HP OpenVMS Guide to System Security: OpenVMS Version 8.4 > Chapter 9 Using Encryption

Encrypting Files

After you define a key with the ENCRYPT /CREATE_KEY command, use this key to encrypt files. Enter the ENCRYPT command. In addition to the key, specify a plaintext file. The syntax of the ENCRYPT command is as follows:

ENCRYPT file-spec key-name [ qualifiers ]

where

file-specis the plaintext input file specification.
key-nameis the name of the key.
qualifiersare options that control the encryption process or the selection of files you want to encrypt.

The following example shows how to define the key and to encrypt a testfile.txt file with the defined key using AES and DES algorithms:

$ ENCRYPT/CREATE_KEY/AES MY_AES_KEY16 "My AES Key length>16"
$ ENCRYPT testfile.txt MY_AES_KEY16 /DATA_ALGORITHM=AESCBC128 /KEY_ALGORITHM=AESCBC128
$!
$ ENCRYPT/CREATE_KEY/AES MY_AES_KEY24 "TEST My AES Key length>24"
$ ENCRYPT testfile.txt MY_AES_KEY24 /DATA_ALGORITHM=AESCBC192 /KEY_ALGORITHM=AESCBC192
$!
$ ENCRYPT/CREATE_KEY/AES MY_AES_KEY32 "TEST TEST TEST My AES Key length>32"
$ ENCRYPT testfile.txt MY_AES_KEY32 /DATA_ALGORITHM=AESCBC256 /KEY_ALGORITHM=AESCBC256
$!
$ ENCRYPT/CREATE_KEY MY_DES_KEY "This is My DES Key"
$ ENCRYPT testfile.txt MY_DES_KEY

If an AES key is required, the /DATA_ALGORITHM and /KEY_ALGORITHM have to be specified with an AES algorithm.

By default, encryption uses the DESCBC data algorithm, if the /DATA_ALGORITHM qualifier is not specified.

By default, encryption uses the DESCBC key algorithm, if the /KEY_ALGORITHM qualifier is not specified.

Input File Specification

For the plaintext file specified on the ENCRYPT command line, use a file that resides on disk and that is not a directory file.

To specify multiple input files, use wildcard characters in the file specification. To control file selection, specify the appropriate ENCRYPT command qualifiers. Do not use wildcard characters to specify directory files or files containing bad blocks.

Output File Specification

The result of the encryption operation is a ciphertext file. One ciphertext file is created for each input file that is encrypted.

By default, the ENCRYPT command writes each ciphertext file to a separate output file with the same name except that it has a version number one higher than that of the current input file.

To specify an alternate output file specification, use the /OUTPUT qualifier. Specify only the file specification parts that you want to change from the defaults. For example, the following command encrypts all the files in the current directory that match the wildcard file specification *.COM. The /OUTPUT qualifier specifies that any output files created have a file type of .ENC. FRANCISSCOTT is the key used to encrypt the files.

$ ENCRYPT *.COM /OUTPUT=.ENC FRANCISSCOTT

Do not specify a file that already exists. For example, you cannot name the output file NEWS.DAT;2 if NEWS.DAT;2 already exists. However, specifying NEWS.DAT as both the input and output files is valid.

Displaying Processing Information

By default, information about the encryption operation is not displayed. To display information about file encryption operations on SYS$COMMAND, use the /SHOW qualifier. The /SHOW qualifier has the format:

/SHOW=keyword

or

/SHOW=keyword-list

Specify one or more of the following keywords:

  • FILES

  • STATISTICS

FILES Keyword

The FILES keyword displays the file specifications of the input and output files. For example, /SHOW=FILES in the following command specifies that each input and output file specification be displayed as it is encrypted.

$ ENCRYPT /SHOW=FILES *.COM FRANCISSCOTT
%ENCRYPT-S-ENCRYPTED, DISK2:[FLYNN]MOVE.COM.2 encrypted to DISK2:[FLYNN]MOVE.COM;3 (8 blocks)
.
.
.

STATISTICS Keyword

Use the STATISTICS keyword to display encryption stream statistics after the completion of each file operation. The statistics displayed are:

  • Bytes processed

  • Internal records processed

  • CPU time consumed within the encryption algorithm

The following command specifies that encryption stream statistics be displayed on SYS$COMMAND.

