Symmetric encryption involves using a single key to encrypt and decrypt data, while asymmetric encryption uses two keys - one public and one private - to encrypt and decrypt data. Each type of encryption has its own strengths and weaknesses, and the choice between the two depends on the specific needs of the user. As I have recently configured HTTPS TLS for EBS 12.2 environment we have to use asymmetric encryption method with RSA algorithm to encryt the data on Transport Layer where TLS termination was set at OHS Oracle HTTP Server Level. Check this post Blog for DBA Consultants: August 2023 (samiora.blogspot.com) for high level steps to configure TLS for EBS 12.2 environment.
When it comes to encryption, the latest schemes may necessarily the best fit. You should always use the encryption algorithm that is right for the task at hand. In fact, as cryptography takes a new shift, new algorithms are being developed in a bid to catch up with the eavesdroppers and secure information to enhance confidentiality. Hackers are bound to make it tough for experts in the coming years, thus expect more from the cryptographic community!
Example of SYMMETRIC Encryption on a Linux Server using gpg utility
[root@myLinuxVM ~]# pwd
/root
[root@myLinuxVM ~]# mkdir Desktop
[root@myLinuxVM ~]# cd Desktop/
[root@myLinuxVM Desktop]# touch MyEncryptfile.txt
[root@myLinuxVM Desktop]# echo "Hello World This is a test"
> MyEncryptfile.txt
[root@myLinuxVM Desktop]# cat MyEncryptfile.txt
Hello World This is a test
[root@myLinuxVM Desktop]# gpg -c MyEncryptfile.txt
lqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqk
x Enter
passphrase
x
x
x
x
x
x Passphrase
*********_______________________________ x
x
x
x <OK>
<Cancel> x
mqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqj
lqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqk
x Please re-enter
this passphrase x
x
x
x Passphrase
*********_______________________________ x
x
x
x <OK>
<Cancel> x
mqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqj
[root@myLinuxVM Desktop]# gpg -c MyEncryptfile.txt
gpg: directory `/root/.gnupg' created
gpg: new configuration file
`/root/.gnupg/gpg.conf' created
gpg: WARNING: options in
`/root/.gnupg/gpg.conf' are not yet active during this run
gpg: keyring `/root/.gnupg/pubring.gpg' created
[root@myLinuxVM Desktop]# ls -ltr
-rw-r--r--. 1 root root 27 Aug 30 13:12 MyEncryptfile.txt
-rw-r--r--. 1 root root 82 Aug 30 13:24
MyEncryptfile.txt.gpg
[root@myLinuxVM Desktop]# more MyEncryptfile.txt.gpg
t▒▒QDE▒▒Ads}R▒\▒q▒▒"s▒▒▒v]&;̘(▒;Lp▒▒▒)(▒d7▒G6`xN▒d▒▒P▒▒
[root@myLinuxVM Desktop]# gpg -o MyEncryptfile.txt
MyEncryptfile.txt.gpg
gpg: keyring `/root/.gnupg/secring.gpg'
created
gpg: CAST5 encrypted data
gpg: encrypted with 1 passphrase
File `MyEncryptfile.txt' exists.
