<h1 align='center'> COMP2420/COMP6420 - Introduction to Data Management, Analysis and Security</h1>

<h2 align='center'> Lab 10 - Security I</h2>

*****

## Aim

Our aims in this lab are:
1. Become exposed to various symmetric key cryptography approaches including: Ceasar Cipher, One-Time Pad and DES.
2. Understand the RSA asymmetric key cryptography approach and its potential weaknesses.
3. Model a key exchange method. In this instance, the Diffie-Hellman algorithm.

## Learning Outcomes
- L10: Explain key security concepts and the use of cryptographic techniques, digital signatures and PKI in security

## Preparation

Before starting this lab, we suggest you complete the following:
- Watch the Security Lectures from this course
- Make sure you're familar with the following ideas
    - [Symmetric Key Cryptography](https://www.hypr.com/symmetric-key-cryptography/)
    - [Asymmetric (Public) Key Cryptography](https://searchsecurity.techtarget.com/definition/asymmetric-cryptography)


The following functions/documentation may be useful for this lab:

| Function                     | Description |
| ---------------------------: | :---------- |
| [class definitions](https://docs.python.org/3.7/tutorial/classes.html) | General documentation for class implementations. This is the next evolution above using functions and methods, etc |

***

In [1]:
# Code Imports|
import numpy as np
import pandas as pd
import random

## Topic 1 - **Secret (Symmetric) Key Cryptography**
In the first topic, you will be working with symmetric key cryptography methods. A number of these algorithms are well known, such as AES, DES. While this is covered in detail in the lectures, the following graphic should be a good reminder of how symmetric key cryptography works.

<img src="./img/symmEnc.png" alt="Symm Example" style="width: 400px;"/>

<sub>Source: [Symmetric vs Asymmetric](https://www.ssl2buy.com/wiki/symmetric-vs-asymmetric-encryption-what-are-differences)</sub>

Within Symmetric Key Cryptography, there are two major types of [ciphers](https://en.wikipedia.org/wiki/Cipher) that are used: Stream Ciphers and Block Ciphers. For a quick introduction to both, read the [following article](https://www.jscape.com/blog/stream-cipher-vs-block-cipher). The following should jog your memory otherwise:

<img src="./img/blockandstream.png" alt="blockandstream Example" style="width: 400px;"/>

If you don't understand the above image, you should read the above article and ask your tutor.

Lets get started!

## Question 1: **Stream Cipher**

In Question 1, you will be dealing with some stream ciphers examples. The word 'stream' indicates that characters are processed individually during encryption/decryption stage. In this qustion the inputs will be a string containing <b>ONLY</b> lower-case letters. We have created below the conversion functions for your convenience. For example, a string 'apple' may be converted to a list of numbers [0,15,15,11,4] according to the alphabetical order of the letters.

In [2]:
# string and number conversion functions
def to_number(message):
    """Convert a string to a list of numbers"""
    return [ord(char) - 97 for char in message]

def to_string(nums):
    """Convert a list of numbers to a string"""
    return ''.join([chr(num +97) for num in nums])


### Q1.1: **Ceasar Cipher**

Let's start with something simple. Ceasar Cipher is the most simple and well know encryption method in the cryptography world, and you implemented this in an early lab. To encrypt a given message, Ceasar Cipher simply applies a fixed shifts on all letters in the message. In the next code block, we want you to implement this simple encryption method in a class format. This is designed to introduce you to python classes, and familarise yourself with the Ceaser Cipher system. You need to complete the `encrypt()` and `decrypt()` functions. Suppose your message is `attackatdawn` and your selected key is `c`, your encrypted message should be `cvvcemcvfcyp`, which is derived by shifting each letter in the original message by 2<sup>*</sup> letters forward.

