Encryption: new openssl version incompatiblity?

Issues and / or general discussion relating to Puppy

Moderator: Forum moderators

Post Reply
User avatar
JASpup
Posts: 1653
Joined: Sun Oct 04, 2020 10:52 am
Location: U.S.A.
Has thanked: 70 times
Been thanked: 89 times

Encryption: new openssl version incompatiblity?

Post by JASpup »

I just tried to decrypt my openssl encoded text file in Fossa Focal and it returned gibberish.

Entering the exact same command and password, it works in Xenial where it was created.

Is this because a there's a newer version of openssl in Fossa that is not compatible with files encrypted in older versions?

On the Whiz-Neophyte Bridge
Linux Über Alles
Disclaimer: You may not be reading my words as posted.

User avatar
rockedge
Site Admin
Posts: 6538
Joined: Mon Dec 02, 2019 1:38 am
Location: Connecticut,U.S.A.
Has thanked: 2745 times
Been thanked: 2619 times
Contact:

Re: Encryption: new openssl version incompatiblity?

Post by rockedge »

I didn't think it would be different and not backward compatible. Do you have a possibility to check the files in Xenial again?

User avatar
JASpup
Posts: 1653
Joined: Sun Oct 04, 2020 10:52 am
Location: U.S.A.
Has thanked: 70 times
Been thanked: 89 times

Re: Encryption: new openssl version incompatiblity?

Post by JASpup »

rockedge wrote: Sun Aug 29, 2021 7:57 pm

Do you have a possibility to check the files in Xenial again?

You mean try to decipher them in Fossa again as I'm back in Xenial now?
Yes, they're still around.

It's kind of dreadful to think you're not right. "Oh, I created these in whatever version runs in Xenial" is not my preferred kind of memory. I've already hit a backwards compatibility wall in encfs.

I'm doing the thing I needed the files for but will post again after the test.

On the Whiz-Neophyte Bridge
Linux Über Alles
Disclaimer: You may not be reading my words as posted.

User avatar
JASpup
Posts: 1653
Joined: Sun Oct 04, 2020 10:52 am
Location: U.S.A.
Has thanked: 70 times
Been thanked: 89 times

Re: Encryption: new openssl version incompatiblity?

Post by JASpup »

@rockedge confirmed

Fossa: OpenSSL 1.1.1f 31 Mar 2020

Fossa-openssl-fail-min.png
Fossa-openssl-fail-min.png (45.11 KiB) Viewed 345 times

Xenial: OpenSSL 1.0.2g 1 Mar 2016 - clean decipher

On the Whiz-Neophyte Bridge
Linux Über Alles
Disclaimer: You may not be reading my words as posted.

User avatar
mikeslr
Posts: 2959
Joined: Mon Jul 13, 2020 11:08 pm
Has thanked: 178 times
Been thanked: 913 times

Re: Encryption: new openssl version incompatiblity?

Post by mikeslr »

Hi JASpup,

While you're exploring this area, do you think you'll have time to examine the compatibility of various versions of peazip. Although I don't have much of a reason to use it, I've generally recommended it and have included it in Remasters and generally made it as both 32-and-64 bit portables since this post, https://oldforum.puppylinux.com/viewtop ... a22136ce19

It's Cross-platform. The latest 32-bit (version 7.4.2) can be found here, https://download.cnet.com/PeaZip-Portab ... 10814.html; other latest versions (8.1.0) here, https://github.com/peazip/PeaZip/releases/; older versions as far back as 5.4, here https://github.com/peazip/PeaZip/releases/tag/5.4.0 and those in between by clicking the "Next" or "Previous" buttons at the bottom of webpages.

User avatar
JASpup
Posts: 1653
Joined: Sun Oct 04, 2020 10:52 am
Location: U.S.A.
Has thanked: 70 times
Been thanked: 89 times

Re: Encryption: new openssl version incompatiblity?

Post by JASpup »

mikeslr wrote: Mon Aug 30, 2021 4:31 pm

Although I don't have much of a reason to use it

Well, when you write that, first I have to figure out what peazip is.

I did my compatibility test because I use it.

On the Whiz-Neophyte Bridge
Linux Über Alles
Disclaimer: You may not be reading my words as posted.

User avatar
mikeslr
Posts: 2959
Joined: Mon Jul 13, 2020 11:08 pm
Has thanked: 178 times
Been thanked: 913 times

Re: Encryption: No incompatibiiity between Peazip versions

Post by mikeslr »

@ JASpup,

Some of us are motivated by curiosity, a willingness to help others solve problem we, ourselves, don't have, and/or a desire to make Puppy Linux as good as it can be.

Since I recommended peazip in the past, I wondered if the problem you reported effected it. So I downloaded the peazip_portable-5.4.0-.LINUX.GTK-2.tar.gz from the link in my reply, extracted it and booted into tahrpup32, the oldest Puppy I have readily available. Created two encrypted archives, one as a zip the other as a pea.
Then I booted into Fossapup64 and ran peazip_portable-8.1.0 --extracted from the downloaded tar.gz. That version successfully decrypted both archives.
Note, I didn't particularly get carried away in creating a password. [Perhaps your latest decryption application doesn't handle symbols in the same manner as the earlier encryption did in creating the archive]. If you read my earlier post about peazip you'll know that after creating a pea archive you can rename it removing the '.pea' ending. The resultant file will often appear as a binary [depends on icon set used]. Nothing can decrypt it unless you know to again rename it, returning the '.pea' suffix: a particularly effective way to prevent information on a lost USB-Key or transmitted over an open network from falling into the wrong hands.