Overwrite? (y/N) y
gpg: WARNING: message was not integrity
protected
[root@myLinuxVM Desktop]# ls -ltr
total 8
-rw-r--r--. 1 root root 82 Aug 30 13:24
MyEncryptfile.txt.gpg
-rw-r--r--. 1 root root 27 Aug 30 13:36
MyEncryptfile.txt
[root@myLinuxVM Desktop]# more MyEncryptfile.txt.gpg
t▒▒QDE▒▒Ads}R▒\▒q▒▒"s▒▒▒v]&;̘(▒;Lp▒▒▒)(▒d7▒G6`xN▒d▒▒P▒▒
[root@myLinuxVM Desktop]# more MyEncryptfile.txt
Hello World This is a test
[root@myLinuxVM Desktop]# gpg -o MyEncryptfile_DECRYPTED.txt MyEncryptfile.txt.gpg
gpg: CAST5 encrypted data
gpg: encrypted with 1 passphrase
gpg: WARNING: message was not integrity
protected
[root@myLinuxVM Desktop]# ls -ltr
total 12
-rw-r--r--. 1 root root 82 Aug 30 13:24
MyEncryptfile.txt.gpg
-rw-r--r--. 1 root root 27 Aug 30 13:36
MyEncryptfile.txt
-rw-r--r--. 1 root root 27 Aug 30 13:37
MyEncryptfile_DECRYPTED.txt
[root@myLinuxVM Desktop]# more MyEncryptfile_DECRYPTED.txt
Hello World This is a test
Example of an Asymmetric Encryption using private and public keys on a linux server using openssl utility,
[root@myLinuxVM Desktop]# mkdir
ASSYMETTRIC
[root@myLinuxVM Desktop]# cd
ASSYMETTRIC/
[root@myLinuxVM ASSYMETTRIC]# openssl genrsa -out test_private_key.pem 1024
Generating RSA private key, 1024
bit long modulus
............................++++++
..++++++
e is 65537 (0x10001)
[root@myLinuxVM ASSYMETTRIC]# ls
-ltr
-rw-r--r--. 1 root root 887 Aug 30 13:56 test_private_key.pem
[root@myLinuxVM ASSYMETTRIC]#
openssl rsa -in test_private_key.pem -out test_public_key.pem -outform PEM
-pubout
writing RSA key
[root@myLinuxVM ASSYMETTRIC]# ls
-ltr
-rw-r--r--. 1 root root 887 Aug 30 13:56 test_private_key.pem
-rw-r--r--. 1 root root 272 Aug 30
13:57 test_public_key.pem
[root@myLinuxVM ASSYMETTRIC]# echo
"Hello world This is ASSYMETTRIC ENCYPTION TEST BY SAMI MALIK" >
MyEncryptFile.txt
[root@myLinuxVM ASSYMETTRIC]# ls
-ltr
-rw-r--r--. 1 root root 887 Aug 30 13:56 test_private_key.pem
-rw-r--r--. 1 root root 272 Aug 30
13:57 test_public_key.pem
-rw-r--r--. 1 root root 61 Aug 30 14:00 MyEncryptFile.txt
[root@myLinuxVM ASSYMETTRIC]# more
MyEncryptFile.txt
Hello world This is ASSYMETTRIC
ENCYPTION TEST BY SAMI MALIK
[root@myLinuxVM ASSYMETTRIC]#
openssl rsautl -encrypt -inkey test_public_key.pem -pubin -in MyEncryptFile.txt
-out asymmetric_encrypt.dat
[root@myLinuxVM ASSYMETTRIC]# ls
-ltr
-rw-r--r--. 1 root root 887 Aug 30 13:56 test_private_key.pem
-rw-r--r--. 1 root root 272 Aug 30
13:57 test_public_key.pem
-rw-r--r--. 1 root root 61 Aug 30 14:00 MyEncryptFile.txt
-rw-r--r--. 1 root root 128 Aug 30
14:01 asymmetric_encrypt.dat
[root@myLinuxVM ASSYMETTRIC]# more
asymmetric_encrypt.dat
▒▒v▒▒▒
|▒.▒L▒▒▒-9▒P▒▒8Z▒▒▒IX▒s▒^L▒ ▒i▒▒▒]▒
Ê▒▒M7R▒▒A!▒▒▒q^j▒▒&Q▒_!6▒▒i▒Ê¡)[qi▒▒l▒ee▒▒c▒▒▒R▒"▒@▒%O▒(fH▒Ke7
[root@myLinuxVM ASSYMETTRIC]#
openssl rsautl -decrypt -inkey test_private_key.pem -in asymmetric_encrypt.dat
-out asymmetric_decrypt.txt
[root@myLinuxVM ASSYMETTRIC]# ls
-ltr
-rw-r--r--. 1 root root 887 Aug 30 13:56 test_private_key.pem
-rw-r--r--. 1 root root 272 Aug 30
13:57 test_public_key.pem
-rw-r--r--. 1 root root 61 Aug 30 14:00 MyEncryptFile.txt
-rw-r--r--. 1 root root 128 Aug 30
14:01 asymmetric_encrypt.dat
-rw-r--r--. 1 root root 61 Aug 30 14:02 asymmetric_decrypt.txt
[root@myLinuxVM ASSYMETTRIC]# more
asymmetric_decrypt.txt
Hello world This is ASSYMETTRIC ENCYPTION TEST BY SAMI MALIK
