably 1024.

You may need to tweak Search (and these options are buried deep enough 
that I can't remember) to include non-indexed data.

And I like this one; from wikipedia User_Access_Control
---

However, David Cross, a product unit manager at Microsoft, stated 
during the RSA Conference 2008 that UAC was in fact designed to "annoy 
users", and force independent software vendors to make their programs 
more secure so that UAC prompts would not be triggered.
---

Smart company;  annoy a billion people to get 1000 to play nice with 
Microsoft.  I say we get out the torches and chase down Dr. Frankenstein. 
 :)

Encloak  -- http://www.rebol.net/cookbook/recipes/0023.html-- Carl 
says


Newer versions of REBOL include "cloaking" functions for encrypting 
and decrypting strings. These functions do not provide full strength 
encryption such as Blowfish, AES, or RSA as found in REBOL/Command, 
nevertheless they can be useful for hiding passwords and other values. 
(That's why we call it cloaking rather than encrypting.)

I have a 24 bit math implementation to do RSA  but never converted 
to or from other bases. It is from before Holgar did  encryption 
with thebignum library  nativly in  core/view which renders mine 
moot

; I did a dif between the functions in VIEW and those in CORE for 
a default install.  What I get is this ( I hope it is useful to have 
al 106  in one place )

 alert  brightness?  caret-to-offset  center-face  choose  clear-face 
  clear-fields  confine  crypt-strength?

 dbug  deflag-face  desktop  dh-compute-key  dh-generate-key  dh-make-key 
  do-events  do-face  do-face-alt  do-thru  

 draw  dsa-generate-key  dsa-make-key  dsa-make-signature  dsa-verify-signature 
  dump-face  dump-pane  edge-size?  

 editor  emailer  exists-thru?  find-key-face  find-window  flag-face 
  flag-face?  flash  focus  get-face  

 get-net-info  get-style  hide  hide-popup  hilight-all  hilight-text 
  hsv-to-rgb  in-window?  inform  

 insert-event-func  inside?  install  launch-thru  layout  link-relative-path 
  load-image  load-stock  

 load-stock-block  load-thru  local-request-file  make-face  notify 
  offset-to-caret  open-events  outside?  

 overlap?  path-thru  read-net  read-thru  remove-event-func  request 
  request-color  request-date  request-dir  

 request-download  request-file  request-list  request-pass  request-text 
  reset-face  resize-face  rgb-to-hsv  

 rsa-encrypt  rsa-generate-key  rsa-make-key  screen-offset?  scroll-drag 
  scroll-face  scroll-para  set-face  

 set-font  set-para  set-style  set-user  show  show-popup  size-text 
  span?  stylize  textinfo  unfocus  

 uninstall  unlight-text  unview  vbug  view  viewed?  win-offset? 
  within?

it may just use normal means of tcp communication with encrypted 
content, using RSA for e.g.

hmm, doesn't /pro have RSA too?

gab, right. e.g md5 for simple password security and rsa for dataflow. 
the javascript link above containing RSA functions too just to step 
in.

Graham: I was able to implement TLS1.0 protocol configured to use 
the TLS_RSA_WITH_RC4_128_SHA cipher-suite. All the mentioned algorithms 
were calculated using the  build-in Rebol2 encryption functionality. 
I had no problems regarding the compatibility. I haven't tried the 
cipher-suite with the AES enctryption though but my guess it will 
work as well.

Q about encryiption within rebservices: my *guess* is if you are 
using core or view, then rebservices can' t use rsa encryption method 
but must use encloack/decloack method. And there is no plans to upgrade 
for rsa support in the next releases of  core and view . I'm rigth?

For the security minded, there is a new startup at www.Yubico.com 
with a cool new usb wafer that generates OTP (one time passwords).

It is small, light, and cheap (currently $35.00).  But the really 
neat thing about it is it can be combined with a service like www.MashedLife.com 
which can manage all of your website accounts with a secure login. 
 With OTP, keyloggers are not effective anymore.  It seems like a 
neat idea.  You can listen to Steve Gibson review at www.twit.tv/sn141. 
 If you want just the Yubico stuff, advance the audio stream to about 
3/4 the way through at about 1:15 to skip the RSA stuff before.