<sup>*</sup> c is ordered as 2 in the alphabet

In [3]:
# Code here
class CeasarCipher:
    def __init__(self, key):
        self.key = key
    
    def set_key(self, key):
        self.key = key
        
    def encrypt(self, message):
        """Encrypt the message with the given key."""
        assert message.isalpha(), 'Message can only contain letters.'
        # TODO: encrypt the given message with key and return the encrypted message as a string.
        encryption = to_number(message)
        numkey = ord(key)-97
        encryption = [i + numkey for i in encryption]
        encryption = to_string(encryption)
        return encryption

    def decrypt(self, message):
        """Decrypt the message with the given key"""
        assert message.isalpha(), 'Message can only contain lowletters.'
        # TODO: decrypt the given message with key and return the decrypted message as a string.
        decryption = to_number(message)
        numkey = ord(key)-97
        decryption = [i - numkey for i in decryption] 
        decryption = to_string(decryption)
        print(decryption)
        return decryption 

Once finished, run the below code block to see your results!

In [4]:
# Test cases
message = 'attackatdawn'
key = 'c'
ceasar_cipher = CeasarCipher(key)
print (ceasar_cipher.encrypt(message))
assert message == ceasar_cipher.decrypt(ceasar_cipher.encrypt(message))

cvvcemcvfcyp
attackatdawn


### Q1.2: **One-Time Pad**
[One-time Pad](https://www.cryptomuseum.com/crypto/otp/index.htm) is believed to be the safest encryption method available. A one-time pad is uncrackable ([Terms and Conditions apply](https://medium.com/@canuteson/cracking-a-one-time-pad-a716a804d5bd)<sup>*</sup>). In the one-time pad encryption method , we need a key that is as long as the original message and each character in the original message is encrypted according to the character at the same position of the key. For example, for the same message 'attackatdawn' and given key 'sdifbsnoqwef', the first letter 'a' becomes 's' ('a' + 's' -> 's'), the second letter 't' becomes 'w' ('t' + 'd' -> 'w'), and so on. Similar to Question 1.1, complete encrypt() and decrypt() methods for our OneTimePad class.

<sup>*</sup> Talk to your tutor further about this if you are interested. Long story short, only use it once. (hence "One-Time")

In [5]:
# More code here
class OneTimePad:
    def __init__(self, key):
        self.key = key
    
    def set_key(self, key):
        self.key = key
        
    def encrypt(self, message):
        """Encrypt the message with the given key"""
        assert message.isalpha(), 'Message can only contain letters.' 
        # TODO: encrypt the given message with key and return the encrypted message as a string.
        added = [m+k  for m, k in zip(to_number(message), to_number(key))]
        return to_string( [num%26 for num in added])

    def decrypt(self, message):
        """Decrypt the message with the given key"""
        assert message.isalpha(), 'Message can only contain lowletters.'
        # TODO: decrypt the given message with key and return the decrypted message as a string.
        subtracted = [m-k  for m, k in zip(to_number(message), to_number(key))]
        return to_string( [num%26 for num in subtracted])

Once finished, run the below code block to see your results!

In [6]:
message = 'attackatdawn'
key = 'sdifbsnoqwef'
one_time_pad = OneTimePad(key)
print (one_time_pad.encrypt(message))
assert message == one_time_pad.decrypt(one_time_pad.encrypt(message))

swbfdcnhtwas


## Question 2: **Secret (Symmetric) Key Cryptography -  Block Cipher**

In Question 2, you will be dealing with some block cipher examples. If you're unsure what a block cipher is, go back to the introduction of Topic 1. The word 'block' indicates that blocks of bits are processed during encryption/decryption stage.

### Q2.1: **Simplified DES**
This question asks you to implement a simplified DES algorithm. DES is not (and [should not](https://www.freeswan.org/freeswan_trees/freeswan-1.5/doc/DES.html) be) used in day to day encrpytion, however since it was one of the first block cipher algorithms and unbreakable for it's time, it is a notable example. In this question, you get the lucky opportunity to implement the DES algorithm. Notice the small keys, which makes it very easy to crack.
*****

#### Key Generation: ####

Step 1: The first step is to select a key 10-bits, which is to be shared between sender and receiver. For example, we select 1010000010 in our case.
<b>Note: DES use 56-bit key.</b>

Step 2: Do a permutation by putting this key into P10 Table and permute the bits. Permutation here means reordering bits with given rules. P10 table is simply a 10-bit long number vector, which indicates the i-th bit in the source sequence, should be changed to the P10[i]-th bit in the target sequence. For example, given P10 table [3, 5, 2, 7, 4, 10, 1, 9, 8, 6], we know the 4-th bit in the target sequence should be the 7-th bit (which is 0) in the source sequence since P10[4] = 7. Our example key 1010000010 will be permutated to 1000001100 with the given P10 table. Let's call it p10-key.

