-
Notifications
You must be signed in to change notification settings - Fork 7
/
Copy path2017-11-04-Keep-Your-Secret.Rmd
143 lines (101 loc) · 6.47 KB
/
2017-11-04-Keep-Your-Secret.Rmd
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
---
title: "Public Key Cryptography in R with openSSL"
author: "Vladimir Zhbanko"
date: Sys.Date()
output:
md_document:
variant: markdown_github
---
## Why to bother?
Have your heard this term 'password chaos'? This is when you exposed to necessity to keep creating stronger passwords, not re-using them across resourses, replacing them every now and then and so on. The only solution seems to be using special programs to encrypt/decrypt your passwords. Of course there are programs designed to do this, they may even be already present by default in your computer. If not it would be necessary to add one extra program, paid or free.
I had a different idea. Why can't we use **Public Key Cryptography** to enrypt simple text or data tables with *R* Statistical Software? Indeed, it appeared to be extremely easy. All you need is __10 lines of code__... Just read the text below to get a feel
## Cryptography
Going to internals of **Cryptography** is something really not for everybody. It smells complex math and must be a lot of code behind... It's also something related to conspiracy stories, spy scandals, NSA and so on. But it's also exciting new technologies like blockchain, new businesses, new opportunity! Sometimes people are even using this technology without even noticing it... think about end to end encryption on your __What's Up__ messenger...
## Public Key Cryptography
**Public Key Cryptography** is a type of Cryptographic system that uses set's of keys. They are known to be Public and Private. These keys in combination with a fixed algorithm are used to Encrypt or Lock information and to Decrypt or Unlock information. Let's have a quick summary of what are those and how are they made. In order to make things really interesting lets look into the process itself by encrypting and decrypting a popular phrase __'Hello World'__. I will be using **R** package **openssl** to demonstrate that. For the sake of make things 'easy' and not generating intermediate objects I will also load **tidyverse** package to use the `pipe|%>%`
```{r, message=FALSE}
library(openssl)
library(tidyverse)
```
### Private Key
Private Key is generated from a large random number. Below code in R will generate the Private Key and write it as a file persistently. You can specify how 'big' your key should be with a 'bits' argument. Password argument is optional, but highly recommended and it is required to 'unlock' private key when you use it from file:
```{r}
# generate your private key (NB: make sure to do back up copy!!!)
rsa_keygen(bits = 2099) %>%
write_pem(path = "my_key.pem", password = "")
```
Just for the sake to understand what is that 'animal' we can read it back and see how this key is composed:
```{r}
# read private key from file and output structure of the object
read_key("my_key.pem",password = "") %>% str()
```
You can already notice object **$pubkey** which has a **$data** elements that are exactly the same as elements of the data elements of the **private key**
**Takeaway #1** : `Private Key` contains `Public Key`
### Public Key
Public Key is a list that contains 'numbers' that are exactly same as the elements of the Private Key. These elements are used by the algorythm to **Encrypt** information. Think we use those numbers to deliberately mix our information in a way that we can 'unmix' them later... Back to reality! All we need now is to extract this element and store it to the file!
```{r}
# generate your public key (NB: optional. Use Private Key to encrypt/decrypt)
read_key(file = "my_key.pem", password = "") %>%
# extract element of the list and write to file
`[[`("pubkey") %>% write_pem("my_key.pub")
```
Here you go! Check out the file **my_key.pub**. You can send it to your friends that can encrypt information that you and only you can read... (if you have corresponding private key of course)
### Encrypt with Public Key
Just as a simple example I would encrypt text string "Hello World" and save this result as a file:
```{r}
## Encrypt with PUBLIC key (e.g. send this code to collaborator)
"Hello World" %>%
# serialize the object
serialize(connection = NULL) %>%
# encrypt the object
encrypt_envelope("my_key.pub") %>%
# write encrypted data to File
write_rds("message.enc")
```
If you notice, I must 'serialize' my message before I can encrypt:
```{r}
## Encrypt with PUBLIC key (e.g. send this code to collaborator)
"Hello World" %>%
# serialize the object
serialize(connection = NULL) %>% head(10)
```
This vector of numbers can be encrypt with function **encrypt_envelope()** passing as an argument your file with a **public key**
```{r}
"Hello World" %>%
# serialize the object
serialize(connection = NULL) %>%
# encrypt the object
encrypt_envelope("my_key.pub") %>% str()
```
You always get a list of raw vectors as an R object. We can store this object using **read_rds()** function
### Read it back... decrypt
Decrypting this secret is easy. Just have a look on this chunk that does it for you:
```{r}
# read file with Encrypted Information (from Computer File System to R Environment)
secret_encrypted <- read_rds("message.enc")
# decrypting the list from R Environment
decrypt_envelope(data = secret_encrypted$data,
iv = secret_encrypted$iv,
session = secret_encrypted$session,
key = "my_key.pem",
password = "") %>%
# getting back original object in a form of the data frame
unserialize()
# remove secret_encrypted object
rm(secret_encrypted)
```
## Risks
Managing secrets is really hard. All has it's price. If you forget your password you may still restore it but if you encrypt important business information and can not decrypt it... or if someone has got a copy of your private key... Unforgunate risks does exists so you may need to spend some time to practice your way using Public Key Cryptography on **Dummy** data...
## Conclusion
Let's make some statistics:
Operation | Number of lines of code
----------| -----------------------
keys | 2
encrypt | 4
decrypt | 4
----------|------------------------
Total | 10
With just 10 lines of code you can create your keys, store them to the file, encrypt and decrypt your information!
## postscriptum
beyong the theory I have also studied different simple ways to exploit this concept. The material is quite big so I packed that to the e-learning course. Feel free to check this out at [https://www.udemy.com/keep-your-secrets-under-control/](https://www.udemy.com/keep-your-secrets-under-control/)
