<h1 align="center"><b> Security for the Internet of Things </b></h1>

<p> This report is done by <b>Carlita Khawand & Hussein Jaber</b> for the course <b>Security for Connected Objects</b>.</p>
<p>The work on the TPs was supervised by Professor <b>Christophe GUYEUX</b>.</p>

<h2><b> I- INTRODUCTION TO IOT SECURITY </b></h2>

<p> IoT security is a type of cybersecurity that focuses on protecting the digital data shared and stored on the internet by a network of connected devices. </p>
<p> In order to do that, many new techniques were developped that make sure the adversary does not find the secret key that will help him encrypt the data or that at least the probability of him finding this secret is super low. This makes it clear that the computer security relies on problems that are considered difficult arithmetic problems. So, in other words, probability and complexity play an important role in cryptography.</p>
<p> Two numbers will be generated: <b>Prime Number</b> (the secret key) and <b>Random Number</b> (produced by sensors or algorithms).</p>

<h2><b> II- A SYMMETRICAL ENCRYPTION ALGORITHM FOR THE IOT </b></h2>

<p> The one time pad technique is an encryption technique that requires the use of a single pre-shared key. A plaintext message is paired with one random secret key where it will be encrypted by combining each bit or character from the message with the corresponding bit or character from the secret key. This same key will be then used in order to decrypt the message on the receiving end. That is why we call this method a symetrical technique.</p>
<p> To apply this technique, few rules should be respected: 
  <ul>
    <li> The key generated must be random </li>
    <li> The size of the key generated is the same as the size of the message.</li>
    <li> The key must be used only once. </li>
  </ul>
</p>

<p> Let's see how we can apply this technique using a simple symetrical encryption algorithm. </p>
<p>First, Let's start by importing the necessary libraries for this code.</p>

In [None]:
import random
import numpy as geek

<p> Now, we can define the function that generated a random key given the size of the message.</p>

In [None]:
def randomKey(size):
  key = ""
  for i in range(size):
    temp = str(random.randint(0, 1))
    key += temp
  return(key)

<p> Then, we will define the encrypt function that will be based on a xor operation between the key and message. </p>

In [None]:
def encrypt(message, key):
  messageArray = []
  keyArray = []
  for i in range(0, len(message)):
    messageArray.append(int(message[i]))
    keyArray.append(int(key[i]))
  encryptedMessageArray = geek.bitwise_xor(messageArray, keyArray)
  encryptedMessage = ""
  for i in range(0, len(message)):
    encryptedMessage += str(encryptedMessageArray[i])
  return encryptedMessage


<p> The decrypt function is a basic call for the encrypt function as it also applies xor on the encrypted message and the key to get the original message.</p>

In [None]:
def decrypt(encryptedMessage, key):
  message = encrypt(encryptedMessage, key)
  return message

<p> Now that we defined the needed functions, we can run our code and test the algorithm. </p>

In [None]:
isDigit = False
while not isDigit:
  message = input("Enter your bit message: ")
  messageSet = set(message)
  s = {'0', '1'}
  # check if message is a bit sequence
  if s == messageSet or messageSet == {'0'} or messageSet == {'1'}:
      isDigit = True
  else :
      print("The user input is not a sequence of bits! Please try again")

messageLength = len(message)
key = randomKey(messageLength)
print("The random key generated is: " + key)

encryptedMessage = encrypt(message, key)
print("The encrypted message is: " + encryptedMessage)

decryptedMessage = decrypt(encryptedMessage, key)
print("The decrypted message is: " + decryptedMessage)

Enter your bit message: 0010010100011110011111110
The random key generated is: 0101101010100110111011011
The encrypted message is: 0111111110111000100100101
The decrypted message is: 0010010100011110011111110


<p> As we can see, after running the code and seeing the results we got, the decrypted message at the end is the same as the original message from the user's input. So, this is a basic example of the symetrical encryption using XOR.</p>

<h2><b> III- CONSTITUTION OF RANDOM GENERATORS </b></h2>

<p>A random number generator is a hardware device or software algorithm that generates a number and it is one of the foundations of computer security.</p>
<p> Two main types of random number generators are pseudo random number generators and true random number generators:
  <ol>
    <li> Pseudo Random Number Generators 
      <ul>
        <li>The generators are software algorithms.</li>
        <li>The output is not truly a random number.</li>
        <li>It can generate the same pseudo-random numbers twice by providing the same seed.</li>
      </ul>  
    </li>
    <li> True Random Number Generators 
      <ul>
        <li>The generators are hardware (sensors).</li>
        <li>The output is a true random variable.</li>
        <li>This random is not reproducible.</li>
      </ul>
    </li>  
  </ol>
</p>

<h4><b> III.1 - LINEAR CONGRUENTIAL GENERATORS </b> </h4>

<p>A linear congruential generator (LCG) is an algorithm that yields a sequence of pseudo-randomized numbers. The method represents one of the oldest and best-known pseudorandom number generator algorithms.</p>

<p> They have a low complexity which makes them usable in IoT but they are unsafe which is why other new generators were introduced. </p>

<p> The LCG is defined by:</p>
<p align="center"><i>$X_{n+1} = (a . X_n + c)$%m</i></p>
<p><i> with: </i>
  <ul>
    <li>c  and m are coprime integers (their gcd is 1).</li>
    <li>For each prime number p dividing m, (a−1) is a multiple of p.</li>
    <li> m multiple of 4 ⇒(a−1) multiple of 4.</li>
    <li> c≠0. </li>
  </ul>
</p>

<p> Let's test this LCG with a simple algorithm. </p>
<p> First, let's start by implementing the lcg function that computes the value of x.</p>

In [None]:
def lcg(x, a, c, m):
    while True:
        x = (a * x + c) % m
        yield x