$ ENCRYPT /SHOW=STATISTICS *.COM FRANCISSCOTT
%ENCRYPT-S-STATISTICS, encryption stream statistics:
         Total Records: 65
         Total Bytes: 4083
         Total Time: 00:00:01.63
.
.
.

Specifying Files to Encrypt

To specify multiple input files, use the ENCRYPT command with wildcard characters in the input file specification.

The following ENCRYPT command qualifiers can help you select files:

  • /BACKUP

  • /BEFORE

  • /BY_OWNER

  • /CONFIRM

  • /EXCLUDE

  • /EXPIRED

  • /MODIFIED

  • /SINCE

/BACKUP Qualifier

The /BACKUP qualifier selects files for encryption according to the date of their most recent backup. This qualifier is meaningful only when used with either the /BEFORE or the /SINCE qualifier. The /BACKUP qualifier has the format:

/BACKUP /BEFORE[=time]

or

/BACKUP /SINCE[=time]

where

time is an OpenVMS time.

If you do not specify a time, TODAY is used. TODAY is the current day, month, and year at 00:00:00.

The following command selects for encryption all files in the current directory matching the wildcard file specification of *.COM that had backup copies made before 00:00:00 15-APR-2009.

$ ENCRYPT /BACKUP /BEFORE=15-APR-2009 *.COM FRANCISSCOTT

Do not use the /BACKUP qualifier with either the /EXPIRED or the /MODIFIED qualifier.

/BEFORE Qualifier

The /BEFORE qualifier selects files for encryption that have a creation time before the time specified with the qualifier. The /BEFORE qualifier has the format:

/BEFORE[=time]

where

time is an OpenVMS time.

If you do not specify a time, TODAY is used. TODAY is the current day, month, and year at 00:00:00.

The following command selects for encryption all files in the current directory matching the wildcard file specification of *.COM that were created before 00:00:00 15-APR-2009.

$ ENCRYPT /BEFORE=15-APR-2009 *.COM FRANCISSCOTT

/BY_OWNER Qualifier

The /BY_OWNER qualifier allows you to select files for encryption that have a particular owner User Identification Code (UIC). If no UIC is specified with the qualifier, the UIC of the current process is used. The /BY_OWNER qualifier has the format:

/BY_OWNER=uic

where

uic is the UIC of the owner of the file.

The following command selects for encryption all files in the current directory owned by the user whose UIC is [FLYNN] that match the wildcard file specification of *.COM.

$ ENCRYPT /BY_OWNER=[FLYNN] *.COM FRANCISSCOTT

/CONFIRM Qualifier

By default, all input files specified on the command line are processed without confirming that those files are selected for encryption. Use the /CONFIRM qualifier if you want a prompt with the name of each file selected for encryption. Your response determines whether or not a particular file is encrypted, as follows:

ResponseMeaning
YESEncrypt the file.
NO or RETURN Do not encrypt the file. This is the default.
QUIT or CTRL/ZDo not encrypt the file or any subsequent files.
ALLEncrypt the file and all subsequent files.

The following command selects for encryption all files in the current directory matching the wildcard file specification of *.COM. Because the /CONFIRM qualifier is specified, the user is prompted on a file-by-file basis to confirm that each file is to be encrypted. Because the prompt is answered in the affirmative for the file MOVE.COM;3, the output file MOVE.COM;4 is created.

$ ENCRYPT /CONFIRM *.COM FRANCISSCOTT 
Encrypt DISK2:[FLYNN]MOVE.COM;3 ? [N] YES 

/EXCLUDE Qualifier

Use the /EXCLUDE qualifier to exclude one or more files from an encryption operation. If a file matches the file specification provided with the /EXCLUDE qualifier, the file will not be encrypted. The /EXCLUDE qualifier has the format:

/EXCLUDE=(file-spec[,...])

where

file-spec is the name of the file to remain unencrypted.

Wildcard characters are allowed in the file specification. There is no default for the file specification. Because directory files are never encrypted, you need not specify them with the /EXCLUDE qualifier. However, if you do specify /EXCLUDE=*.DIR, you will not get the warning message %ENCRYPT-W-FILNODIR, file encryption of directories is not supported, filename.dir.

The following command selects for encryption all files in the current directory that match the wildcard file specification of *.COM, except LOGIN.COM, which is specified with /EXCLUDE.

