Re: Encryting both file contents and file name with GnuPG
Hi, Reference: From: Neil Phillips neil.phillip...@gmail.com Date: Sun, 2 Jan 2011 12:37:05 + (UTC) Message-id: loom.20110102t133232-...@post.gmane.org Neil Phillips wrote: Hi, I'm completely new to GnuPG. Can someone tell me how I can encrypt the name of the file that I want to encrypt please. Example: mySecrets.txt [a plain text file] I would like: szstt.asd [some 'apparently random name' file] [file contents encrypted] I see that secureZip can do this, I have used a trial version with success. However I would prefer to use GnuPG if possible. Neil I wouldnt have thought to look for that in GPG, try man gpg info gnupg Maybe you should look at using an encrypting file system. Some unixes have/ had eg CFS (maybe mount -r cfs ? guessing, try eg man mount apropos cfs More specifically: http://www.freebsd.org supports 2: man gbde gbde -- operation and management utility for Geom Based Disk Encryption man geli geli -- control utility for cryptographic GEOM class Doubtless Linux can offer crypting file systems too. Try apropos encrypt Cheers, Julian -- Julian Stacey, BSD Unix Linux C Sys Eng Consultants Munich http://berklix.com Mail plain text; Not quoted-printable, or HTML or base 64. Avoid top posting, it cripples itemised cumulative responses. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Encryting both file contents and file name with GnuPG
SecureZip will take a file and encrypt both the filename and the file. so far with GnuPG i can only see how to encrypt the file. i do not want to use a specific name as there are too many files to do that. i want something like; gpg -recipient Neil Phillips -output_encrypt mySecrets.txt -encrypt mySecrets.txt where i end up with my source file mySecrets.txt and a GnuPG encrypted file whose name is the result of encrypting mySecrets.txt sort of nesting i guess. so where it says -output_encrypt mySecrets.txt i want the result of: gpg -recipient Neil Phillips -encrypt [just the name: mySecrets.txt] i am using windows. the source file location is secure. i want to place a copy of the source file in an unsecure place. hence i want to rename the file as well as encrypt the file itself. so the question remains, can i encrypt the name of the file in GnuPG? Neil ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Encryting both file contents and file name with GnuPG
On Jan 2, 2011, at 7:37 AM, Neil Phillips wrote: Hi, I'm completely new to GnuPG. Can someone tell me how I can encrypt the name of the file that I want to encrypt please. Example: mySecrets.txt [a plain text file] I would like: szstt.asd [some 'apparently random name' file] [file contents encrypted] GPG can use whatever filename you like. For example: gpg --output szstt.asd --encrypt ... etc. Note that GPG does save the original (mySecrets.txt in your example) filename inside the encrypted bundle. It does not, however, use it when decrypting later. See the --use-embedded-filename option if you want to use that, but read the caveats in the man page about that option. David ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Encryting both file contents and file name with GnuPG
On Jan 2, 2011, at 10:06 AM, Neil Phillips wrote: SecureZip will take a file and encrypt both the filename and the file. so far with GnuPG i can only see how to encrypt the file. i do not want to use a specific name as there are too many files to do that. i want something like; gpg -recipient Neil Phillips -output_encrypt mySecrets.txt -encrypt mySecrets.txt where i end up with my source file mySecrets.txt and a GnuPG encrypted file whose name is the result of encrypting mySecrets.txt sort of nesting i guess. so where it says -output_encrypt mySecrets.txt i want the result of: gpg -recipient Neil Phillips -encrypt [just the name: mySecrets.txt] i am using windows. the source file location is secure. i want to place a copy of the source file in an unsecure place. hence i want to rename the file as well as encrypt the file itself. GPG does not do this. GPG gives you the necessary hooks to do it yourself (i.e. the --output) option, but does not do it for you. David ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Encryting both file contents and file name with GnuPG