<p>The random_uniform_sample function will return a sample generated using the lcg function. </p>

In [None]:
def randomUniformSample(a, c, m, n, interval, seed=0):
    bsdrand = lcg(seed, a, c, m)

    lower, upper = interval[0], interval[1]
    sample = []

    for i in range(n):
        observation = (upper - lower) * (next(bsdrand) / (2 ** 31 - 1)) + lower
        sample.append(round(observation))

    return sample

<p> Now, we can test the code using a = 1103515245, c = 12345 and m = 2 ** 31.</p>



In [None]:
a, c, m = 1103515245, 12345, 2 ** 31
generatedSample = randomUniformSample(a, c, m, 10, [0, 10], 1)
print("The generated sample is: ")
print(generatedSample)

The generated sample is: 
[5, 2, 3, 5, 9, 2, 7, 2, 5, 1]


<p> In order to check that the numbers produced look random, we will check the number of odd and even numbers. So, we have to write a function that counts the odd and even numbers of a sample.</p>

In [None]:
def evenOddFrequency(generatedSample):
  nbEven = 0
  nbOdd = 0
  for nb in generatedSample:
        if not int(nb) % 2:
    	     nbEven+=1
        else:
    	     nbOdd+=1
  print("Number of even numbers: " + str(nbEven))
  print("Number of odd numbers: " + str(nbOdd))

<p> To test the evenOddFrequency function, we have to generate five samples and check the frequency of each one.</p>

In [None]:
a, c, m = 1103515245, 12345, 2 ** 31
for i in range(1, 6):  
  generatedSample = randomUniformSample(a, c, m, 10, [0, 10], i)
  print("Generated Sample number " + str(i) + " Even-Odd Frequency: ")
  print(generatedSample)
  evenOddFrequency(generatedSample)
  print("----------------------------------------------")

Generated Sample number 1 Even-Odd Frequency: 
[5, 2, 3, 5, 9, 2, 7, 2, 5, 1]
Number of even numbers: 3
Number of odd numbers: 7
----------------------------------------------
Generated Sample number 2 Even-Odd Frequency: 
[0, 7, 3, 4, 8, 8, 9, 9, 6, 10]
Number of even numbers: 6
Number of odd numbers: 4
----------------------------------------------
Generated Sample number 3 Even-Odd Frequency: 
[5, 2, 3, 3, 6, 5, 1, 5, 7, 9]
Number of even numbers: 2
Number of odd numbers: 8
----------------------------------------------
Generated Sample number 4 Even-Odd Frequency: 
[1, 7, 3, 1, 5, 1, 3, 1, 9, 7]
Number of even numbers: 0
Number of odd numbers: 10
----------------------------------------------
Generated Sample number 5 Even-Odd Frequency: 
[6, 3, 3, 10, 3, 8, 6, 7, 10, 6]
Number of even numbers: 6
Number of odd numbers: 4
----------------------------------------------


<p> We can try to integrate this algorithm with the one we previously implemented (one-time pad) and see what we get as results. Here, the interval will be [0, 1] so we can get a bit sequence and test the encode and decode using the one-time pad algorithm.</p>

In [None]:
a, c, m = 1103515245, 12345, 2 ** 31
generatedSample = randomUniformSample(a, c, m, 10, [0, 1], 1)
print("The generated sample using LCG is: ")
print(generatedSample)

message = str(generatedSample).strip('[]').split(", ")

messageLength = len(message)
key = randomKey(messageLength)
print("The random key generated using one-time pad is: " + key)

encryptedMessage = encrypt(message, key)
print("The encrypted message using XOR is: " + encryptedMessage)

decryptedMessage = decrypt(encryptedMessage, key)
print("The decrypted message using XOR is: " + decryptedMessage)

The generated sample using LCG is: 
[1, 0, 0, 1, 1, 0, 1, 0, 0, 0]
The random key generated using one-time pad is: 0101011001
The encrypted message using XOR is: 1100110001
The decrypted message using XOR is: 1001101000


<h4><b>III.2 - THE XORSHIFT </b></h4>

<p>Xorshift random number generators, also called shift-register generators are a class of pseudorandom number generators that were proposed by George Marsaglia. They have three main integer parameters: a, b and c.</p>

<p>They generate the next number in their sequence by repeatedly taking the exclusive or of a number with a bit-shifted version of itself. This makes them execute extremely efficiently on modern computer architectures, but does not benefit efficiency in a hardware implementation.</p>

<p>We can define the xorshift function that shifts the item three times to get the value desired.</p>

In [None]:
def xorshift(x, a, b, c):
  # 32-bit xorshift
  x = x ^ ((x >> a) & 0xFFFFFFFF)
  x = x ^ ((x << b) & 0xFFFFFFFF)
  x= x ^ ((x >> c) & 0xFFFFFFFF)  
  return x

<p>The previous function returns a decimal random number. To get a binary random number, we will implement a xorshiftBinary function. This function simply calls the xorshift and converts the random number generated into binary.</p>

In [None]:
def xorshiftBinary(x, a, b, c):
  generatedNumber = xorshift(x, a, b, c)
  generatedNumberBinary = [int(number) for number in str(bin(generatedNumber))[2:]]
  return generatedNumberBinary

<p> We can now test the two functions and see the outputs generated.</p>

In [None]:
generatedNumber = xorshift(123456789,12,25,27)
print("The generated number after applying xorshift is: " + str(generatedNumber))
generatedNumberBinary = xorshiftBinary(123456789,12,25,27)
print("The generated number after applying xorshift in binary is: ")
print(generatedNumberBinary)

The generated number after applying xorshift is: 1432074403
The generated number after applying xorshift in binary is: 
[1, 0, 1, 0, 1, 0, 1, 0, 1, 0, 1, 1, 0, 1, 1, 1, 0, 1, 1, 1, 0, 0, 0, 1, 0, 1, 0, 0, 0, 1, 1]