Step 3: Divide the p10-key into two parts from the middle, and we will get left (10000) and right (01100) keys. We will generate two 8-bits keys <b>(DES use 48-bit subkeys)</b> for two-round encryption. <b>(DES has 16 rounds of encryption, thus, 16 sub keys.)</b>

Step 4: To generate first key, we do a 1-bit round shift on both left and right key and concatenate the left and right keys and do a P8 permutation. P8 permutation is similar to P10, except for using a 8-bit long number vector so we will get a 8-bit sequence as result. In our example, by doing the round bit shift we will get 00001 and **11000** (Note: keep these two keys since we will need them to generate the second key). Concatenating the two parts results in **0000111000**. After permutating with P8 table [6, 3, 7, 4, 8, 5, 10, 9] we will get first key k1 = 10100100.

Step 5: To generate second key, we do the similar thing as described in Step 4. The difference is, this time we do a 2-bit round shift on the resulting left and right keys from Step 4. Thus, we do 2-bit round shift of 00001 and **11000** and get 00100 (left) and **00011** (right). Then concatenate and permutated in the same way described in Step 4. Our second key k2 = 01000011.

#### Encryption:  ####

Step 1: Suppose our source text is 01110010 <b>(The source text is 8 bits in SDES and 64 bits in DES)</b>. Permute the source text with IP (initial permutation) table [2, 6, 3, 1, 4, 8, 5, 7]. The output is 10101001. Then we break the output from the middle and get left part (1010) and right part (1001). 

Step2: Then we will use a complex function f (including permutation and substitution operations) which tranform the output from initial permutation to another 8-bit sequence.
1. permute the right part (1001) with Expand Table E [4, 1, 2, 3, 2, 3, 4, 1]. This table expands the 4-bit right part into a 8-bit sequence **11000011**. 
2. do a bit-wise XOR with our first key k1 (10100100) and get **01100111**.
3. Then, split the output into two equal parts from the middle and get left (**0110**) and right (**0111**).
4. Put the left and right part into S1 and S2 boxes (S indicates substitution) and combine the result. Substitution returns a 4-bit sequence 1011 
5. Permute the 4-bit sequence with P4 table and get 0111
6. Do XOR this 4-bit sequence (0111) with the left part of initial permutation (in Step 1), which is 1010. 0111 XOR 1010 = 1101.
7. Combine the result from last step with the right part of initial permutation (in Step 1), which is 1001. This will result in 11011001

Step3: Split the result from Step2, swap right and left part and combine again. We will get 10011100. Then, we use function f again on this swapped sequence (which means, repeat Step 2). The only difference is we will use second key k2 for XOR operation in Step2.2. We will get 11101101.

Step4: Do a Initial Permutation (IP) Inverse on result from Step3 (11101101) and we will get the final result  **01110111**.

##### Decryption: ####

Decryption is very similar to encryption. To decrypt a message, we only need to swap the order of subkeys, which means using second key in Step2 and first key in Step 3.

In [13]:
# helper functions and pre-defiend permutation/substitutio tables
def permutation(perm, key):
        """Permutate key with the specified permutation table"""
        permutated_key = ""
        for i in perm:
            permutated_key += key[i-1]
        return permutated_key

def Sbox(input, sbox):
        """Substitute key with the specified S-Box"""
        row = int(input[0] + input[3], 2)
        column = int(input[1] + input[2], 2)
        return bin(sbox[row][column])[2:].zfill(2)

    # pre-defined permutation and substitution tables.
P10 = (3, 5, 2, 7, 4, 10, 1, 9, 8, 6)
P8 = (6, 3, 7, 4, 8, 5, 10, 9)
P4 = (2, 4, 3, 1)

IP = (2, 6, 3, 1, 4, 8, 5, 7)
IPi = (4, 1, 3, 5, 7, 2, 8, 6)
E = (4, 1, 2, 3, 2, 3, 4, 1)

