Generate a limited use only symmetric passphrases

Symmetric pass phases are for limited number of uses only and should be as random as permissible. As a result the key lengths can be shorter and still be secure. The shorter length allows for encryption with a reduced computational load on the processor. In this example we will use the OpenSSL program to generate a random passphrase.

Enter the following commands to generate a random key pair. These commands will generate a 128-bit RSA public key that is stored in the file sym-key-$$.pem.

$ openssl genrsa -out private-$$.pem 128
$ openssl rsa -in private-$$.pem -out public-$$.pem -outform PEM –pubout
        
[Note]What does '$$' mean?

The $$ in the above command will return the current process number.

Because we will be using only the data from the random public key for the passphrase, we will strip the leading and trailing lines from the key creating a new passphrase. The passphrase will be stored in the file passphrase-$$.

$ grep -v -i “public key” public-$$.pem | tr -d '\n' > passphrase-$$
        

Depending on how secure you systems are you may want to delete the private and public keys at this time. They will not be required for any additional processing.

$ rm public-$$.pem private-$$.pem