<p> Like we did for LCG, we can apply the one-time pad algorithm on the xorshift generated sample.</p>

In [None]:
generatedNumberBinary = xorshiftBinary(123456789,12,25,27)
print("The generated number after applying xorshift in binary is: ")
print(generatedNumberBinary)

message = str(generatedNumberBinary).strip('[]').split(", ")

messageLength = len(message)
key = randomKey(messageLength)
print("The random key generated using one-time pad is: " + key)

encryptedMessage = encrypt(message, key)
print("The encrypted message using XOR is: " + encryptedMessage)

decryptedMessage = decrypt(encryptedMessage, key)
print("The decrypted message using XOR is: " + decryptedMessage)

The generated number after applying xorshift in binary is: 
[1, 0, 1, 0, 1, 0, 1, 0, 1, 0, 1, 1, 0, 1, 1, 1, 0, 1, 1, 1, 0, 0, 0, 1, 0, 1, 0, 0, 0, 1, 1]
The random key generated using one-time pad is: 1110000010000001101110010000111
The encrypted message using XOR is: 0100101000110110110010000100100
The decrypted message using XOR is: 1010101010110111011100010100011


<p> Now that we implemented the LCG and xorshift algorithms, we can compare them regarding the time needed to generated a random number. For that, we have to add a new library</p>

In [None]:
import time

<p> Let's first compute the execution time for the LCG algorithm.</p>

In [None]:
start_time = time.time()
a, c, m = 1103515245, 12345, 2 ** 31
generatedSample = randomUniformSample(a, c, m, 32, [0, 1], 1)
print("The generated sample using LCG is: ")
print(generatedSample)
print("--- %s seconds ---" % (time.time() - start_time))

The generated sample using LCG is: 
[1, 0, 0, 1, 1, 0, 1, 0, 0, 0, 0, 0, 0, 0, 1, 1, 1, 1, 1, 1, 1, 0, 1, 0, 0, 1, 1, 0, 1, 1, 1, 1]
--- 0.0023233890533447266 seconds ---


<p> And now we'll compute the execution time for the xorshift algorithm.</p>

In [None]:
start_time = time.time()
generatedNumberBinary = xorshiftBinary(1234567895,12,25,27)
print("The generated number after applying xorshift in binary is: ")
print(generatedNumberBinary)
print("--- %s seconds ---" % (time.time() - start_time))

The generated number after applying xorshift in binary is: 
[1, 0, 0, 1, 1, 1, 1, 0, 0, 1, 0, 0, 1, 0, 1, 0, 0, 1, 1, 0, 1, 1, 1, 0, 1, 1, 0, 0, 1, 1]
--- 0.0015690326690673828 seconds ---


<p> As we can see, both algorithms are really fast in terms of generating one sample and there is a slight difference in the speed. In order to really see the difference, let's test the time it would take to generate 1000000 samples of 32 bits for each algorithm. </p>

In [None]:
start_time = time.time()
a, c, m = 1103515245, 12345, 2 ** 31
for i in range(1000000):
  generatedSample = randomUniformSample(a, c, m, 32, [0, 1], i)
print("--- LCG %s seconds ---" % (time.time() - start_time))

start_time = time.time()
for i in range(1000000):
  generatedNumberBinary = xorshiftBinary(1234567895,12,25,27)
print("--- xorshift %s seconds ---" % (time.time() - start_time))

--- LCG 24.801329851150513 seconds ---
--- xorshift 7.326638221740723 seconds ---


<p> We notice that to generate 1000000 samples of 32-bits, the xorshift algorithm was faster than the LCG algorithm.</p>

<h4><b>III.3 - LINEAR FEEDBACK SHIFT REGISTERS </b></h4>

<p>A linear-feedback shift register (LFSR) is a shift register whose input bit is a linear function of its previous state. The most commonly used linear function of single bits is XOR. The initial value of the LFSR is called the seed.</p>

<p> Applications of LFSRs include generating pseudo-random numbers, pseudo-noise sequences, fast digital counters, and whitening sequences. Both hardware and software implementations of LFSRs are common.</p>

<p> Let's implement a simple algorithm that demonstarted how LFSR works.</p>

<p> We will start by implementing the xor function that will be used by the lfsr function.</p>

In [None]:
def xor(list1, list2, tapPositions, dataLength):
    xor = list1[dataLength-1]
    for i in range(len(tapPositions)-1):
        xor = list1[tapPositions[i]] ^ xor
    list2.append(xor)
    return list2
    

<p>Now, we will define the lfsr function that generates the number using some input.</p>

In [None]:
def lfsr(inputData, clockCycles, tapPositions):
  inputData.insert(0,inputData[len(inputData)-1])
  inputData.pop()

  output = [0]
  dataLength = len(inputData)
  list1 = inputData
  list2 = []
  for i in range(int(clockCycles)):
      output.insert(0,list1[dataLength-1])
      xor(list1, list2, tapPositions, dataLength)
      for i in range(dataLength - 1):
          list2.append(list1[i])

      list1 = list2
      list2 = []

  output.pop()
  output.reverse()
  output_data = ''.join(str(x) for x in output)
  return output_data

<p> Now that we implemented the main functions, we can test out LFSR algorithm.</p>

In [None]:
tapPositions = input("Enter the tap positions:").split(',')
tapPositions = [int(position) for position in tapPositions]
inputData = list(input("Seed value:"))
inputData = [int(i) for i in inputData]
clockCycles = input("Number of clock cycles:")

generatedNumber = lfsr(inputData, clockCycles, tapPositions)
print("The generated number using LFSR is: ")
print(generatedNumber)

