An implementation of a hybrid encryption system involving RSA, and AES256-CBC
- Receiver public and private keys (RSA keys in pem or der format)
- Sender public and private keys (RSA keys in pem or der format)
- Input plaintext file which is to be encrypted
python3 fcrypt.py -e <receiver_public_key_file> <sender_private_key_file> <input_plaintext_file> <output_ciphertext_file>
python3 fcrypt.py -d <receiver_private_key_file> <sender_public_key_file> <input_ciphertext_file> <output_plaintext_file>
- Random 256-bit session key and 128-bit Initialisation Vector are generated.
- The session key and iv are used to encrypt the plaintext.
- The encrypted plaintext is digitally signed using the sender’s private key.
- The session key is encrypted using receivers public key.
- The final output is a package is made of (encrypted message + encrypted session_key + iv + signature)
- The encrypted is package is split into the separate values.
- The digital signature is verified using sender’s public key and if the verification fails the program is aborted before the decryption is done.
- The encrypted session key is decrypted using receiver’s private key.
- The encrypted message is decrypted using the session key.