>
> What we are trying to do is to place an encrypted file on our ftp
> server for a specific user. The ftp server is behind a firewall, and
> the user can access and see only its account, and they are supposed to
> get the file and decrypt it. As far as we are concerned, we'd like to
> make sure that the file on our ftp server is as safe as possible. This
> can work if only that user has the private key to decrypt the file.
>
> I would like to hear any suggestions to make this file transfer as
> secure as possible.
The problem with PKI is not so much what is possible and what is not. It
is only a question of how cleverly you design the solution such that it
causes the least inconvenience to users at the same time ensuring the
best possible security.
Let me suggest a possible solution to you. It is not scalable and
elegant but at least it can give you what you want.
You have to generate a keypair for each user with the genrsa command.
Make sure the user's private keys are protected with a well chosen
passphrase or USB dongle or something. Anyway you can distribute the
private keys to the users in a secure out of band mechanism. I am
assuming they are colocated in which case you could do it physically.
Or else the remote users can generate their own keypairs and you could
obtain their public keys in which case you might have to go in for
certificates since you have to ensure that the public key really belongs
to the user...
Now, you have to store the files corresponding to each user encrypted
with the public key of that particular user. For instance,
File meant for A is encrypted with A's public key File meant for B is
encrypted with B's public key and so on.
Now, the user just goes ahead, downloads the file , decrypts it with his
private key and you are set.
Since a file encrypted with a public key can be decrypted only with the
corresponding private key this guarantees good security as long as the
user's private keys are not compromised.
Of course, you could go for some creative combos like having two private
keys for one public key with simple X-ORing and so on ...
Remember what I told you is just a conceptual overview of how things
could be. SMIME might be suited for this.
----------------
Thank you again Girish. This is what I do and it works well except for 2
things:
1. why is the public cert (.cert) file needed for decryption, shouldn't
be enough to have the private key (.key) for that?
2. how to put a 'well chosen password' on the private key? With the
-passout and what arguments?
Here is what I did, and it worked:
Create private and public keys:
openssl genrsa -out test.key 1024
openssl req -new -key test.key -out test.csr
openssl x509 -req -days 30 -in test.csr -signkey test.key -out test.cert
Encrypt:
openssl smime -encrypt -des3 -binary test.cert <File >File.enc
Decrypt:
openssl smime -decrypt -in File.enc -inkey test.key -recip test.cert
>File.out
My final question: is des3 a high enough level of encryption (168 bits)?
Should we go higher, and if yes, what is recommended?
Thank you.
Ion Buicliu
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager [EMAIL PROTECTED]