Enter the tap positions:0,3
Seed value:1011
Number of clock cycles:10
The generated number using LFSR is: 
1011001000


<p> Let's test this algorithm combined with the one-time pad algorithm.</p>

In [None]:
print("The generated number after applying LFSR is: " + generatedNumber)

messageLength = len(generatedNumber)
key = randomKey(messageLength)
print("The random key generated using one-time pad is: " + key)

encryptedMessage = encrypt(generatedNumber, key)
print("The encrypted message using XOR is: " + encryptedMessage)

decryptedMessage = decrypt(encryptedMessage, key)
print("The decrypted message using XOR is: " + decryptedMessage)

The generated number after applying LFSR is: 1011001000
The random key generated using one-time pad is: 1101011011
The encrypted message using XOR is: 0110010011
The decrypted message using XOR is: 1011001000


<h4><b>III.4 - THE MERSENNE-TWISTER</b></h4>

<p>The Mersenne Twister is a pseudorandom number generator (PRNG). It is by far the most widely used general-purpose PRNG. This generator was designed specifically to rectify most of the flaws found in older PRNGs.</p>

<p>The general algorithm is characterized by the following quantities: 
  <ul>
    <li>word size (in number of bits)</li>
    <li>degree of recurrence</li>
    <li>middle word, an offset used in the recurrence relation defining the series x, 1 ≤ m < n</li>
    <li>separation point of one word, or the number of bits of the lower bitmask, 0 ≤ r ≤ w − 1</li>
    <li>coefficients of the rational normal form twist matrix</li>
    <li>2 TGFSR(R) tempering bitmasks</li>
    <li>2 TGFSR(R) tempering bit shifts</li>
    <li>3 additional Mersenne Twister tempering bit shifts/masks</li>
  </ul>
</p>

<p> Let's implement a basic Mersenne-Twister algorithm and run it.</p>
<p>We will define the MersenneTwister class along with the values of the quantities we just mentioned and the mersenneTwist, getRandomNumber and int_32 functions.</p>

In [None]:
class MersenneTwister():

  def __init__(self, seed = 5489):  
    self.seed = seed
    self.size = 624
    self.state = [0] * size
    self.f = 1812433253
    self.m = 397
    self.u = 11
    self.s = 7
    self.b = 0x9D2C5680
    self.t = 15
    self.c = 0xEFC60000
    self.l = 18
    self.index = 624
    self.lower_mask = (1<<31)-1
    self.upper_mask = 1<<31
    # update state
    self.state[0] = self.seed
    for i in range(1,624):
        self.state[i] = self.int32(f*(self.state[i-1]^(self.state[i-1]>>30)) + i)

  def int32(self, number):
    return int(0xFFFFFFFF & number)
  
  def mersenneTwist(self):
    for i in range(self.size):
        temp = self.int32(self.state[i]&self.upper_mask)+(self.state[(i+1)%self.size]&self.lower_mask)
        temp_shift = temp>>1
        if temp%2 != 0:
            temp_shift = temp_shift^0x9908b0df
        self.state[i] = self.state[(i+self.m)%self.size]^temp_shift
    self.index = 0

  def getRandomNumber(self):
    if self.index >= self.size:
        self.mersenneTwist()
    y = self.state[self.index]
    y = y^(y>>self.u)
    y = y^((y<<self.s)&self.b)
    y = y^((y<<self.t)&self.c)
    y = y^(y>>self.l)
    self.index+=1
    return self.int32(y)


<p> Now, we have everything needed to test the algorithm we just implemented.</p>

In [None]:
mt = MersenneTwister(1234)
message = mt.getRandomNumber()
print("The generated number after applying Mersenne-Twister is: " + str(message))
messageBinary = [int(msg) for msg in str(bin(message))[2:]]
print("The generated number in binary after applying Mersenne-Twister is: ")
print(messageBinary)

The generated number after applying Mersenne-Twister is: 822569775
The generated number in binary after applying Mersenne-Twister is: 
[1, 1, 0, 0, 0, 1, 0, 0, 0, 0, 0, 1, 1, 1, 0, 1, 1, 0, 1, 0, 1, 1, 0, 0, 1, 0, 1, 1, 1, 1]


<p> We successfully generated a binary message using Mersenne-Twister. Now, we can combine it with the one-time pad algorithm and see the results.</p>

In [None]:
message = str(messageBinary).strip('[]').split(", ")
print("The generated number after applying Mersenne-Twister is: ")
print(message)

messageLength = len(message)
key = randomKey(messageLength)
print("The random key generated using one-time pad is: " + key)

encryptedMessage = encrypt(message, key)
print("The encrypted message using XOR is: " + encryptedMessage)

decryptedMessage = decrypt(encryptedMessage, key)
print("The decrypted message using XOR is: " + decryptedMessage)

The generated number after applying Mersenne-Twister is: 
['1', '1', '0', '0', '0', '1', '0', '0', '0', '0', '0', '1', '1', '1', '0', '1', '1', '0', '1', '0', '1', '1', '0', '0', '1', '0', '1', '1', '1', '1']
The random key generated using one-time pad is: 110101100000101100001010100010
The encrypted message using XOR is: 000100100001011010100110001101
The decrypted message using XOR is: 110001000001110110101100101111


<h4><b> III.5 - THE BLUM BLUM SHUB </b></h4>

<p>Blum Blum Shub (BBS) is a pseudorandom number generator. This algorithm is more complex than the others. However, it is more efficient, as it respects the Shannon's condition.</p>

