Jump to content
Usr6

Talking safe using RSA, pycrypto and python

By Usr6, in Tutoriale in romana

Recommended Posts

Usr6 Newbie

Usr6

Posted
Posted

Criptografia asimetric? este un tip de criptografie care utilizeaza o pereche de chei: o cheie public? ?i o cheie privat?. Un utilizator care de?ine o astfel de pereche î?i public? cheia public? astfel încat oricine dore?te s? o poata folosi pentru a îi transmite un mesaj criptat. Numai de?in?torul cheii secrete (private) este cel care poate decripta mesajul astfel criptat.

Matematic, cele dou? chei sunt legate, îns? cheia privat? nu poate fi ob?inut? din cheia public?. In caz contrar, orcine ar putea decripta mesajele destinate unui alt utilizator, fiindc? oricine are acces la cheia public? a acestuia.

O analogie foarte potrivit? pentru proces este folosirea cutiei po?tale. Oricine poate pune în cutia po?tal? a cuiva un plic, dar la plic nu are acces decât posesorul cheii de la cutia po?tal?. [wikipedia: Criptografie asimetric? - Wikipedia ]

1.0 Generarea cheilor publice si private:

Pentru a putea comunica in secret Ion si Maria trebuie sa-si genereze cheile de criptare folosind scriptul de mai jos.

from Crypto.PublicKey import RSA
from Crypto import Random
print "Generating keys\nplease wait..."
# generare key pub/priv
random_generator = Random.new().read
key = RSA.generate(1024, random_generator)
public_key  = key.publickey().exportKey("PEM")
private_key = key.exportKey("PEM")
keyfile = open("key.txt", "a")
keyfile.write(public_key)
keyfile.write("\n")
keyfile.write(private_key)
keyfile.close()
print "done."
Dupa rularea scriptului, Ion va gasi in fisierul key.txt :

-----BEGIN PUBLIC KEY-----
MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCjH4ZhGcvrs1iDF8Mk4rin90vB
kQyklff9gVItswpNpMzw7OhpMqOXk0BgQS4ROh3uEgp/fpi4ZhHJfYY9RBMTPdNc
IXUVv6TzcqSsarhiRUwmkZiBqPYGiqXG0ODSk0ROVo+0DhA/Lf5KPGGo0MREjqLE
WWahtz7gDUXI9rRnXwIDAQAB
-----END PUBLIC KEY-----
-----BEGIN RSA PRIVATE KEY-----
MIICXAIBAAKBgQCjH4ZhGcvrs1iDF8Mk4rin90vBkQyklff9gVItswpNpMzw7Ohp
MqOXk0BgQS4ROh3uEgp/fpi4ZhHJfYY9RBMTPdNcIXUVv6TzcqSsarhiRUwmkZiB
qPYGiqXG0ODSk0ROVo+0DhA/Lf5KPGGo0MREjqLEWWahtz7gDUXI9rRnXwIDAQAB
AoGAHUGILl4cDrfpxgk6/KCVEbruoVbMd7BV++d3v65+yJIoF4XF4Sgt4v+L6jeG
dZyAxbQCof8okNntkr+qlc5hxSXu1GB6paeqOLdLFbedjZg/8LEcKGm/+pB0gnxy
hxklalWGUFBxj18yl7+zKZNf+7zts9edv7CIMYcltp+2WwECQQC251e+xARhijgA
tgtKUHkgaZQnhZBK+TBRIJOMs0a4quHCmewGicf9cVRUtG+o1ZyvM5B1De+NnS6I
wOslBq+fAkEA5FB1ezysbuCornDZyEz26cjlEVMSsTi5d0O1qbymTTyybVolcsWW
Z8j3EyEbkTm6c/D+XzyzxKm1BEvDyGwwQQJAMzki98gJug9tk7VoAA39fjhTR6Y+
POEAyReoevUST1F8HHXjBgm8Opxsk7RcuRnp4Z89S6r1deGZUK9Gq33t3QJAA83j
Zz5HkUFlDiMLPe8qXhLe3j8IHLPZQ0d5i259RuQwBOpvnU31h50toL/4eZ8AoFXv
px6X0DsTrRKmHHzRAQJBAJy+updgLPUB/0A0LXllj3j7+nDtaslFABgQemh2slhE
tlEreUPI4ofSbCZ6rduZaWnt3FMvGAFES3jXcEdcd/U=
-----END RSA PRIVATE KEY-----
iar Maria:

-----BEGIN PUBLIC KEY-----
MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQD8PJicyokgOT6MBYJVv+yLeMIy
JDQ2u3+2OynogXGJ/BTLfrYlOXDBlTVLKMjQ8kXr+6p1nH7gc+KVbzOr9kwqzxOl
ENYQrzgLahLh+Q/JXZ+9IYZ8kWm49T285nBsnyLnJYShznFDXwUO1G6OckJvuIBi
PZTMG8DWF+uKiJbpBQIDAQAB
-----END PUBLIC KEY-----
-----BEGIN RSA PRIVATE KEY-----
MIICXgIBAAKBgQD8PJicyokgOT6MBYJVv+yLeMIyJDQ2u3+2OynogXGJ/BTLfrYl
OXDBlTVLKMjQ8kXr+6p1nH7gc+KVbzOr9kwqzxOlENYQrzgLahLh+Q/JXZ+9IYZ8
kWm49T285nBsnyLnJYShznFDXwUO1G6OckJvuIBiPZTMG8DWF+uKiJbpBQIDAQAB
AoGBAMV688kd0QpHhy69SXO1VY9EtlXnfnGzjqOv4nnEjo4HrIg95oFyXVNSbG0x
uzfL1u6RFL4MDlHQqP9yFrR1mt8DZdDLpn8hXM97oRq/VNqJkc5Runq6g3R9fhAp
fGYt0aMI1foAGtN5cqv6O3TiNu/jt9e6k4lHD3myHxgUYxcpAkEA/UQNvrUdo2xp
//bABk/5UsoWvbL78Hx7kqJ2I0TjClRLQuJ5yV/CRw8BjInP3gLqxvIE2NdtGdZw
1F2iZcs2uwJBAP71ssEp6AAhe1qj45maUFrC2dTt356cW8j+akdA5KocuhFthnTd
MuFZBamldv6ZvCbVPswSR4jxFmAZWy5swz8CQCMJCQW6tFDpLHi2P7Yf1hO31RGE
8wk/jzCnvMQAQZAqPQcRoVtUHeIKl2JDpjfGG4hN7pG4q2UJny4hjdebFwUCQQC6
0yGsZ9/IEMDKN2O1D52oFDX40GHXYO3lB4CrO8MTYD98O8yV3+zDsi7zE/txLwfv
UL1WXmKq1za1Ln9hMnOTAkEA8MOb/ABJ0WiFahyHcbOId1XNULt/DX4FM6tkwBK7
ilAHA64wSPPw7krhvhDGicHuB2dYRuCwhMjLRdajdMZnig==
-----END RSA PRIVATE KEY-----
1.1 Key exchange:
Ion trebuie sa ii dea Mariei cheia lui publica si Maria trebuie sa-i dea lui Ion cheia ei publica
Ion: Marioooooooooooooooooooo, ia de aici cheia mea sa-mi poti scrie :
-----BEGIN PUBLIC KEY-----
MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCjH4ZhGcvrs1iDF8Mk4rin90vB
kQyklff9gVItswpNpMzw7OhpMqOXk0BgQS4ROh3uEgp/fpi4ZhHJfYY9RBMTPdNc
IXUVv6TzcqSsarhiRUwmkZiBqPYGiqXG0ODSk0ROVo+0DhA/Lf5KPGGo0MREjqLE
WWahtz7gDUXI9rRnXwIDAQAB
-----END PUBLIC KEY-----
Maria: Multumesc Ioane, iti dau si eu cheitza mea:

-----BEGIN PUBLIC KEY-----
MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQD8PJicyokgOT6MBYJVv+yLeMIy
JDQ2u3+2OynogXGJ/BTLfrYlOXDBlTVLKMjQ8kXr+6p1nH7gc+KVbzOr9kwqzxOl
ENYQrzgLahLh+Q/JXZ+9IYZ8kWm49T285nBsnyLnJYShznFDXwUO1G6OckJvuIBi
PZTMG8DWF+uKiJbpBQIDAQAB
-----END PUBLIC KEY-----
1.2 Encrypting message:

from Crypto.PublicKey import RSA
from Crypto.Cipher import PKCS1_OAEP

mesaj = "Draga Ion, cei de pe http://rstforums.com au cheia mai lunga o au de 4096."

pub_key ="""-----BEGIN PUBLIC KEY-----
MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCjH4ZhGcvrs1iDF8Mk4rin90vB
kQyklff9gVItswpNpMzw7OhpMqOXk0BgQS4ROh3uEgp/fpi4ZhHJfYY9RBMTPdNc
IXUVv6TzcqSsarhiRUwmkZiBqPYGiqXG0ODSk0ROVo+0DhA/Lf5KPGGo0MREjqLE
WWahtz7gDUXI9rRnXwIDAQAB
-----END PUBLIC KEY-----"""

rsakey = RSA.importKey(pub_key)
rsakey = PKCS1_OAEP.new(rsakey)
encrypted = rsakey.encrypt(mesaj)
mesaj_criptat = encrypted.encode('base64')
print mesaj_criptat
1.2.1 Sending encrypted message
Maria: OctEHiY1wkK6My4YeogpXFH/Q+p/CdjuWxDljcgDS8EGVB0OpUHMjC91OntWUjgW0kph529CDAU/
Hg1I1kPVmOuV1AR3MNZ9exibIJPOcsKXl5j1WH/YhNNGRUOwzGJ2PxVNzoV2KibmMjRiLVYFw/OX
swUhIlCai08KQuFUgzA=
Ion: decrypting...
1.3 Decrypting message:

from Crypto.PublicKey import RSA
from Crypto.Cipher import PKCS1_OAEP 
from base64 import b64decode

mesaj_criptat = """OctEHiY1wkK6My4YeogpXFH/Q+p/CdjuWxDljcgDS8EGVB0OpUHMjC91OntWUjgW0kph529CDAU/
Hg1I1kPVmOuV1AR3MNZ9exibIJPOcsKXl5j1WH/YhNNGRUOwzGJ2PxVNzoV2KibmMjRiLVYFw/OX
swUhIlCai08KQuFUgzA="""

priv_key = """-----BEGIN RSA PRIVATE KEY-----
MIICXAIBAAKBgQCjH4ZhGcvrs1iDF8Mk4rin90vBkQyklff9gVItswpNpMzw7Ohp
MqOXk0BgQS4ROh3uEgp/fpi4ZhHJfYY9RBMTPdNcIXUVv6TzcqSsarhiRUwmkZiB
qPYGiqXG0ODSk0ROVo+0DhA/Lf5KPGGo0MREjqLEWWahtz7gDUXI9rRnXwIDAQAB
AoGAHUGILl4cDrfpxgk6/KCVEbruoVbMd7BV++d3v65+yJIoF4XF4Sgt4v+L6jeG
dZyAxbQCof8okNntkr+qlc5hxSXu1GB6paeqOLdLFbedjZg/8LEcKGm/+pB0gnxy
hxklalWGUFBxj18yl7+zKZNf+7zts9edv7CIMYcltp+2WwECQQC251e+xARhijgA
tgtKUHkgaZQnhZBK+TBRIJOMs0a4quHCmewGicf9cVRUtG+o1ZyvM5B1De+NnS6I
wOslBq+fAkEA5FB1ezysbuCornDZyEz26cjlEVMSsTi5d0O1qbymTTyybVolcsWW
Z8j3EyEbkTm6c/D+XzyzxKm1BEvDyGwwQQJAMzki98gJug9tk7VoAA39fjhTR6Y+
POEAyReoevUST1F8HHXjBgm8Opxsk7RcuRnp4Z89S6r1deGZUK9Gq33t3QJAA83j
Zz5HkUFlDiMLPe8qXhLe3j8IHLPZQ0d5i259RuQwBOpvnU31h50toL/4eZ8AoFXv
px6X0DsTrRKmHHzRAQJBAJy+updgLPUB/0A0LXllj3j7+nDtaslFABgQemh2slhE
tlEreUPI4ofSbCZ6rduZaWnt3FMvGAFES3jXcEdcd/U=
-----END RSA PRIVATE KEY-----"""
rsakey = RSA.importKey(priv_key) 
rsakey = PKCS1_OAEP.new(rsakey) 
decrypted = rsakey.decrypt(b64decode(mesaj_criptat)) 
print decrypted
print "press any key to exit..."
raw_input()
rstrsa.jpg
1.4 Concluzie:
Nu folositi chei scurte si mesaje lungi.
Later on that day...
Ion: urs eshti?
Ion: scuze, usr
Usr_6: nu
Ion: frate, zi shi mie cum sa-mi lungesc cheia?
Usr_6: prinzi un capat in menghina si cu patentu tragi de celalalt, dc?
Ion: nu cheia de la usa frate.. aia de la RSA, din tutorialul postat de tine pe RST
Usr_6: schimbi "key = RSA.generate(1024, random_generator)" cu "key = RSA.generate(2048, random_generator)" sau cat o vrei tu de lunga
In alte roluri:
Python 2.7.6 Release
https://www.dlitz.net/software/pycrypto/
Python and cryptography with pycrypto | Laurent Luce's Blog
https://launchkey.com/docs/api/encryption