R2 has RSA, DES, etc.

signatures - rebol has that built in. is called rsa encryption

[giesse-:-batou]:/etc/ssl/certs$ openssl x509 -text -in Visa_eCommerce_Root.pem
Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            13:86:35:4d:1d:3f:06:f2:c1:f9:65:05:d5:90:1c:62
        Signature Algorithm: sha1WithRSAEncryption

        Issuer: C=US, O=VISA, OU=Visa International Service Association, 
        CN=Visa eCommerce Root
        Validity
            Not Before: Jun 26 02:18:36 2002 GMT
            Not After : Jun 24 00:16:12 2022 GMT

        Subject: C=US, O=VISA, OU=Visa International Service Association, 
        CN=Visa eCommerce Root
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
            RSA Public Key: (2048 bit)
                Modulus (2048 bit):
                    00:af:57:de:56:1e:6e:a1:da:60:b1:94:27:cb:17:
                    db:07:3f:80:85:4f:c8:9c:b6:d0:f4:6f:4f:cf:99:
                    d8:e1:db:c2:48:5c:3a:ac:39:33:c7:1f:6a:8b:26:
                    3d:2b:35:f5:48:b1:91:c1:02:4e:04:96:91:7b:b0:
                    33:f0:b1:14:4e:11:6f:b5:40:af:1b:45:a5:4a:ef:
                    7e:b6:ac:f2:a0:1f:58:3f:12:46:60:3c:8d:a1:e0:
                    7d:cf:57:3e:33:1e:fb:47:f1:aa:15:97:07:55:66:
                    a5:b5:2d:2e:d8:80:59:b2:a7:0d:b7:46:ec:21:63:
                    ff:35:ab:a5:02:cf:2a:f4:4c:fe:7b:f5:94:5d:84:
                    4d:a8:f2:60:8f:db:0e:25:3c:9f:73:71:cf:94:df:
                    4a:ea:db:df:72:38:8c:f3:96:bd:f1:17:bc:d2:ba:
                    3b:45:5a:c6:a7:f6:c6:17:8b:01:9d:fc:19:a8:2a:
                    83:16:b8:3a:48:fe:4e:3e:a0:ab:06:19:e9:53:f3:
                    80:13:07:ed:2d:bf:3f:0a:3c:55:20:39:2c:2c:00:
                    69:74:95:4a:bc:20:b2:a9:79:e5:18:89:91:a8:dc:
                    1c:4d:ef:bb:7e:37:0b:5d:fe:39:a5:88:52:8c:00:
                    6c:ec:18:7c:41:bd:f6:8b:75:77:ba:60:9d:84:e7:
                    fe:2d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Subject Key Identifier:

                15:38:83:0F:3F:2C:3F:70:33:1E:CD:46:FE:07:8C:20:E0:D7:C3:B7
    Signature Algorithm: sha1WithRSAEncryption
        5f:f1:41:7d:7c:5c:08:b9:2b:e0:d5:92:47:fa:67:5c:a5:13:
        c3:03:21:9b:2b:4c:89:46:cf:59:4d:c9:fe:a5:40:b6:63:cd:
        dd:71:28:95:67:11:cc:24:ac:d3:44:6c:71:ae:01:20:6b:03:
        a2:8f:18:b7:29:3a:7d:e5:16:60:53:78:3c:c0:af:15:83:f7:
        8f:52:33:24:bd:64:93:97:ee:8b:f7:db:18:a8:6d:71:b3:f7:
        2c:17:d0:74:25:69:f7:fe:6b:3c:94:be:4d:4b:41:8c:4e:e2:
        73:d0:e3:90:22:73:43:cd:f3:ef:ea:73:ce:45:8a:b0:a6:49:
        ff:4c:7d:9d:71:88:c4:76:1d:90:5b:1d:ee:fd:cc:f7:ee:fd:
        60:a5:b1:7a:16:71:d1:16:d0:7c:12:3c:6c:69:97:db:ae:5f:
        39:9a:70:2f:05:3c:19:46:04:99:20:36:d0:60:6e:61:06:bb:
        16:42:8c:70:f7:30:fb:e0:db:66:a3:00:01:bd:e6:2c:da:91:
        5f:a0:46:8b:4d:6a:9c:3d:3d:dd:05:46:fe:76:bf:a0:0a:3c:
        e4:00:e6:27:b7:ff:84:2d:de:ba:22:27:96:10:71:eb:22:ed:
        df:df:33:9c:cf:e3:ad:ae:8e:d4:8e:e6:4f:51:af:16:92:e0:
        5c:f6:07:0f

rebol side - just use rsa signature as shown in rebol.com docs. ie 
just add signature to your rebol script

and if you don't even want to trust rebol's internal rsa code... 
you can call openssl for everything. that code is trusted by all

If you want to try this method for windows.. here's what you do.. 


