Diffie Hellman 

A cryptographic method that allows two parties to securely establish a shared secret key over an insecure communication channel, such as the internet, without ever directly transmitting the key itself. This shared secret can then be used to encrypt subsequent communications using symmetric encryption algorithms.Developed by Whitfield Diffie and Martin Hellman in 1976, the algorithm was a groundbreaking advancement in cryptography because it solved the problem of secure key exchange over unsecured networks.

#The safe_prime is generated by the server and sent to the clients
#If you change the 1024 to 2048 bits, the safe prime will take longer

openssl # an open-source cryptography toolkit
dhparam # generates Diffie-Hellman parameters
-out safe_prime.key # output file for DH parameters
1024 # size of the prime in bits (minimum for learning; modern use: 2048+)

openssl dhparam -out safe_prime.key 1024

openssl # an open-source cryptography toolkit
genpkey # generates a private key based on specified parameters
-paramfile safe_prime.key # DH parameters to use
-out alice_private.key # output private key file for Alice

openssl genpkey -paramfile safe_prime.key -out alice_private.key

openssl # an open-source cryptography toolkit
genpkey # generates a private key based on specified parameters
-paramfile safe_prime.key # DH parameters to use
-out bob_private.key # output private key file for Bob

openssl genpkey -paramfile safe_prime.key -out bob_private.key

openssl # an open-source cryptography toolkit
pkey # public/private key utility
-in alice_private.key # input file containing Alice’s private key
-text # show key parameters in plain text (human-readable)
-noout # do NOT output the PEM/DER encoded key

openssl pkey -in alice_private.key -text -noout

openssl # an open-source cryptography toolkit
pkey # public/private key utility
-in bob_private.key # input file containing Bob’s private key
-text # show key parameters in plain text (human-readable)
-noout # do NOT output the PEM/DER encoded key

openssl pkey -in bob_private.key -text -noout

openssl # an open-source cryptography toolkit
pkey # public/private key utility
-in alice_private.key # input file containing Alice’s private key
-pubout # output the corresponding public key
-out alice_public.key # save the public key to this file

openssl pkey -in alice_private.key -pubout -out alice_public.key

openssl # an open-source cryptography toolkit
pkey # public/private key utility
-in bob_private.key # input file containing bob’s private key
-pubout # output the corresponding public key
-out bob_public.key # save the public key to this file

openssl pkey -in bob_private.key -pubout -out bob_public.key

openssl # an open-source cryptography toolkit
pkeyutl # utility for public/private key operations
-derive # derive a shared secret (used in Diffie-Hellman key exchange)
-inkey alice_private.key # Alice’s private key
-peerkey bob_public.key # Bob’s public key
-out alice_shared_secret # output file containing the derived shared secret

openssl pkeyutl -derive -inkey alice_private.key -peerkey bob_public.key -out alice_shared_secret

openssl # an open-source cryptography toolkit
pkeyutl # utility for public/private key operations
-derive # derive a shared secret (used in Diffie-Hellman key exchange)
-inkey bob_private.key # Bob’s private key
-peerkey alice_public.key # Alice’s public key
-out bob_shared_secret # output file containing the derived shared secret

openssl pkeyutl -derive -inkey bob_private.key -peerkey alice_public.key -out bob_shared_secret

cmp # Unix command to compare two files byte by byte
alice_shared_secret # file containing the shared secret derived by Alice
bob_shared_secret # file containing the shared secret derived by Bob

cmp alice_shared_secret bob_shared_secret

xxd # Unix command to create a hex dump of a file
alice_shared_secret # file containing the derived shared secret

xxd alice_shared_secret

xxd # Unix command to create a hex dump of a file
alice_shared_secret # file containing the derived shared secret

xxd bob_shared_secret

Rivest Shamir Adleman (RSA)

A public-key cryptosystem that uses a pair of mathematically related keys: a public key for encryption and a private key for decryption. It was developed in 1977 by Ron Rivest, Adi Shamir, and Leonard Adleman and remains one of the most widely used asymmetric encryption algorithms in the world.RSA relies on the mathematical difficulty of factoring large prime numbers to ensure security. While the public key can be freely shared to encrypt messages, only the holder of the corresponding private key can decrypt the ciphertext. This allows secure communication between parties without the need to share a secret key in advance.

echo “test” > input.txt # Create a file named input.txt containing the text “test”

echo "test" > input.txt

openssl # an open-source cryptography toolkit
genrsa # generates an RSA private key
-out private.key # output file for private key
2048 # key size in bits (secure for most uses)

openssl genrsa -out private.key 2048

openssl # an open-source cryptography toolkit
rsa # RSA key utility
-in private.key # input private key
-pubout # output the corresponding public key
-out public.key # output file for public key

openssl rsa -in private.key -pubout -out public.key

openssl # an open-source cryptography toolkit
pkeyutl # utility for public/private key operations
-encrypt # encrypt mode
-pubin # input key is a public key
-inkey public.key # the public key used for encryption
-in input.txt # plaintext input file
-out encrypted.txt # output ciphertext file

openssl pkeyutl -encrypt -pubin -inkey public.key -in input.txt -out encrypted.txt

openssl # an open-source cryptography toolkit
-decrypt # decrypt mode
-inkey private.key # the private key used for decryption
-in encrypted.txt # input ciphertext file
-out decrypted.txt # output plaintext file

openssl pkeyutl -decrypt -inkey private.key -in encrypted.txt -out decrypted.txt

cat decrypted.txt # Display the decrypted file contents

cat decrypted.txt