Devontrae introduced me to an interesting person a few nights ago: Tyler Diaz. I had no idea who he was or what he was capable of but we easily connected through the most obscure lingo known to hackers: cryptography.
He began the conversation by asking, "Are you a hacker?" Questions like these usually signal some exclusivity. Fortunately for me, I was in that exclusive loop. He followed up by showing me a UNIX command.
echo SGVsbG8sIEdpbwo= | openssl base64 -d
This obviously isn't 1337 speak. From reading the command, we can see that the arbitrary text is being routed to standard input of the
openssl base64 -d command as denoted by the piping
base64 is the keyword that gave me the idea that this message is encoded and I'm supposed to decode it.
Do as the Hackers Do
Decrypt it. Unfortunately, I wasn't using a Linux at the time and we were chatting through MSN messenger on Windows XP; thus, I googled for a base64 decryption website and decrypted the message:
At that moment, we connected.
It's strange that many hackers and programmers that I know like to communicate with me through cryptography. Cryptography is an interest that seems common with all hackers and programmers. A cryptographic friend of mine even runs his passwords through a message digest to ensure that they're all the same length.
I never took an interest in cryptography until now. After our interesting discussions, I wanted to learn more about the OpenSSL project and it's encryption libraries.
OpenSSL in Ubuntu
If you don't already have OpenSSL installed, you simply install it on Ubuntu like any other package.
$ sudo apt-get install openssl
Fortunately, I already had OpenSSL installed on my Ubuntu 11.04 for my laptop. I didn't want to use OpenSSL for its SSL and TLS network protocols but for its encryption libraries as Tyler did; so, I looked up openssl's CLI documentation.
Encrypting and Decrypting with OpenSSL
The OpenSSL command that Tyler showed me was a shortcut to the
enc pseudo-command that used common ciphers including
base64 to encrypt and decrypt messages. This is exactly what I wanted to do but first I needed to know which ciphers exist. Fortunately, a pseudo-command exists to list all available ciphers.
$ openssl list-cipher-commands aes-128-cbc aes-128-ecb aes-192-cbc aes-192-ecb aes-256-cbc aes-256-ecb base64 # more ciphers
These ciphers made it easy for me to encrypt and decrypt messages quickly so that I can start esoteric communication with friends (but not all the time). The command is a very simple pattern that Tyler demonstrated above.
$ echo [message] | openssl [cipher] [-d|-e]
About the Variables
- message is the plain-text to be encrypted or decrypted.
- cipher is the cryptographic algorithm used such as
- -d and -e flags are decryption and encryption respectively. Either can be used but not both.
We can see that we can decrypt and encrypt an arbitrary message every time by switching the flag. The command pattern is so simple that you can use it any time during a chat to engage in an esoteric conversation with a friend.
More to OpenSSL than Cryptography Libraries
OpenSSL also offers SSL and TLS socket implementations that I'm hoping to look into in the future while studying C/C++ so that I can touch on more socket programming. There's also other methods of encryption such as using file input and output to process larger blocks of text rather than piping messages into the standard output but that can be read from the documentation.
When it comes to a social situation with hackers though, you need to know your cryptography. I hope you enjoy being in the loop.