			
		


		
			

				
					
						

	
	
		

			
				
				

					
				

			
			
			
		

	


					
				
				
			

		

		
			

		
	


	
    


	



					
				
					
					
					







	

	

	

		

			

				


	
		nedo
	

				
				
					
						
Newbie
					
				
			

		

		

			

				


nedo
			

			

			    Posted 
				
			

		

	

	
	

		




	

		

			

				
    
					
					
					
					
					
				

			

			
		


		

		   
		   Posted 
		   
			
			
				
				
			
		

	


	

    

	

		
		

			
Cred ca ar fi cazul ca incerc si eu pythone, ca parca se folosesc mai usor si instaleaza mai usor librariile decat in c++, sau mi se pare mie?
Ps. Frumos tutorial. Iar pentru cei care vor sa foloseasca un program de chat care are la baza ideea de aici sa verifice la mine in semnatura :D



			
		


		
			

				
					
						

	
	
		

			
				
				

					
				

			
			
			
		

	


					
				
				
			

		

		
			

		
	


	
    


	



					
				
			
			



		

	


	
	

	
		
		

			
				
				

	
		

			
Join the conversation

			

	
				
					You can post now and register later.
				
				If you have an account, sign in now to post with your account.
				
			

	
		

	




	
	
		
	
		
	
		
	
	
		
		
	
	

		

		


	
		Guest
	


		

			
				
					
				
					
						
    
							
  • 
								


	
	
	
	

								
							
    • 
						

					
				
					
				
			
			
				
					
						
							
						
						



    

		
		

			
		

		
			
 Reply to this topic...

		
		

			

				
					×
					  Pasted as rich text.   Paste as plain text instead
				
			

		

		

			

				  Only 75 emoji are allowed.
			

		

		

			

				×
				  Your link has been automatically embedded.   Display as a link instead
			

		

		

			

			

		

		

			

				×
				  Your previous content has been restored.   Clear editor
			

		

		

			

				×
				  You cannot paste images directly. Upload or insert images from URL.
			

		

		
	

		
	

	

	

		

			×
			
		

		

	



						
					
				
					
				
					
				
			
			
    
				
					
						
					
						
					
						
							
  • 
								


    
	

    

								
							
    • 
						
					
				
				
					
  • 

	

    • 
				
			

		

	



			
		

	

	
		

			


		

		

			



		

	







	

		
			
				Go to topic listing
			
		
	

	




	

	

	


	

	




								


							

							


						

					

					
				

				

				

			

		

		
		


	×
	

		

			

			

				

					
				


			

			
		

	






	×
	

		

			
    
				
  • Create New...
    •