On Sun, 2 Jan 2011, Neil Phillips wrote: i was hoping to do the following; locate a source file. place the name of the source file in a log. encrypt the source file name and contents add to the log the name of the encrypted file. that way i have a list which tells me what the real name of the file is. i can use the log to pick which file i want to decrypt. === just hash the file-name. SHA1 (secret-1.txt) = d422b71f32b06168db114638fa9778c42d7d0f3c SHA1 (secret-2.txt) = d0ab019ba1975dab7c100bc5b4efa020bcd86a5d SHA1 (secret-3.txt) = 753b2bd68f7ff5fc44f9142245039375a3a5b2f8 use the hash as the encrypted file name. feel free to add a dot-suffix. keep that reference in a db or text file and you can recover the original filename easily. if you're concerned that the name and/or format of the original file names are too predictable, concatenate the filename with a secret before hashing... SHA1 (secret-1.txt:secret) = df3d0b4eb1034f7392c60baec6137c62a2d4579a SHA1 (secret-2.txt:secret) = 39238faa73f2472e253d5f096b28c8b31c8e8a00 SHA1 (secret-3.txt:secret) = 9450a1f9cd93a47c8d3621cb7fc3ca0ec1df47b7 -- ...atom http://atom.smasher.org/ 762A 3B98 A3C3 96C9 C6B7 582A B88D 52E4 D9F5 7808 - Sometimes I think we're alone in the universe, and sometimes I think we're not. In either case the idea is quite staggering. -- Arthur C. Clarke ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Encryting both file contents and file name with GnuPG
Atom Smasher atom at smasher.org writes: just hash the file-name. SHA1 (secret-1.txt) = d422b71f32b06168db114638fa9778c42d7d0f3c SHA1 (secret-2.txt) = d0ab019ba1975dab7c100bc5b4efa020bcd86a5d SHA1 (secret-3.txt) = 753b2bd68f7ff5fc44f9142245039375a3a5b2f8 use the hash as the encrypted file name. feel free to add a dot-suffix. keep that reference in a db or text file and you can recover the original filename easily. if you're concerned that the name and/or format of the original file names are too predictable, concatenate the filename with a secret before hashing... SHA1 (secret-1.txt:secret) = df3d0b4eb1034f7392c60baec6137c62a2d4579a SHA1 (secret-2.txt:secret) = 39238faa73f2472e253d5f096b28c8b31c8e8a00 SHA1 (secret-3.txt:secret) = 9450a1f9cd93a47c8d3621cb7fc3ca0ec1df47b7 aha that sounds like a plan. gpg should be able to give a hash, something like; gpg -output sha1(a filename) -e filename i'll give it a tryout tomorrow. Neil ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Encryting both file contents and file name with GnuPG
Neil Phillips neil.phillips39 at gmail.com writes: gpg should be able to give a hash, something like; gpg -output sha1(a filename) -e filename or rather something like; type sha1(filename)| gpg -o 0 -e filename or echo sha1(filename)| gpg -o 0 -e filename ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Encryting both file contents and file name with GnuPG
On Sun, 2 Jan 2011, Neil Phillips wrote:
gpg should be able to give a hash, something like;
gpg -output sha1(a filename) -e filename
===
depending on your [*nix or cygwin] shell, it ~can~ do that...
gpg -o $(sha1 -qs filename) -e filename -r keyid
the exact command is system dependent; the example above would basically
work as-is on freebsd with zsh or bash. cygwin or linux would be
*slightly* more complicated. the idea is that shells like zsh and newer
versions of bash use '$(...)' as a form of command substitution. older
shells (bash bourne) use back-quotes but the concept is the same. all
shells have some form of variables...
gpg -o ${file_name_hashed} -e filename -r keyid
in any case, if you also want to populate a db of some sort, whether a
flat-file or DBMS, you'll probably need three lines in a script:
1) calculate the hash
2) encrypt the file -- gpg -o ${file_name_hashed} -e filename -r keyid
3) add an entry to a db
the first line creates a variable (eg, $file_name_hashed) and the next two
lines refer to it.
just make sure you're hashing the file-NAME, not it's contents. of course,
if you don't lose your db, then there's nothing wrong with hashing the
contents, or even a counter or random string. hashing the file-NAME is
just an idea that makes recovery of the db possible if you know the format
and range of the file-names (and any secret that may be used). the real
trick is to just do something secure and consistent... sha1 does the job.
--
...atom
http://atom.smasher.org/
762A 3B98 A3C3 96C9 C6B7 582A B88D 52E4 D9F5 7808
-
The livestock sector is a major player [in climate
change], responsible for 18% of greenhouse gas
emissions measured in CO2 equivalent. This is a higher
share than transport.
-- Livestock's long shadow, 2006
UN report sponsored by WTO, EU, AS-AID, FAO, et al
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Encryting both file contents and file name with GnuPG
On 2011-01-02 03:14:06 PM, Neil Phillips wrote: i was hoping to do the following; locate a source file. place the name of the source file in a log. encrypt the source file name and contents add to the log the name of the encrypted file. that way i have a list which tells me what the real name of the file is. i can use the log to pick which file i want to decrypt. How about just tar up the file, then encrypt that, outputting a randomly named file? The tarfile will preserve the original filename when it is extracted. Thanks, Ricky pgpCOW8KcEaSx.pgp Description: PGP signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