$ ENCRYPT /EXCLUDE=LOGIN.COM *.COM FRANCISSCOTT

/EXPIRED Qualifier

The /EXPIRED qualifier selects files for encryption according to the dates on which they expire. (The expiration date is set with the SET FILE /EXPIRATION_DATE command.) This qualifier is meaningful only when used with either the /BEFORE or the /SINCE qualifier. The /EXPIRED qualifier has the format:

/EXPIRED /BEFORE[=time]

or

/EXPIRED /SINCE[=time]

where

time is an OpenVMS time.

If you do not specify a time, TODAY is used. TODAY is the current day, month, and year at 00:00:00.

The following command selects for encryption all files in the current directory matching the wildcard file specification of *.COM that expire after 00:00:00 15-APR-2009.

$ ENCRYPT /EXPIRED /SINCE=15-APR-2009 *.COM FRANCISSCOTT

Do not use the /EXPIRED qualifier with either the /BACKUP or the /MODIFIED qualifier.

/MODIFIED Qualifier

The /MODIFIED qualifier selects files for encryption according to the dates on which they were last modified. This qualifier is meaningful only when used with either the /BEFORE or the /SINCE qualifier. The /MODIFIED qualifier has the format:

/MODIFIED /BEFORE[=time]

or

/MODIFIED /SINCE[=time]

where

time is an OpenVMS time.

If you do not specify a time, TODAY is used. TODAY is the current day, month, and year at 00:00:00.

The following command selects for encryption all files in the current directory matching the wildcard file specification of *.COM that were modified after 00:00:00 15-APR-2009.

$ ENCRYPT /MODIFIED /SINCE=15-APR-2009 *.COM FRANCISSCOTT

Do not use the /MODIFIED qualifier with either the /BACKUP or the /EXPIRED qualifier.

/SINCE Qualifier

The /SINCE qualifier selects for encryption files that have a creation date after the time specified with the qualifier. The /SINCE qualifier has the format:

/SINCE[=time]

where

time is an OpenVMS time.

If you do not specify a time, TODAY is used. TODAY is the current day, month, and year at 00:00:00.

The following command selects for encryption all files in the current directory matching the wildcard file specification of *.COM that were created after 00:00:00 15-APR-2009.

$ ENCRYPT /SINCE=15-APR-2009 *.COM FRANCISSCOTT

Deleting Encrypted Files

By default, when the ENCRYPT software encrypts an input file and writes the resulting output file, the input file is retained. However, do not encrypt a file and then leave the plaintext file online if you are concerned about the security of the file.

You can use the DCL DELETE command with the /ERASE qualifier to remove the contents of the plaintext file from the disk, or you can use the following qualifiers with the ENCRYPT command:

  • /DELETE

  • /ERASE

/DELETE Qualifier

The /DELETE qualifier deletes the input file after the encryption operation completes and the output file is written and closed. If you have multiple versions of the input file, they are not all deleted. /DELETE acts on only the version of the input file that you encrypted.

To delete the unencrypted input file from the disk, use the /DELETE qualifier. The following command specifies that the SAVEDMAIL.MAI file be encrypted using the TWENTYFIVECENTS encryption key. Because the /DELETE qualifier is specified, the input file is deleted after the encrypted output file is written.

$ ENCRYPT /DELETE SAVEDMAIL.MAI TWENTYFIVECENTS
NOTE: There may be scenarios when the ENCRYPT/COMPRESS command executes without error, but decryption fails. This can be catastrophic if the /DELETE qualifier is used, deleting the original BACKUP save-set file during the encrypt operation. Therefore, it is recommended not to use /DELETE qualifier along with the /COMPRESS qualifier.

/ERASE Qualifier

When you delete or purge a file, the file's header record is destroyed so that the file can no longer be accessed by normal means. The information in the file, however, stays on the disk until it is overwritten. Disk scavenging is a technique used to obtain such file data from a disk. To thwart disk scavenging, use the /ERASE qualifier with the /DELETE qualifier. When you specify /ERASE, the OpenVMS operating system overwrites the location in which the input file was stored with the data security pattern. The data no longer exists.

The following command specifies that after SAVEDMAIL.MAI is encrypted, the input file is erased with the data security pattern before being deleted.

