Recently, someone I know purchased a network printer that was the same make and model as mine. They weren’t sure on how to setup the printer and asked for my help. The setup is not difficult, however the default settings leaves the printer open on its wireless interface. So there are more steps that are required to secure it. The challange facing us was distance, they live in another state. However, I was able to export my printer settings, which I could email to them.
Even though the printer’s default settings lacked security, the export function encrypted the settings file. Without it, the wireless network details and contacts would be viewable in plaintext. So I set my printer to work in thier network, exported the encrypted settings file, then emailed it to them. Later we talked on the phone and I stepped them through importing the file and entering the password for the settings file. After restarting the printer, they were up and running.
This settings file, when opened with a text editor was a garble of characters. However, at the top of the file something stood out.
Looking online for “salted” led me to encryption methods that involved a salting passphrase. It seems that the printer used this as well. So I tried to decrypt the file manually with the OpenSSL command.
openssl enc -aes-256-cbc -d -in PrinterSettings.enc -out PrinterSettings.txt
It prompted for the salting passphrase. After entering it, the decyrption was rather quick resulting in the plaintext settings file.
The OpenSSL command can be used to encrypt files, here is an example.
openssl enc -aes-256-cbc -salt -in Voice.mp3 -out Voice.enc
I tested this with an audio file. It prompted for a passphrase to use and finished with the encrypted file. The source file was 2.6 MB (2587719 bytes) in size, the encrypted file size was 2.6 MB (2587744 bytes). Next I compressed the file with 2.6 MB (2588351 bytes) being the result, not ideal. More on that later.
So far, the encrypted files are binary. Some text editors complain when opening them. The text can not be placed in text feilds with expected results. I can’t paste the contents into an email body or on a web page. However, we can use OpenSSL to encrypt the output as ASCII text with the -a switch. Here is the command to do that.
openssl enc -aes-256-cbc -salt -a -in file.txt -out file.txt.enc
These are the results
The encryption and decryption method we have covered so far is referred to as symetrical encryption. That means one key is used to encrypt and decrypt, that being the salt passphrase. The more widely used method of encryption and decryption is asymetrical encryption. This is when the encryption is done using a private key, only known to the side doing the encryption. This private key can only be used to encrypt, it can not be used to decrypt. To decrypt, a public key is used. That public key can not encrypt, it can only decrypt what the private key encrypted. Both the private and public keys are created at the same time. The party that intends to encrypt with the private key distributes the corrisponding public key to the world. This video covers the topic well.
These videos provide some additional background and the debate surrounding encryption.
I hope you have enjoyed and I look forward to having you back soon.