The 10+/- tar.gz downloads contains several files and folder, including a help.pdf and an info-readme.txt. But even the downloads not designated 'portable', essentially are. All they need to run is to have the binary and the included 'res' folder in the same folder*. The new QT5 version is an exception. Its download includes a file named libQt5Pas.so.1.2.6 you'd have to install to /usr/lib and reboot. But the QT5 version is offered as an alternative.
-=-=-=-=--
* Like all applications not specifically built for Puppy, these may have lib dependencies not fulfilled by Puppy OOTB. But, ldd will easily identify them and PPM will provide them.

williwaw
Posts: 1937
Joined: Tue Jul 14, 2020 11:24 pm
Has thanked: 170 times
Been thanked: 368 times

Re: Encryption: No incompatibiiity between Peazip versions

Post by williwaw »

mikeslr wrote: Tue Aug 31, 2021 4:48 pm

downloads not designated 'portable', essentially are. All they need to run is to have the binary and the included 'res' folder in the same folder*. The new QT5 version is an exception. Its download includes a file named libQt5Pas.so.1.2.6 you'd have to install to /usr/lib and reboot. But the QT5 version is offered as an alternative.
-=-=-=-=--
* Like all applications not specifically built for Puppy, these may have lib dependencies not fulfilled by Puppy OOTB. But, ldd will easily identify them and PPM will provide them.

Thanks for the review Mikeslr. Peazip has come a long way since I first looked at it as a portable many years back.

User avatar
Grey
Posts: 2023
Joined: Wed Jul 22, 2020 12:33 am
Location: Russia
Has thanked: 76 times
Been thanked: 376 times

Re: Encryption: No incompatibiiity between Peazip versions

Post by Grey »

mikeslr wrote: Tue Aug 31, 2021 4:48 pm

Nothing can decrypt it unless you know to again rename it, returning the '.pea' suffix: a particularly effective way to prevent information on a lost USB-Key or transmitted over an open network from falling into the wrong hands.

Not a very tricky and reliable way. Someone can (even a 13-year-old boy, the grandson of my neighbor can do this) just look at the beginning of the file in a hex editor, for example, in Bless. And see this:

pea_hex.png
pea_hex.png (4 KiB) Viewed 288 times

In a few seconds, the scoundrel will already know that it is necessary to add the .pea extension to the file name.

If the file is with a password, then you will still need to "bang" the password. It already depends on resources and motivation.

In addition, according to your description, the information is ALREADY in the wrong hands - it just hasn't been deciphered yet :)

I once thought about the question of where it is better to lose a flash drive. In the city or in the countryside? Better the second option. Not because there are fewer "specialists" there. It's just that in the field there is less chance of finding a small flash drive.

Fossapup OS, Ryzen 5 3600 CPU, 64 GB RAM, GeForce GTX 1050 Ti 4 GB, Sound Blaster Audigy Rx with amplifier + Yamaha speakers for loud sound, USB Sound Blaster X-Fi Surround 5.1 Pro V3 + headphones for quiet sound.

User avatar
JASpup
Posts: 1653
Joined: Sun Oct 04, 2020 10:52 am
Location: U.S.A.
Has thanked: 70 times
Been thanked: 89 times

Re: Encryption: new openssl version incompatiblity?

Post by JASpup »

I play a different approach.

I'm not an executive, mega millionaire or government agent.

The name/type of my encrypted files in OpenSSL is a simple puzzle in the file.

Imagine it's a Word .doc. I'll put MD in the filename as a homophone.

Can a genius or super technical expert decipher such codes?

Perhaps. Is it worth trying? Probably not. Does my approach weed out most anyone who would come across my data? Yes.

With this post I was mostly trying to learn if version incompatibility is normal, if others have the same reaction, and what they do about it.

Another utility is valid, but what about those common and builtin?

When you finally commit to a technique it's not easy to drop it for something else.

On the Whiz-Neophyte Bridge
Linux Über Alles
Disclaimer: You may not be reading my words as posted.

User avatar
mikeslr
Posts: 2959
Joined: Mon Jul 13, 2020 11:08 pm
Has thanked: 178 times
Been thanked: 913 times

Re: Encryption: new openssl version incompatiblity?

Post by mikeslr »

Hi grey,

Remind me to loose my USB-Keys in the US [where for 2 generations consumers have been spoon-fed by Microsoft and Google] rather than Russia where even 13 year olds know how to use a hex editor. ;)

williwaw
Posts: 1937
Joined: Tue Jul 14, 2020 11:24 pm
Has thanked: 170 times
Been thanked: 368 times

Re: Encryption: new openssl version incompatiblity?

Post by williwaw »

using a compression utility as a poor mans encryption app certainly has it's downside, but I see peazip has much more

https://peazip.github.io/encrypt-files.html

https://peazip.github.io/peazip-help-faq.html

User avatar
JASpup
Posts: 1653
Joined: Sun Oct 04, 2020 10:52 am
Location: U.S.A.
Has thanked: 70 times
Been thanked: 89 times

Re: Encryption: new openssl version incompatiblity?

Post by JASpup »

From a user standpoint, for most of my computing years, a compression utility was encryption.

And the first one I remember using (probably for its dominance) is still my preference - archive included, password protection, compatible everywhere, in-line ratios for speed & compression.

What I don't understand still is how a stronger encryption has made it secure. When an old file extension looks and operates the same for decades, the differences are going to be under-the-hood. and most people won't notice any change.

On the Whiz-Neophyte Bridge
Linux Über Alles
Disclaimer: You may not be reading my words as posted.

Post Reply

Return to “Users”