1) download the windows binary from openssl.. ->   http://www.slproweb.com/products/Win32OpenSSL.html

2) Unzip.. and pull out the openssl.exe file from the bin folder.. 
. drop that file into your cheyenne www folder
3) Create a self-signed cert....
3a) run openssl.exe

3b) enter this line: req -x509 -nodes -days 365 -newkey rsa:1024 
-keyout localhost.pem -out localhost.pem
(localhost is the cert name)

3c) answer the questions... when asked 'who are you?' enter your 
domain,  or 'localhost' as I did 

This will generate the cert in your www folder (this is just a demo... 
the openssl server uses it's location as root www folder)

4) Start up the server... enter this line into openssl:  s_server 
-accept 443 -cert localhost.pem -WWW


Now open any file in your Cheyenne www folder using the https:// 
 protocol

I keep getting key values missmatch nomatter what I tried so far... 
I found out this.. the key/cert/CAfile in conf doesn't seem to matter 
as it checks /etc/stunnel/stunnel.pem anyway .. so I commented them 
out. 


If I delete the pem file I get appropriate erros , so it checks for 
this file.. 

If I remove RSA PRIV KEY from first line I get Error saying something 
about RSA KEY no start line

If I remove CA certificates below I det Error saying SSL CERT  no 
start line .. 
If I concat them all like this 


>> cat myserver.key AddTrustExternalCARoot.crt UTNAddTrustSGCCA.crt 
ComodoUTNSGCCA.crt ComodoHighAssuranceSecureServerCA.crt www_cebelca_biz.crt 
>> stunnel.pem 

(first the PRIV KEY ALL THE CERTS in same order as they are listed 
in email to me.. with cebelca.biz.crt as last I get the "key values 
missmatch" which I think means that the priv key and certs don't 
match

are there any docs about encription functions that are now enabled 
in view ... I could find some rsa-* and dsa-* functions by trying 
in console

GNU TLS supports

Certificate types:	X.509, OPENPGP
Protocols:	TLS1.2, TLS1.1, TLS1.0, SSL3.0

Ciphers:	AES-256-CBC, AES-128-CBC, 3DES-CBC, CAMELLIA-128, CAMELLIA-256, 
ARCFOUR, ARCFOUR-40
MACs:	SHA512, SHA384, SHA256, SHA1, RMD160, MD5

Key exchange algorithms:	RSA, RSA-EXPORT, DHE-DSS, DHE-RSA, DHE-PSK, 
PSK, SRP, SRP-RSA, SRP-DSS, ANON-DH
Compression methods:	DEFLATE, LZO, NULL

Extensions:	Max record size, Cert Type (OpenPGP), Server Name, SRP, 
TLS/IA, Opaque PRF Input

To clarify the SSL stuff:

Since the SSL is a layer on top of TCP the idea was that R3 will 
have all the neccesary encryption algorithms (RSA,DH, DSA, RC4, SH256 
etc.) probably in form of embedded extension as part of the host-kit. 
These algorithms needs to be fast so they will be in C (probably 
ported from the R2 codebase if possible). Then the SSL/TLS protocol 
itself won't be written in C as it was in R2 but just done in R3 
script. This way the protocol code will be:
-smaller in size than the C version

-easier to maintain because it is Rebol language, for example we 
can add 'server mode', certificate validation (simmilar to web browsers) 
etc.
-crossplatform as much as Rebol script can be


So far I did simple TLS implementation in R2 to prove that concept. 
The prototype is ~20KB of rebol script and uses only the build in 
encryption ports in R2. It covers most of the TLS functionality that 
is written natively in in form of 'tls scheme. So the next step is 
to get the encryption math to R3 (which can be useful not only for 
SSL so it is definitely worth doing that) and then try how the prototype 
will behave.

Is Rebol's RSA encryption still standard ?  Can I use that for encrypting 
sensitive health data ?

RSA is not really designed to encrypt large chunks of data. You'd 
be better of using AES (or  Rijndael as it used to be known as is 
still called in REBOL).


RSA is better used for exchanging passwords and "signing" documents.

RSA is significantly slower than symmetric key encryption algorithms, 
and a single encryption or decryption operation can only process 
an amount of data up to the size of the RSA key. For encrypting or 
decrypting large amounts of data RSA is usually used in combination 
with symmetric key algorithms or secure checksums as follows:

so I would use AES to encrypt the data,and then use RSA to encrypt 
the AES encryption key I guess

Yes you would use AES to encrypt the data and then RSA to encrypt 
and send somebody the encryption key.

I have successfully decrypted something in REBOL that was encrypted 
in JavaScript using RSA.