Symmetric pass phases are for limited number of uses only and should be as random as permissible. As a result the key lengths can be shorter and still be secure. The shorter length allows for encryption with a reduced computational load on the processor. In this example we will use the OpenSSL program to generate a random passphrase.
Enter the following commands to generate a random key pair. These commands will generate a 128-bit RSA public key that is stored in the file sym-key-$$.pem.
$ openssl genrsa -out private-$$.pem 128 $ openssl rsa -in private-$$.pem -out public-$$.pem -outform PEM –pubout
![]() | What does '$$' mean? |
---|---|
The $$ in the above command will return the current process number. |
Because we will be using only the data from the random public key for the passphrase, we will strip the leading and trailing lines from the key creating a new passphrase. The passphrase will be stored in the file passphrase-$$.
$ grep -v -i “public key” public-$$.pem | tr -d '\n' > passphrase-$$
Depending on how secure you systems are you may want to delete the private and public keys at this time. They will not be required for any additional processing.
$ rm public-$$.pem private-$$.pem