RSA Encryption in Perl | 2
RSA Encryption in Perl
RSA on the Command Line
Perl, dc, and Unix
Adam Back has a nice set of information on using RSA in Perl. In fact, there are several different versions of RSA programs written in Perl that are all available at http://www.cypherspace.org/~adam/rsa/. I like the version below the best:
!/usr/bin/perl -sp0777i<X+d*lMLa^*lN%0]dsXx++lMlN/dsM0<j]dsj $/=unpack('H*',$_);$_=`echo 16dio\U$k"SK$/SM$n\EsN0p[lN*1 lK[d2%Sa2/d0$^Ixp"|dc`;s/\W//g;$_=pack('H*',/((..)*)$/)
The version above requires the dc command, which is typically already installed on most *nix systems. Of course, the code by itself is useless. Now we must pass it something to encrypt along with the public key pair. For testing purposes, save the code above into a file called rsa. Then make the file executable, chmod 700. Then try the following: echo "Mother of Perl" | rsa -k=10001 -n=1967cb529 > msg.rsa
The -k and -n flags contain the public key pair for the example, which creates the msg.rsa file. The message is now encrypted. To unencrypt it, type: rsa -d -k=ac363601 -n=1967cb529 < msg.rsa.
Ok, well, that's nice and all, but that's just a simple example.
Create Key Files
Before you can do anything really interesting, you need to create both a public and private key. I used a program that's available at http://www.cypherspace.org/~adam/rsa/rsa-keygen.html. You will need the GNU gmp library installed to compile rsakg.c. To compile the program, I did the following command cc -o rsakg rsakg.c -L./ -lgmp which compiled the binary for me.
Once the program is compiled, you can create the key files by executing the program and passing the size of the key such as 32, 56, 128, 512, 1024, etc. For me, I created 2048 bit private/public key pairs: rsakg 2048 which took about 2.5 minutes to generate on my laptop and made the processor heat up a bit.
When you run the command, it creates 2 files in the current directory: pubkey.rsa, the public keypair file, and seckey.rsa, the secret keypair file. pubkey.rsa will contain two lines that begin with e= and n= respectively. The seckey.rsa file will contain two lines that begin with d= and n= respectively. The e= value in the pubkey.rsa will be the value for the -k switch in the rsa command, and the n= value will replace the -n switch when encrypting a file or message.
I created a smaller 32 bit set of keys for the examples below. My seckey.rsa file contained the following:
e = 3353bc7 n = 6537b15
while the seckey.rsa file contained:
d = 1c07e37 n = 6537b15
Encrypting and Decrypting a File
Given the 32 bits keypairs above, let's encrypt a file:
./rsa -k=3353bc7 -n=6537b15 < /etc/passwd > passwd.rsa
And then decrypt it back:
./rsa -d -k=1c07e37 -n=6537b15 < passwd.rsa > passwd
For the examples above, it took about 15 seconds to encrypt and the same to decrypt the 32 bit message, while it took 15 minutes to encrypt the same file with a 2048 bit key.