$ ENCRYPT /DELETE /ERASE SAVEDMAIL.MAI TWENTYFIVECENTS

Encryption Algorithms

Files are encrypted using a randomly generated data key. One benefit of this procedure is that two files identical in plaintext form and encrypted with the same command are not identical in their encrypted form.

The Encryption for OpenVMS implementation of DES uses the following modes of the DES algorithm:

  • Cipher Block Chaining (DESCBC)

  • Electronic Code Book (DESECB)

  • Cipher Feedback (DESCFB)

These modes perform the encryption operation differently, as follows:

  • DESCBC (default)

    1. Input is taken in 8-byte blocks.

    2. DESCBC performs an exclusive OR operation (XOR) on each block. (An XOR is a bit-by-bit modulo-2 addition without carrying. For example, the result of performing an XOR on the binary numbers 001 and 111 is 110.)

      The first XOR operation is performed on the first block of input and the initialization vector. (An initialization vector is used to start the chaining of data because there is no ciphertext to affect the encryption of the first block of data.)

    3. The resulting block is encrypted.

    4. The next XOR operation is performed on the resulting block of ciphertext and the next block of plaintext, and so on.

    5. If fewer than 8 bytes are left for the last iteration, the block is padded with bytes of arbitrary value.

    6. Each block of 8 bytes is encrypted under the same key value.

    7. The DESCBC algorithm is used to encrypt the data key and the initialization vector. The encrypted key and initialization vector are stored with the encrypted file. The DESCBC algorithm is also used by default to encrypt the file data.

  • DESECB

    1. Input is taken in 8-byte blocks.

    2. If the input consists of less than 8 bytes, it is padded with nulls.

    3. Each block is processed under the DES algorithm with the same key.

    4. The result is an 8-byte block of output that is independent of all other blocks of output.

  • DESCFB

    1. Input is taken as a series of 1-byte quantities.

    2. They are shifted to the left and concatenated with the results of previous iterations.

    3. DESCFB uses an initialization vector in the first iteration.

    4. Only the exact number of bytes specified in the input are used.

    5. The output byte count equals the input byte count (no padding).

AES algorithm uses the following modes:

  • Cipher block chaining:

    • AESCBC128 (default)

    • AESCBC192

    • AESCBC256

  • Electronic code book:

    • AESECB128

    • AESECB192

    • AESECB256

  • Cipher feedback:

    • AESCFB128

    • AESCFB192

    • AESCFB256

  • Output feedback:

    • AESOFB128

    • AESOFB192

    • AESOFB256

For details about the advantages of each mode, see one of the numerous texts available on this subject.

Encryption Algorithm Qualifiers

You can choose an encryption algorithm for encrypting either the data key or the file data. Figure 9-1 illustrates the relationship of encryption keys and algorithms. The figure shows that:

  • To encrypt the key — use the /KEY_ALGORITHM or /KEY_ALGORITHM=AESmmmkkk qualifier to specify an algorithm other than the default DESCBC or AESCBC128 algorithms.

  • To encrypt the file — use the /DATA_ALGORITHM or /DATA_ALGORITHM=AESmmmkkk qualifier to specify an algorithm other than the default DESCBC or AESCBC128 algorithms.

Here, mmm indicates the mode CBC, ECB, CFB, or OFB; and kkk indicates 128, 192, or 256 bits.

Figure 9-1 Relationship of Keys and Algorithms

Per-Thread Security Profile Model

The qualifier you use affects the decryption procedure:

  • If you use the /DATA_ALGORITHM qualifier to encrypt, you do NOT need to specify this algorithm when you decrypt.

  • If you use the /KEY_ALGORITHM qualifier to encrypt, you DO need to specify this algorithm when you decrypt.

/KEY_ALGORITHM Qualifier

To specify an algorithm other than the default, to encrypt the key and initialization vector, use the /KEY_ALGORITHM qualifier. This qualifier has the format:

/KEY_ALGORITHM={DESCBC (default)|AESmmmkkk

For example, the following command uses the DESCFB algorithm with the TWENTYFIVECENTS key to protect the data key and the initialization vector.