<p>Blum Blum Shub takes the form: </p>
<p align="center"><i> $X_{n+1}$ = $X_{n}^{2}$ mod M </i></p>
<p><i> Where:</i>
  <ul>
    <li>M = pq is the product of two large primes p and q.</li>
    <li>The seed x0 should be an integer that is co-prime to M.</li>
    <li>The two primes, p and q, should both be congruent to 3 (mod 4).</li>
  </ul> 
</p>
<p> At each step of the algorithm, some output is derived from $X_{n+1}$. The output is commonly either the bit parity of $X_{n+1}$ or one or more of the least significant bits of $X_{n+1}$.</p>

<p> Let's implement this algorithm by defining a BBS class with all the functionalities needed.</p>


In [None]:
class BlumBlumShub():                                             
    def __init__(self, length):                                         
        self.length = length                                            
        self.primes = self.getPrimes(1000)

    def getPrimes(self, x):
      primes = []
      for a in range(1,10000):
          for b in range(2,a):
              if(a%b==0):
                  break
              else:
                  primes.append(a)
              if len(primes) == x:
                  return primes                                       

    def genPrimes(self):                                             
        out_primes = []                                                 
        while len(out_primes) < 2:                                      
            curr_prime = self.primes[random.randrange(len(self.primes))]
            if curr_prime % 4 == 3:                                     
                out_primes.append(curr_prime)                           
        return out_primes                                               

    def randomGenerator(self):                                         
        x = random.randrange(1000000)                                   
        while self.length:                                              
            x += 1                                                      
            p, q = self.genPrimes()                                    
            m = p * q                                                   
            z = (x**2) % m                                              
            self.length -= 1                                            
            yield str(bin(z).count('1') % 2)                            

    def getRandomBits(self):                                          
        return ''.join(self.randomGenerator())     

<p> Now, we can run and test the algorithm.</p>

In [None]:
bbs = BlumBlumShub(15)
message = bbs.getRandomBits()
print("The generated number after applying BBS is: " + message)


The generated number after applying BBS is: 111001101011101


<p> Now, we can try testing this generated number with the one-time pad algorithm.</p>

In [None]:
print("The generated number after applying BBS is: " + message)

messageLength = len(message)
key = randomKey(messageLength)
print("The random key generated using one-time pad is: " + key)

encryptedMessage = encrypt(message, key)
print("The encrypted message using XOR is: " + encryptedMessage)

decryptedMessage = decrypt(encryptedMessage, key)
print("The decrypted message using XOR is: " + decryptedMessage)

The generated number after applying BBS is: 111001101011101
The random key generated using one-time pad is: 101100110010011
The encrypted message using XOR is: 010101011001110
The decrypted message using XOR is: 111001101011101


<h4><b> III.6 - ISAAC </b></h4>

<p>ISAAC (Indirection, Shift, Accumulate, Add, and Count) is a cryptographically secure pseudorandom number generator (CSPRNG). It produces 32-bit unsigned integers uniformly distributed, unbiased, and unpredictable. Cycles are guaranteed to be a minimum of 240 values long and they are 28295 values long on average. The generator runs fast and performs 18.75 machine cycles on average .</p>

In [None]:
import random
import collections
 
INT_MASK = 0xFFFFFFFF
 
class ISAAC(random.Random):

  def __init__(self):
    self.seed()

  def seed(self, seed=None):
    """
    Initialize internal state.

    The seed, if given, can be a string, an integer, or an iterable that contains
    integers only. If no seed is given, a fixed default state is set up; unlike
    our superclass, this class will not attempt to randomize the seed from outside sources.
    """
    def mix():
        init_state[0] ^= ((init_state[1]<<11)&INT_MASK); init_state[3] += init_state[0]; init_state[3] &= INT_MASK; init_state[1] += init_state[2]; init_state[1] &= INT_MASK
        init_state[1] ^=  (init_state[2]>>2)           ; init_state[4] += init_state[1]; init_state[4] &= INT_MASK; init_state[2] += init_state[3]; init_state[2] &= INT_MASK
        init_state[2] ^= ((init_state[3]<<8 )&INT_MASK); init_state[5] += init_state[2]; init_state[5] &= INT_MASK; init_state[3] += init_state[4]; init_state[3] &= INT_MASK
        init_state[3] ^=  (init_state[4]>>16)          ; init_state[6] += init_state[3]; init_state[6] &= INT_MASK; init_state[4] += init_state[5]; init_state[4] &= INT_MASK
        init_state[4] ^= ((init_state[5]<<10)&INT_MASK); init_state[7] += init_state[4]; init_state[7] &= INT_MASK; init_state[5] += init_state[6]; init_state[5] &= INT_MASK
        init_state[5] ^=  (init_state[6]>>4 )          ; init_state[0] += init_state[5]; init_state[0] &= INT_MASK; init_state[6] += init_state[7]; init_state[6] &= INT_MASK
        init_state[6] ^= ((init_state[7]<<8 )&INT_MASK); init_state[1] += init_state[6]; init_state[1] &= INT_MASK; init_state[7] += init_state[0]; init_state[7] &= INT_MASK
        init_state[7] ^=  (init_state[0]>>9 )          ; init_state[2] += init_state[7]; init_state[2] &= INT_MASK; init_state[0] += init_state[1]; init_state[0] &= INT_MASK

    super().seed(0) # give a chance for the superclass to reset its state - the actual seed given to it doesn't matter
    if seed is not None:
        if isinstance(seed, str):
            seed = [ord(x) for x in seed]
        elif isinstance(seed, collections.Iterable):
            seed = [x & INT_MASK for x in seed]
        elif isinstance(seed, int):
            val = abs(seed)
            seed = []
            while val:
                seed.append(val & INT_MASK)
                val >>= 32
        else:
            raise TypeError('Seed must be string, integer or iterable of integer')

