Tutorials for OpenSSL libcrypto

i find all the openssl documentation a bit overwhelming, i've found a great introductory tutorial for using EVP functions and blowfish symmtetrical encryption algorithm, i'll prolly use that if i can't figure out how to use RSA

but my real wish would be to find some nice introduction to RSA encryption, simply because i only need to encrypt small ammounts of data, binary structs, to be stored in dbm files

and i read that rsa is great for small ammounts but for larger ammounts like whole files blowfish was faster, i also like the fact that i only have to keep one key for blowfish but i'd still like to give RSA a shot

tldr: howtos or tutorials on using RSA encryption with openssl crypto libs

http://www.google.com/search?q=tutorial+RSA+openssl

>>2
almost exact same links i get when searching for "openssl crypto tutorial RSA" so you get a C for effort

most tutorials involving openssl are about generating keys on the command line, not with libcrypto and c code


#!/bin/perl -sp0777i<X+d*lMLa^*lN%0]dsXx++lMlN/dsM0<j]dsj $/=unpack('H*',$_);$_=`echo 16dio\U$k"SK$/SM$n\EsN0p[lN*1 lK[d2%Sa2/d0$^Ixp"|dc`;s/\W//g;$_=pack('H*',/((..)*)$/)

http://en.wikipedia.org/wiki/Cryptography

http://sigpipe.macromates.com/2004/09/05/using-openssl-for-license-keys/
this was great though, shows how to decrypt and use a rsa key, at least that will show which manuals to read more in

Unless you have a compelling reason for using an asymmetric cipher like RSA (that is, a real need for a public/private key setup, not "wanting to encrypt only small amounts of data"), use a symmetric cipher.
RSA isn't faster than symmetric ciphers like Blowfish for small amounts of data (in fact, it's quite a bit slower, but you barely notice that since it's so little data), it's just that its slowness because much more apparent with large datasets.

If you're going to keep both keys on the same machine, why the fuck would you use RSA?

Take >>5's advice.

>>7
s/because/becomes/, clearly.

If you do have a good reason to be using asymmetric encryption, why not just use GnuPG instead? It's much more straightforward, in that it takes care of all the bits that require you to understand what the fuck you're doing by itself.

>>6
Ugh. Capitalists and their closed source crap. die

>>1
tldr: howtos or tutorials on using RSA encryption with openssl crypto libs
Thanks, nice tutorial/howto, I really enjoyed it. +1, Digg.

>>9
well to be honest i don't know enough about cryptology or math to understand why i would need asymmetric encryption more, blowfish seems enough for my needs, the only thing that made me want to find information about rsa in libcrypto was a tutorial that said blowfish was better for whole files and much data while rsa was better for short pieces of encrypted data

but i plan on having a lot of short pieces of encrypted data in my dbm files and the program will be encrypting and decrypting a lot so if blowfish is faster like >>7 said then i guess i'll just run with it

>>12
Blowfish is faster, stronger, harder, but it is symmetric -- meaning you cannot use for communication (without handing over the key in some secure way).

>>12
That tutorial was full of shit.

Asymmetric encryption is slower (and its slowness increases exponentially with the size of the plaintext) and easier to attack (since it's "just" a factoring problem; hence the much larger keysizes) than symmetric encryption. The only circumstances under which you should be using it is if you cannot communicate cipher keys without being sure there aren't any eavesdroppers, since the key used for encryption doesn't need to be kept secret.

Do not design a cryptosystem if you don't understand the science involved; cryptography doesn't lend itself to a script kiddy approach. Even if you do understand what you're doing, always ask at least one other knowledgeable person for his opinion, as per Schneier's law.

It sounds a lot like you shouldn't even be bothering trying to use crypto libraries, since you'll almost certainly be using them in a way that renders them worthless, so you're just expending a lot of effort for no gain. This isn't an offhand flame, it's just a statement of fact.
Cryptography isn't an incredibly complex field, but it requires a fair bit of dedication to first get into, and you haven't made that effort at this point.

If you still want to use encryption, do tell us what kind of program you're writing and how you're using cryptography, so we can at least help you avoid common pitfalls.

heh ok...

so i guess libcrypto should only be used by people who understand cryptography, then what is the point of having a easy to use api for ssl?

i'm writing a very simple program to keep track of my economy, it will just store a structure converted to binary form using libtpl in a dbm, and for reasons i don't want to go into i wanted the information encrypted

i've written a notes program before that used gnupg to encrypt and decrypt the dbm but that left the file content unencrypted while the program was running, wheather in memory or on disk

so i figured i'd use openssl for the first time ever to learn a bit about libcrypto for future reference, so i decided i want to encrypt the binary data libtpl produces of my structure before i store it in the dbm

one thing i need to read up on is the cipher, because i want a password to be input when the program starts in order to decrypt the files data, i assume this password can generate or unlock the cipher in some way but i'll have to read more about that

so i guess libcrypto should only be used by people who understand cryptography, then what is the point of having a easy to use api for ssl?
So people who understand cryptography could have an easy to use API for SSL? There are more of us than you may think.

and for reasons i don't want to go into i wanted the information encrypted
I think you need to go into them. If the entire database is going to be unencrypted while the program is running, especially if it's also swapping to disk, you might as well not bother with crypto.
If you're sharing a computer and just want your little brother to not look at your stuff, I'd suggest just setting up proper access controls in the OS itself.

If you're primarily doing it to learn about libcrypto and openssl, I'd say you're putting the cart in front of the horse. First start with the basics of cryptography before even thinking about applying it.

one thing i need to read up on is the cipher, because i want a password to be input when the program starts in order to decrypt the files data, i assume this password can generate or unlock the cipher in some way but i'll have to read more about that
Dear god.

>>15
Put your data and program into an Excel sheet, and save with one of its strong encryption options.

>>17
why, i lold thank you sir.

>>17
ENTERPRISE SOLUTION

>>16
like i said this is for me to keep track of my finances, and sometimes i take jobs that are tax exempt if you get my meaning, so i felt like i wanted the data in the dbm encrypted

and no the whole file wont be decrypted at any point, just the binary data libtpl generates of my data structures, so when i fetch each piece of data from the dbm i'll decrypt it and reverse it through tpl so i get the structure back

on the soutside the dbm files will look pretty ordinary but with binary data in them and a key that will be just a unique number

>>17
i'm afraid i don't have windows or microsoft office but i will have os x soon, i sure would love a simple solution like that in os x, even if the encryption is a joke

<-- check em dubz