S0 = [
            [1, 0, 3, 2],
            [3, 2, 1, 0],
            [0, 2, 1, 3],
            [3, 1, 3, 2]
         ]

S1 = [
            [0, 1, 2, 3],
            [2, 0, 1, 3],
            [3, 0, 1, 0],
            [2, 1, 0, 3]
         ]
class SDES:
    # source :https://github.com/GeoffreyVDB/SDES-decryption/blob/master/SDES.py
    
    def __init__(self, key):
        self.key = key
        self.first_key,self.second_key = self.generate_subkeys()
        


    def f(self, first_half, second_half, key):
        """A complex funtion to transform message"""
        expanded_cipher = permutation(E, second_half)
        #print ('after expansion:',expanded_cipher)
        xor_cipher = bin( int(expanded_cipher, 2) ^ int(key, 2) )[2:].zfill(8)
        #print ('after xor with key:', xor_cipher)
        left_xor_cipher = xor_cipher[:4]
        right_xor_cipher = xor_cipher[4:]
        left_sbox_cipher = Sbox(left_xor_cipher, S0)
        right_sbox_cipher = Sbox(right_xor_cipher, S1)
        #print ('left and right after s-box:', left_sbox_cipher,right_sbox_cipher)
        p4_permutated = permutation(P4, left_sbox_cipher + right_sbox_cipher)
        #print ('after p4 permutation', p4_permutated)
        left = int(first_half, 2) ^ int(p4_permutated, 2)
        #print ("Fk: " + bin(left)[2:].zfill(4) + second_half)
        return bin(left)[2:].zfill(4), second_half



    def generate_first_key(self, left_key, right_key):
        """Generate first key"""
        # TODO: 1-bit round shift on both left and right keys
        left_key_rot = left_key[1:] + left_key[:1]
        right_key_rot = right_key[1:] + right_key[:1]

        # TODO: concatenate shifted left and right parts
        key_rot = left_key_rot + right_key_rot

        # TODO: do p8 permutation on the concatenated key and return the result
        return permutation(P8, key_rot)

    def generate_second_key(self, left_key, right_key):
        """Generate Second key"""
        # TODO: 2-bit round shift on both left and right keys
        left_key_rot = left_key[3:] + left_key[:3]
        right_key_rot = right_key[3:] + right_key[:3]

        # TODO: concatenate shifted left and right parts
        key_rot = left_key_rot + right_key_rot

        # TODO: do p8 permutation on the concatenated key and return the result
        return permutation(P8, key_rot)


    def generate_subkeys(self):
        """Generate two subkeys with the given key"""
        # TODO: do p10 permutation on the given key.
        p10key = permutation(P10, self.key)

        # TODO: seperate p10 permutated key into two parts: left and right. 
        left = p10key[:int(len(p10key)/2)]
        right = p10key[int(len(p10key)/2):]

        # Then generate first and second subkeys with generate_first(second)_key method.
        first_key = self.generate_first_key(left, right)
        second_key = self.generate_second_key(left, right)
        print ("[*] First key: " + first_key)
        print ("[*] Second key: " + second_key)
        return first_key, second_key

    def encrypt(self, message):
        """Encrypt the given message with two subkeys"""
        # TODO : do initial permutation with IP table.
        permutated_cipher = permutation(IP, message)

        # TODO: separate the permutated message into two parts.
        first_half_cipher = permutated_cipher[:int(len(permutated_cipher)/2)]
        second_half_cipher = permutated_cipher[int(len(permutated_cipher)/2):]

        # TODO: do first round processing with provided f function and first subkey
        left, right = self.f(first_half_cipher, second_half_cipher, self.first_key)

        # TODO: do second round processing with provided f function and second subkey
        # Hint: do not forget to switch left and right parts!
        left, right = self.f(right, left, self.second_key ) # switch left and right!