        # make sure the seed list is exactly 256 elements long
        if len(seed)>256:
            del seed[256:]
        elif len(seed)<256:
            seed.extend([0]*(256-len(seed)))

    self.aa = self.bb = self.cc = 0
    self.mm = []
    init_state = [0x9e3779b9]*8

    for _ in range(4):
        mix()

    for i in range(0, 256, 8):
        if seed is not None:
            for j in range(8):
                init_state[j] += seed[i+j]
                init_state[j] &= INT_MASK
        mix()
        self.mm += init_state

    if seed is not None:
        for i in range(0, 256, 8):
            for j in range(8):
                init_state[j] += self.mm[i+j]
                init_state[j] &= INT_MASK
            mix()
            for j in range(8):
                self.mm[i+j] = init_state[j]

    self.rand_count = 256
    self.rand_result = [0]*256

  def _generate(self):
    # Generate 256 random 32-bit values and save them in an internal field.
    # The actual random functions will dish out these values to callers.
    self.cc = (self.cc + 1) & INT_MASK
    self.bb = (self.bb + self.cc) & INT_MASK

    for i in range(256):
        x = self.mm[i]
        mod = i & 3
        if mod==0:
            self.aa ^= ((self.aa << 13) & INT_MASK)
        elif mod==1:
            self.aa ^= (self.aa >> 6)
        elif mod==2:
            self.aa ^= ((self.aa << 2) & INT_MASK)
        else: # mod == 3
            self.aa ^= (self.aa >> 16)
        self.aa = (self.mm[i^128] + self.aa) & INT_MASK
        y = self.mm[i] = (self.mm[(x>>2) & 0xFF] + self.aa + self.bb) & INT_MASK
        self.rand_result[i] = self.bb = (self.mm[(y>>10) & 0xFF] + x) & INT_MASK

    self.rand_count = 0

  def next_int(self):
    """Return a random integer between 0 (inclusive) and 2**32 (exclusive)."""
    if self.rand_count == 256:
        self._generate()
    result = self.rand_result[self.rand_count]
    self.rand_count += 1
    return result

  def getrandbits(self, k):
    """Return a random integer between 0 (inclusive) and 2**k (exclusive)."""
    result = 0
    ints_needed = (k+31)//32
    ints_used = 0
    while ints_used < ints_needed:
        if self.rand_count == 256:
            self._generate()
        ints_to_take = min(256-self.rand_count, ints_needed)
        for val in self.rand_result[self.rand_count : self.rand_count+ints_to_take]:
            result = (result << 32) | val
        self.rand_count += ints_to_take
        ints_used += ints_to_take
    result &= ((1<<k)-1)    # mask off extra bits, if any
    return result
 
  def random(self):
    """Return a random float between 0 (inclusive) and 1 (exclusive)."""
    # A double stores 53 significant bits, so scale a 53-bit integer into the [0..1) range.
    return self.getrandbits(53) * (2**-53)

  def rand_char(self):
    """Return a random integer from the printable ASCII range [32..126]."""
    return self.next_int() % 95 + 32

<p> Let's run and test the code we implemented. </p>

In [None]:
isaac = ISAAC()
message = isaac.getrandbits(15)
print("The generated number after applying ISAAC is: " + str(message))
messageBinary = [int(number) for number in str(bin(message))[2:]]
print("The generated number in Binary after applying ISAAC is: " + str(messageBinary))

The generated number after applying ISAAC is: 4424
The generated number in Binary after applying ISAAC is: [1, 0, 0, 0, 1, 0, 1, 0, 0, 1, 0, 0, 0]


<p> Now, we can combine it with the one-time pad algorithm and run the encryption and decryption of the message.</p>

In [None]:
print("The generated number after applying ISAAC is: ")
print(messageBinary)
message = str(messageBinary).strip('[]').split(", ")

messageLength = len(message)
key = randomKey(messageLength)
print("The random key generated using one-time pad is: " + key)

encryptedMessage = encrypt(message, key)
print("The encrypted message using XOR is: " + encryptedMessage)

decryptedMessage = decrypt(encryptedMessage, key)
print("The decrypted message using XOR is: " + decryptedMessage)

The generated number after applying ISAAC is: 
[1, 0, 0, 0, 1, 0, 1, 0, 0, 1, 0, 0, 0]
The random key generated using one-time pad is: 1101000100001
The encrypted message using XOR is: 0101101101001
The decrypted message using XOR is: 1000101001000


<p> In the context of Internet of Things, we have some fundamental problems. As the prime numbers increase, the security in use also increases which can lead to: 
  <ul>
    <li>Longer calculations, meaning more energy consumption.</li>
    <li>Larger size of numbers to be manipulated so more memory usage.</li>
    <li>Increases in cryptogram leads to increases in the size of the data to be sent.</li>
  </ul>
</p>
<p> So, in terms of Internet of Things, when it comes to security there is always one or more compromise. In other words, the greater the security, the greater the need for power, and the shorter the life of the network.</p>

<h2><b> IV- FAST EXPONENTIATION </b></h2>

<p>Various operations in cryptography require the calculation of a multiple or a power. Fast exponentiation is a classical technique, used in practice, to obtain the power of a given number.</p>

<p> In order to calculate $X^{e}$, we can apply one of the following operations:
  <ul>
    <li>Square Elevation.</li>
    <li>Multiplication by X.</li>
  </ul>
</p>

<p>In a recursive version, 
  <ul>
    <li> If e is even, we calculate $X^{e/2}$ and multiply it by itself.</li>
    <li>If not, we calculate $X^{e-1}$ and multiply it by X.</li>
  </ul>
</p>

<p> Let's implement the Fast Exponentiation algorithm.</p>
<p> First, let's implement the function that changes the 1 and 0 to SX and S in a message.</p>