$ ENCRYPT /KEY_ALGORITHM=DESCFB SAVEDMAIL.MAI TWENTYFIVECENTS

You can use /KEY_ALGORITHM=AES as a shortcut for specifying AESCBC128. For example:

$ ENCRYPT file-name key-name /KEY_ALGORITHM=AES

/DATA_ALGORITHM Qualifier

To specify an algorithm for encrypting files other than the default, use the /DATA_ALGORITHM qualifier. This qualifier has the format:

/DATA_ALGORITHM={DESCBC (default)|AESmmmkkk

For example, the following command encrypts the SAVEDMAIL.MAI file using the Cipher Feedback mode of the DES algorithm (DESCFB).

$ ENCRYPT /DATA_ALGORITHM=DESCFB SAVEDMAIL.MAI TWENTYFIVECENTS

If you use the default value of DESCBC for the /DATA_ALGORITHM qualifier when encrypting a file, this qualifier is optional for decrypting the file.

You can use /DATA_ALGORITHM=AES as a shortcut for specifying AESCBC128. For example:

$ ENCRYPT file-name key-name /KEY_ALGORITHM=AES /DATA_ALGORITHM=AES

Specifying AES Data Algorithm and AES Key Algorithm

To select an algorithm other than the DESCBC default when encrypting files, Encrypt accepts the data and key algorithm qualifiers with the DCL ENCRYPT command and the key algorithm qualifier with the DECRYPT command.

When encrypting files with AES, specify both /DATA_ ALGORITHM=AESmmmkkk and /KEY_ALGORITHM=AESmmmkkk:

  • mmm defines the AES mode: ECB, CBC, CFB, or OFB

  • kkk defines the key size: 128, 192, or 256 bits (for 16-, 24- or 32-byte keys)

The key must match the key algorithm. An AES key must be used with an AES key algorithm, and a DES key must be used with the DES key algorithm. The data algorithm defaults to DES if the /DATA_ ALGORITHM=AESmmmkkk is not specified for the ENCRYPT command. When using DES keys and KEY_ALGORITHM=DES, the data is protected with a strong algorithm, but the key is not.

NOTE: The capability of mixing AES with DES keys and data algorithms is disabled and any attempt to mix the algorithms results in an ENCRYPT$_AESMIXDES error condition.

When decrypting files with AES, specify only the /KEY_ ALGORITHM=AESmmmkkk qualifier. The reason for this is that the key algorithm is used to decrypt the random-key record that contains the random key, which is then used to decrypt the data records of the file. Specifying the data algorithm is not necessary and it gives an unrecognized-qualifier error message.

NOTE: For an encrypt operation, if the /DATA_ALGORITHM=AES is specified without the /KEY_ALGORITHM, an error occurs. The default algorithm DESCBC is used to encrypt the random key record that contains the random key and file information. However, the user key must match the KEY algorithm; if not, an error occurs. For example, consider that the key-name is an AES key name and value. When the key is fetched from the logical name table and then is decrypted with the DES master key, the key decrypts garbage, and the operation fails with the following error message:
%STR-F-FATINTERR, fatal internal error

File Compression

To reduce the size of the plaintext file before encrypting it, use the /COMPRESS qualifier. Data compression can save media space when physically transporting encrypted files and can save time when electronically transporting encrypted files across a network.

Compression efficiency depends on the structure of the data in your file. Evaluate a performance tradeoff when deciding whether or not to use this qualifier. Decryption is generally faster on a compressed file, but encryption takes longer. You might choose to use the /COMPRESS qualifier when the following conditions apply:

  • The file will be decrypted many times.

  • The file is at least 200 disk blocks in size.

The following command compresses the SAVEDMAIL.MAI file before encrypting it.

NOTE: If you use the /COMPRESS qualifier when encrypting a file, you need not specify this qualifier when decrypting the file. If necessary, the file is automatically decompressed when it is decrypted.
$ ENCRYPT /COMPRESS SAVEDMAIL.MAI TWENTYFIVECENTS
NOTE: Do not use /DELETE qualifier with /COMPRESS because there may be scenarios when the ENCRYPT/COMPRESS command executes without error, but decryption fails. This can be catastrophic if the /DELETE qualifier is used, deleting the original BACKUP save-set file during the encrypt operation.

Displaying the Version Number

To identify the version of Encryption software running on your system, use the /VERSION qualifier. For example:

$ ENCRYPT /VERSION 
Copyright (c) Compaq 2001, Digital Equipment Corporation. 1978, 1997. All
rights reserved.
Compaq Encryption V1.6)