        # TODO: do inverse permutation with IPi table and return the encrypted message
        encrypted = permutation(IPi, left + right)
        return encrypted

    def decrypt(self, message):
        """Decrypt the given message with two subkeys"""
        # TODO : do initial permutation with IP table.
        permutated_cipher_dec = permutation(IP, message)

        # TODO: separate the permutated message into two parts.
        first_half_cipher_dec = permutated_cipher_dec[:int(len(permutated_cipher_dec)/2)]
        second_half_cipher_dec = permutated_cipher_dec[int(len(permutated_cipher_dec)/2):]

        # TODO: do first round processing with provided f function and first subkey
        # Hint use second key in first round.
        left, right = self.f(first_half_cipher_dec, second_half_cipher_dec, self.second_key)

        # TODO: do second round processing with provided f function and second subkey
        # Hint: do not forget to switch left and right parts!
        left, right = self.f(right, left, self.first_key ) # switch left and right!

        # TODO: do inverse permutation with IPi table and return the decrypted message
        decrypted = permutation(IPi, left + right)
        return decrypted




Once finished, run the below code blocks to see your results!

In [14]:
key = '1010000010'
sdes = SDES(key)
message = "00000000"
print ('Original message: ', message)
encrypted_message = sdes.encrypt(message)
print ('Ecnrypted message: ', encrypted_message)
decrypted_message = sdes.decrypt(encrypted_message)
print ("Decrypted message: " + decrypted_message)

[*] First key: 10100100
[*] Second key: 01000011
Original message:  00000000
Ecnrypted message:  11001110
Decrypted message: 00000000


Run below blocks to see the magic on strings.

In [15]:
import numpy as np
class SDESCipher():
    def __init__(self, sdes):
        self.sdes=sdes
        
    def text_to_bitstring(self,text):
        bits = bin(int.from_bytes(text.encode(), 'big'))[2:]
        return ''.join(list(map(str, bits.zfill(8 * ((len(bits) + 7) // 8)))))

    def text_from_bitstring(self, bits):
        n = int(bits, 2)
        return n.to_bytes((n.bit_length() + 7) // 8, 'big').decode()

    def encrypt(self, text):
        bitstring=self.text_to_bitstring(text)
        splited = np.array_split(list(bitstring), int(len(bitstring)/8))
        encrypted = ''.join([self.sdes.encrypt(bitlist)for bitlist in splited])
        return encrypted

    def decrypt(self, bitstring):
        splited = np.array_split(list(bitstring), int(len(bitstring)/8))
        decrypted = [self.text_from_bitstring(self.sdes.decrypt(bitlist))for bitlist in splited]
        return ''.join(decrypted)
        
key = '1010000010'
sdes = SDES(key)
sdescipher = SDESCipher(sdes)
message = 'Attack at dawn!'
encrypted = sdescipher.encrypt(message)
print ('Encrypted text is: ', encrypted)
decrypted = sdescipher.decrypt(encrypted)
print ('Decrypted text is: ', decrypted)

[*] First key: 10100100
[*] Second key: 01000011
Encrypted text is:  000101011000111010001110100111011110100001101010011000101001110110001110011000101011011110011101101001100101101000101001
Decrypted text is:  Attack at dawn!


*****
## Topic 2 - Asymmetric Key Cryptography 
In the second topic, you will be working with an asymmetric (public) key cryptography method. RSA, TLS/SSL, and homomorphic encrpytion (such as [Microsoft's SEAL](https://github.com/microsoft/SEAL)) protocols make use of public key cryptography architecture. Once again, this is covered in detail in the lectures, however the following graphic should be a good reminder of how asymmetric key cryptography works.

<img src="./img/asymmEnc.png" alt="Asymm Example" style="width: 400px;"/>

<sub>Source: [Symmetric vs Asymmetric](https://www.ssl2buy.com/wiki/symmetric-vs-asymmetric-encryption-what-are-differences)</sub>

While multiple methods as mentioned above, we will only be focusing on RSA in this lab to showcase how the public-key/private-key system works.

Lets get started!

## Question 3: **Public (Asymmetric) Key Cryptography -  RSA**
In this question, you will be implementing a simplified RSA algorithm. RSA has been available for over 25 years, to varying key lengths. The algorithm is designed such that varying keys can be used, and larger keys generally mean larger security (as the factorisation becomes more computationally intensive). For many years, RSA Laboratories ran a competition to determine whether people can factorise (read: break) the RSA algorithm at varying key lengths. Although the competition is now withdrawn, many loyal researchers still continue to determine new and faster ways to break the algorithm. Most recently, [RSA-240 (a 795-bit key) was broken](https://www.johndcook.com/blog/2019/12/03/new-rsa-factoring/). At this stage, while RSA-1024 is currently considered the most popular, RSA-2048 or RSA-4096 are considered safe (for now). 