In [None]:
def changeMessage(x, e):
  binaryMessage = bin(e)[2:]
  binaryMessage = binaryMessage.replace('1','',1)
  changedMessage = ''
  for i in binaryMessage:
    if(i == '0'):
      changedMessage += 'S'
    else:
      changedMessage += 'SX'
  return changedMessage

<p> Now, we will implement the fastExponentiation function that will compute the fast power and return the generated number.</p>

In [None]:
def fastExponentiation(x, e):
  changedMessage = changeMessage(x, e)
  result = e
  for message in changedMessage:
    if message == 'S':
      result = result*result
    else:
      result = result*x
  return result

<p> Let's run the code and see the result we got.</p>

In [None]:
changedMessage = changeMessage('10011',3)
print("The changed message is: " + changedMessage)
message = fastExponentiation('10011',3)
print("The generated number after applying the Fast Exponentiation is: " + message)

The changed message is: SX
The generated number after applying the Fast Exponentiation is: 100111001110011100111001110011100111001110011


<p> Now we can run the one-time pad algorithm with the generated number using the Fast Exponentiation algorithm.</p>

In [None]:
print("The generated number after applying the Fast Exponentiation is: " + message)

messageLength = len(message)
key = randomKey(messageLength)
print("The random key generated using one-time pad is: " + key)

encryptedMessage = encrypt(message, key)
print("The encrypted message using XOR is: " + encryptedMessage)

decryptedMessage = decrypt(encryptedMessage, key)
print("The decrypted message using XOR is: " + decryptedMessage)

The generated number after applying the Fast Exponentiation is: 100111001110011100111001110011100111001110011
The random key generated using one-time pad is: 011111010001111010110000010100001110001011101
The encrypted message using XOR is: 111000011111100110001001100111101001000101110
The decrypted message using XOR is: 100111001110011100111001110011100111001110011


<p> The Fast Exponentiation algorithm does not always give us the fastest method. More efficient techniques exist such as the addition strings.</p> 

<h2><b>V- ARITHMETICS FOR SECURITY</b></h2>

<p> Security problems nowadays are mostly based on finding the prime factors of a large integer. So far, no solution has been implemented. </p>

<p> We will be applying three methods to obtain large prime numbers and see how each method is better than the one before.</p>

<h4><b> V.1 - ERATOSTHENES' SIEVE </b></h4>

<p> In mathematics, the sieve of Eratosthenes is an ancient algorithm for finding all prime numbers up to any given limit.</p>

<p> The steps taken to generate the prime number are the following:
  <ul>
    <li>Create a list of integers from 2 to N.</p>
    <li>Delete all the multiples of 2 from the list, then the multiples of 3, 5, etc.</p>
    <li>Stop when we reach N/2.</p>
  </ul>
</p>

<p> Let's implement the Eratosthenes.</p>

In [None]:
def SieveOfEratosthenes(desiredLength):
  prime = [True for i in range(desiredLength + 1)]
  p = 2
  while (p * p <= desiredLength):
    if (prime[p] == True):
      for i in range(p ** 2, desiredLength + 1, p):
        prime[i] = False
    p += 1
  prime[0]= False
  prime[1]= False
  # Print all prime numbers
  for p in range(desiredLength + 1):
    if prime[p]:
      print(p) #Use print(p) for python 3

<p> We can now test this function with the desired limit to reach. It will print all the prime numbers from 2 till this limit and the last number will be the largest prime number <= limit. </p>

In [None]:
limit = 1000
SieveOfEratosthenes(limit)

2
3
5
7
11
13
17
19
23
29
31
37
41
43
47
53
59
61
67
71
73
79
83
89
97
101
103
107
109
113
127
131
137
139
149
151
157
163
167
173
179
181
191
193
197
199
211
223
227
229
233
239
241
251
257
263
269
271
277
281
283
293
307
311
313
317
331
337
347
349
353
359
367
373
379
383
389
397
401
409
419
421
431
433
439
443
449
457
461
463
467
479
487
491
499
503
509
521
523
541
547
557
563
569
571
577
587
593
599
601
607
613
617
619
631
641
643
647
653
659
661
673
677
683
691
701
709
719
727
733
739
743
751
757
761
769
773
787
797
809
811
821
823
827
829
839
853
857
859
863
877
881
883
887
907
911
919
929
937
941
947
953
967
971
977
983
991
997


<h4><b> V.2 - A FERMAT THEOREM </b></h4>

<p>Fermat’s theorem, also known as Fermat’s little theorem and Fermat’s primality test. The theorem says that for any prime number <i>$p$</i> and any integer <i>$a$</i> such that <i>$p$</i> does not divide <i>$a$</i> (the pair are relatively prime), <i>$p$</i> divides exactly into <i>$a_p$ − $a$</i>.</p>

<p>To obtain a large prime number, the idea is to draw a large number of digits, concatenate them as a number, and then test if this number is prime.</p>

<p> Let's implement Fermat's theorem by starting with some basic testing and then diving in more deeply.</p>

<p> First, we will start by implementing a function that tests if a number is prime or not by checking if the last digit is different than 0, 2, 4, 5, 6 and 8.</p>

In [None]:
def checkIfPrimeV1(number):
  st = str(number)
  sz = len(st)
  if sz >= 2:
    if int(st[sz - 1]) != 0 and int(st[sz - 1]) != 2 and int(st[sz - 1]) != 4 and int(st[sz - 1]) != 5 and int(st[sz - 1]) != 6 and int(st[sz - 1]) != 8:
      return True
    else:
      return False
  else:
    print("The number should be composed of at least 2 digits!")


<p>Let's test the checkIfPrimeV1 function with different numbers.</p>

In [None]:
if checkIfPrimeV1(12358):
  print("12358 is prime!")
else:
  print("12358 is not prime!")

if checkIfPrimeV1(12483):
  print("12483 is prime!")
else:
  print("12483 is not prime!")

if checkIfPrimeV1(5841679):
  print("5841679 is prime!")
else:
  print("5841679 is not prime!")

if checkIfPrimeV1(14385):
  print("14385 is prime!")
else:
  print("14385 is not prime!")

