# Cryptographic Services

Cryptography is the practice of secure communication by converting data into a format that is unintelligible to unauthorized parties.

It ensures confidentiality, integrity, authentication, and non-repudiation of data.

The process involves encryption, which transforms plaintext into ciphertext, and decryption, which converts ciphertext back to plaintext.

Cryptography relies on algorithms and keys to perform encryption and decryption operations.

**Types of cryptography**
- Symmetric Cryptography:
    - It uses the same secret key for both encryption and decryption.
    - The primary challenge is secure key exchange between parties
    - Popular symmetric algorithms include Advanced Encryption Standard (AES), Data Encryption Standard (DES), and Triple DES (3DES).

- Asymmetric Cryptography:
    - It uses a pair of keys: public key for encryption and private key for decryption.
    - Data encrypted with the public key can only be decrypted using the corresponding private key.
    -  It facilitates secure key exchange as parties can share their public keys openly.
    -  Common asymmetric algorithms include RSA (Rivest-Shamir-Adleman) and ECC (Elliptic Curve Cryptography).

**Notes:**
- These algorithms are backed by complex mathematics and architecture which is whole topic of study in itself.
- `cryptography` library used to implement cryptographic services in python and has to be installed using command:
  
```bash
pip install cryptography
```

Except this external `cryptography` library python has some built-in modules that provide few basic Cryptographic Services.
- `hashlib`
- `secrets`
- `hmac`

In [2]:
# Example of symmetric encryption using AES

from cryptography.fernet import Fernet

# Generate a random key
key = Fernet.generate_key()

# Initialize the Fernet cipher with the key
cipher = Fernet(key)

# Encrypt plaintext
plaintext = "Hello, this is a secret message.".encode()
ciphertext = cipher.encrypt(plaintext)

# Decrypt ciphertext
decrypted_text = cipher.decrypt(ciphertext).decode()

print("Encrypted Text:", ciphertext)
print("Decrypted Text:", decrypted_text)

Encrypted Text: b'gAAAAABky776SNvEcPMRssTU-iyLbeAKVNB51KEEx0MUGd8QEGxHJGg0TGg6-ZGOHIfZ4UWc42PdkNtzhXBDGfA9vTuzIE3IACuTTMjS5VUcTz4LtYLiBqJ9zSlP2BhN3JvjYu_Y3JWC'
Decrypted Text: Hello, this is a secret message.


In [1]:

# Example of asymmetric encryption using RSA

from cryptography.hazmat.backends import default_backend
from cryptography.hazmat.primitives import serialization, hashes
from cryptography.hazmat.primitives.asymmetric import rsa, padding

# Generate RSA key pair
private_key = rsa.generate_private_key(public_exponent=65537, key_size=2048, backend=default_backend())
public_key = private_key.public_key()

# Encrypt plaintext with the public key
plaintext = "Hello, this is a secret message.".encode()
ciphertext = public_key.encrypt(plaintext, padding.OAEP(mgf=padding.MGF1(algorithm=hashes.SHA256()), algorithm=hashes.SHA256(), label=None))

# Decrypt ciphertext with the private key
decrypted_text = private_key.decrypt(ciphertext, padding.OAEP(mgf=padding.MGF1(algorithm=hashes.SHA256()), algorithm=hashes.SHA256(), label=None)).decode()

print("Encrypted Text:", ciphertext)
print("Decrypted Text:", decrypted_text)

Encrypted Text: b'RK\xee\x0e\x02\x81\x05\x06\xc9\x8c\xad\xb4\x8fe1\x05\xc2\x14${\xa6\xe4\x0c\xf5d\xb5\xc1\x1a[QFU\xc9\xb6\x9e!\xe7\x89\xb7\xdb\xb4\x8e*\xfd\xea\xed\xc8\xc7;\xc0X\xc4\x7f\xd0&KI\x9f\x91A\xd1\x80\x9aB\xe1\xcd\xc6i\x84W%\x96/\xbeQ5;\xaa\xc6\xd5\xf1p6\xdd5\xf8\xed\xb6+\x0e\xa9\x99\xef\xa2\x17\x8d\xd9\xb1\xf0\x0fh<QA\x92R\xe9\xdfj\xe5/!F\x01h\xbe\x17\x90fl\xa3\xad\xdef\xb6\xbd\xca\x99\x03\x97\xaa\xcb\x00C\x87\xc7\x01=<*o\x1c\x01Q"}F\x92\xb20\xe5\x15\xf3\xa6pxq{\x1c>\xd7&\x05I\x92\xbd&\xc03\xbf\xad\xb3\x1aj`\x1d`\xa7\xd8\xfdJ]\x1a\'\xabNa\x81\x9d\x88\x0e\xd7{\xd6\xb3\xd2}<\xd9\xc6\xb5x\xe1u\x90en\xa2\xd1\xd7\nuC\xcc1\xbd\xcbR\xfdnQ\x81\xe70\xfa\x97\xe0\x0c\x94\xbf\x0f{qB,\x931\xd4+\xed\xb0\xa1\xb7\xd0\xa3R\xd4&OS\x04\xbady\xf9\xde'
Decrypted Text: Hello, this is a secret message.


## Hashlib 

This module implements a common interface to many different secure hash and message digest algorithms.

Term "secure hash" & "message digest" are interchangeable.

Hash algorithms are implemented in three steps:
- Declaring constructor of type hashing algorithm which return that particular type of hash using `algorithmname()`
- Feeding this hash object using the `update` method
- Digesting the concatenated data using `digest()` or `hexdigest()`

**Available Hashing Algorithms**
These are the base algorithms available in all python versions, additional algorithms may be available depending on python version.
`sha1(), sha224(), sha256(), sha384(), sha512(), sha3_224(), sha3_256(), sha3_384(), sha3_512(), shake_128(), shake_256(), blake2b(), and blake2s(). md5() `

In [3]:
import hashlib
m = hashlib.sha256()
m.update(b"shyam shyam")
m.update(b" ram ram")
m.digest()

b'>l\x1b\x0f~\xe7\x88\x06\xaf\x94\xa5\x12\x1f\x9f\xa4\x95\x17\x11\x80\x8cf\xc2!\xcc\x03\x94kJ#\x03]\x9f'

In [4]:
m.hexdigest()

'3e6c1b0f7ee78806af94a5121f9fa4951711808c66c221cc03946b4a23035d9f'

Digesting files using hashlib.

In [None]:
import io, hashlib, hmac
with open(hashlib.__file__, "rb") as f:
    digest = hashlib.file_digest(f, "sha256")

digest.hexdigest()  