Side note: When people discuss quantum computing breaking encryption, they are referring to RSA. [Further Reading](https://www.technologyreview.com/s/613596/how-a-quantum-computer-could-break-2048-bit-rsa-encryption-in-8-hours/).

*****

### Q3.1: **Implementing RSA**
Recall the foundations of RSA algorithm:
1. Choose two large prime numbers `p` and `q`, compute `N = p * q`. Any message to be encrypted cannot be longer than `N`.
2. Calculate `r = (p-1)(q-1)`
3. Choose a random number `e`, such that `e < N` and `e` does not share any common factors with `r`.
4. Cauculate number `d`, such that `e*d mod(r) = 1`. `d` is guaranteed to exist.
5. Generate `public key = (N,e)` and `private key (N,d)`
6. Encryption: `c = m^e mod N`, where `m` is the original message and `c` is the encrypted message.
7. Decryption: `m = c^d mod N`, where `m` is the decrypted message and `c` is the encrypted message.

In this question, complete the generate_key_pair(), encrypt() and decrypt() functions to implement the simple RSA algorithm. 

Hint: You can use the provided are_relatively_prime() function to determine if two numbers share common factors.

In [16]:

def are_relatively_prime(a, b):
    """Return ``True`` if ``a`` and ``b`` are two relatively prime numbers.

    Two numbers are relatively prime if they share no common factors,
    i.e. there is no integer (except 1) that divides both.
    """
    for n in range(2, min(a, b) + 1):
        if a % n == b % n == 0:
            return False
    return True

def generate_key_pair(p,q):
    
    # TODO: Calculate N = p*q and r = (p-1)(q-1)
    N = p*q 
    r = (p-1)*(q-1) 
    
    # TODO: choose a random number e such that e < N and e and r share no common factors.
    for candidate in range(3, r, 2):
        if are_relatively_prime(candidate, r):
            e = candidate  # not random in this implementation
            break
            
    # TODO:calculate number d, such that e*d mod (r) = 1
    d = 0
    for candidate in range(3, r, 2):
        if candidate * e % r == 1:
            d = candidate
            break     
    
    # return public key and private key pairs.
    public_key = (N,e)
    private_key = (N,d)
    return public_key, private_key

def encrypt(public_key, message):
    # TODO: encrypt the given message with the public key 
    return  pow(message,public_key[1]) % public_key[0]

def decrypt(private_key, message):
    # TODO: retrieve the original message from the encrypted message with your private key 
    return  pow(message,private_key[1]) % private_key[0]

Once finished, run the below code block to see your results!

In [17]:
# test cases
p = 5
q = 11
msg = random.randint(1,p*q)
public_key, private_key = generate_key_pair(5,11)
print ('public key is {}, private key is {}'.format(public_key, private_key) )
print ('message: {}'.format(msg))
print ('encrypted message: {}'.format(encrypt(public_key,msg)))
print ('decrypted message: {}'.format(decrypt(private_key,encrypt(public_key,msg) )))

public key is (55, 3), private key is (55, 27)
message: 46
encrypted message: 41
decrypted message: 46


### Q1.2: **Cracking RSA**
Back to what we discussed in the topic piece before.

Is RSA 100% safe? The answer is obviously not. However, do you know how to crack the algorithm even if you know its crackable? Let's move the first step towards being a cryptography pro. The problem can be described as follow:

Given the public key pair (N,e) and the encrypted message c, can you find the original message m?

To solve this problem, we still need to work from the fundamental math. 
- We know that large number `N` is the product of two primes. 
- If you can factorize `N`, that means you can get `p` and `q` such that `p*q = N`
- you can also know `r` since `r = (p-1)(q-1)`. 
- With the same equation we used to calculate `d` in our RSA implementation, that is, `e*d mod(r) = 1`, we can retrieve `d` and form the `private key pair(N, d)`. 
- The last and easist step will be decrypt the message `c` with our fresh private key.  

