How to send a message to your friend over insecure lines and be sure that only they can read it
Very easy! If you both have Linux or Mac environment and can use command line:
-
The person receiving the message generates public and private keys, like this:
openssl genpkey -out key.priv -outpubkey key.pub -algorithm RSAThen they send the public key (
key.pub) to the person sending the message, and keep the private key (key.priv) to themselves for step 3. -
The person sending the message encrypts it like this:
openssl pkeyutl -encrypt -inkey key.pub -pubin -in file.txt -out file.rsaWhere
file.txtcontains the message you want to encrypt. If you omit the-in file.txtpart, you can simply type the message in console. This command will createfile.rsafile with encrypted message. Send it to the person receiving the message. -
The person receiving the message can decrypt it using the private key generated on step 1, like this:
openssl pkeyutl -decrypt -inkey key.priv -in file.rsa # -out file.txtNote that if you add
-out file.txtpart, then the secret message will be saved infile.txt, otherwise you'll see it on screen.
Source which uses older openssl commands
Alternatively, if some of you don't have Linux or Mac, or are not very comfortable with command line, you could simply use a web browser: https://lex-2008.github.io/pkc/
Also note that it's best to avoid encrypting big files using asymmetric cyphers. If you need to transfer some big files - it's better to put them in a password-protected archive, and use asymmetric encryption to share only the password.