To verify our plan, implement crack_rsa() in the below code block. 

Hint: Feel free to use provided factorization() function for finding the factors of a number!

In [18]:
def factorization(num):
    print ('factorizing given number...')
    factor = []
    while num > 1:
        for i in range(num - 1):
            k = i + 2
            if num % k == 0:
                factor.append(k)
                num = int(num / k)
                break
    return factor


def crack_rsa(encrypted_message, public_key):
    # TODO: find the factors of the given prime number N.
    factors = factorization(public_key[0])
    e = public_key[1]
    # TODO: calculate r with the result of factorization
    r = (factors[0]-1)*(factors[1]-1)
    # TODO: calculate d with e*d mod(r) = 1
    for cand in range(3, r, 2):
        if cand * e % r == 1:
            d = cand
            break  
    # TODO:decrypt the given message with private key pair (N, d)
    decrypted_message = decrypt((public_key[0],d),encrypted)
    return decrypted_message
    
        

Once finished, run the below code block to see your results!

In [20]:
# test cases
def get_primes(start, stop):
    """Return a list of prime numbers in ``range(start, stop)``."""
    if start >= stop:
        return []

    primes = [2]

    for n in range(3, stop + 1, 2):
        for p in primes:
            if n % p == 0:
                break
        else:
            primes.append(n)

    while primes and primes[0] < start:
        del primes[0]

    return primes

primes_candidates = get_primes(100,999)
p = random.choice(primes_candidates)
q = random.choice(primes_candidates)
public_key, private_key = generate_key_pair(p,q)
message = random.randint(0,100)
encrypted = encrypt(public_key,message)
print ('You know: encrypted message = {}, public key = {}, can you get the original message?'.format(encrypted, public_key))

decrypted_message = crack_rsa(encrypted, public_key)

if decrypted_message == message:
    print ('You found the original message {} !!!'.format(message))
else:
    print ('You never gonna know what I said!' )

You know: encrypted message = 66808, public key = (391649, 5), can you get the original message?
factorizing given number...
You found the original message 20 !!!


*****
## Topic 3 - Key Exchanges
To finish off, we will be looking at the Diffie-Hellman Key Exchange as an example of Key Exchange algorithms. Recall a key exchange algorithm is required to securely communicate a secret key between two parties. This is used in Symmetric Key Cryptography, as the same key is required to encrypt and decrypt data. With Asymmetric Key Cryptography now so popular, key exchanges are now less common due to smaller uses of symmetric keys, although they are still used in some cases. 

So how do you transfer a key? Rather than posting a USB with the key, or transmitting the key over an unencrypted connection, you need a way to determine a secure connection to then transmit information. That is how the Diffie-Hellman Key Exchange became so popular.

Enough history, lets implement it.

## Question 4: **Diffie-Hellman Key Exchange**
Your task here is to complete the below code in the class to allow a person to interact in a key exchange. Recall the key exchange method: 

![Diffee-Hellman Example](./img/diffieHellman.png)

Complete the class and example to enact the key exchange.

In [21]:

class Person:
    def __init__(self,p,g):
        self.p = p
        self.g = g
        self.my_secrete_number = random.randint(1,10)
        self.others_secrete_number = 0
        
    def tell(self, person):
        person.others_secrete_number = self.compute_number_to_share()
    
    def compute_number_to_share(self):
        # TODO: calculate the number to share, as defined by A in the above image
        return pow(self.g, self.my_secrete_number) % self.p
    
    def get_common_key(self):
        # TODO: calculate the value K as defined in the above image
        return pow(self.others_secrete_number, self.my_secrete_number) % self.p
         

In [22]:
prime_number = 23
generator = 11

Alice = Person(prime_number,generator)
Bob = Person(prime_number,generator)

Alice.tell(Bob)
Bob.tell(Alice)

print("Alice's key is: {}".format(Alice.get_common_key()))
print("Bob's key is: {}".format(Bob.get_common_key()))

Alice's key is: 4
Bob's key is: 4


*****

## Homework & Extension Questions
You've gotten this far, so additional questions for this week. Finish your assignments.

*****
## Resources
All the resources you need have been linked in the particular topics, so find the hyperlinks and talk to your tutors.