12358 is not prime!
12483 is prime!
5841679 is prime!
14385 is not prime!


<p> We can now implement a function a bit more complex based on:</p>
<p align = "center"> $a_n≡a[n]$</p>
<p>First, we'll implement the gcd function.</p>

In [None]:
def gcd(a,b):
  if(b == 0):
    return a
  else:
    return gcd(b, a % b)

<p> Then, we will implement the power function that computes x^y under modulo m</p>

In [None]:
def power(x,y,m):
  if (y == 0):
    return 1
  p = power(x, y // 2, m) % m
  p = (p * p) % m

  return p if(y % 2 == 0) else  (x * p) % m

<p>To get the modular inverse, we will implement the modInverse function. If a and m are relatively prime, then the modulo inverse is a^(m-2) mode m.</p>

In [None]:
def modInverse(a,m):
  if (gcd(a, m) != 1):
    print("Inverse doesn't exist")
  else:
    print("Modular multiplicative inverse of " + str(a) + " and " + str(m) + " is: ", power(a, m - 2, m))

<p>Let's test the functions we wrote on some numbers combinations.</p>

In [None]:
modInverse(3, 13)
modInverse(2, 17)
modInverse(4, 19)
modInverse(5, 23)

Modular multiplicative inverse of 3 and 13 is:  9
Modular multiplicative inverse of 2 and 17 is:  9
Modular multiplicative inverse of 4 and 19 is:  5
Modular multiplicative inverse of 5 and 23 is:  14


<h4><b> V.3 - MILLER-RABIN </b></h4>

<p>The Miller–Rabin primality test or Rabin–Miller primality test is a probabilistic primality test: an algorithm which determines whether a given number is likely to be prime.</p>

<p>For a given odd integer $n > 2$, let’s write n as $2^s⋅d + 1$ where s and d are positive integers and d is odd. Let’s consider an integer a, called a base, such that $0 < a < n$. Then, n is said to be a strong probable prime to base a if one of these congruence relations holds:
  <ul>
    <li>$a^d≡1$ (mod n).</li>
    <li>$a^{2^r+d}≡-1$ (mod n) with 0 <= r < s.</li>
  </ul>
</p>
<p>This test is very effective in measuring the primality of large integers. So, let's implement the algorithm.</p>
<p> We start by defining the power function that computes the modular exponentiation.</p>


In [None]:
def power(x, y, p):
  result = 1
  x = x % p
  while (y > 0):
    if (y & 1):
      result = (result * x) % p
    y = y>>1
    x = (x * x) % p
    
  return result

<p>Then, we define the miillerTest function. It returns false if the number is composite and true if it's probably prime.</p>

In [None]:
def miillerTest(d, n):
  a = 2 + random.randint(1, n - 4)
  x = power(a, d, n)

  if (x == 1 or x == n - 1):
    return True
  while (d != n - 1):
    x = (x * x) % n
    d *= 2
    if (x == 1):
        return False
    if (x == n - 1):
        return True

  return False

<p>And lastly, we implement the isPrime function to check if the number is prime or not.</p>

In [None]:
def isPrime(n, k):
  if (n <= 1 or n == 4):
    return False
  if (n <= 3):
    return True

  d = n - 1
  while (d % 2 == 0):
    d //= 2

  # Iterate given nber of 'k' times
  for i in range(k):
    if (miillerTest(d, n) == False):
      return False

  return True

<p>Now we can test the Miller-Rabin algorithm.</p>


In [None]:
k = 4;
print("All primes smaller than 1000: ");
for n in range(1,1000):
  if (isPrime(n, k)):
    print(n);

All primes smaller than 1000: 
2
3
5
7
11
13
17
19
23
29
31
37
41
43
47
53
59
61
67
71
73
79
83
89
97
101
103
107
109
113
127
131
137
139
149
151
157
163
167
173
179
181
191
193
197
199
211
223
227
229
233
239
241
251
257
263
269
271
277
281
283
293
307
311
313
317
331
337
347
349
353
359
367
373
379
383
389
397
401
409
419
421
431
433
439
443
449
457
461
463
467
479
487
491
499
503
509
521
523
541
547
557
563
569
571
577
587
593
599
601
607
613
617
619
631
641
643
647
653
659
661
673
677
683
691
701
709
719
727
733
739
743
751
757
761
769
773
787
797
809
811
821
823
827
829
839
853
857
859
863
877
881
883
887
907
911
919
929
937
941
947
953
967
971
977
983
991
997


<h2><b>VI- DIFFIE–HELLMAN KEY EXCHANGE </b></h2>

<p>Diffie–Hellman key exchange[nb 1] is a method of securely exchanging cryptographic keys over a public channel. DH is one of the earliest practical examples of public key exchange implemented within the field of cryptography.</p>
<p> Diffie-Hellman works on the principle of not sharing the encryption key over the wire completely. Instead, each party consists of a public key and a private key.</p>

<p>Let's implement this algorithm by defining a DiffieHellman class with its functionalities.</p>

In [None]:
class DiffieHellman():
  def __init__(self, publicKey1, publicKey2, privateKey):
    self.publicKey1 = publicKey1
    self.publicKey2 = publicKey2
    self.privateKey = privateKey
    self.fullKey = None
        
  def generatePartialKey(self):
    partialKey = self.publicKey1**self.privateKey
    partialKey = partialKey%self.publicKey2
    return partialKey
    
  def generateFullKey(self, partialKeyR):
    fullKey = partialKeyR**self.privateKey
    fullKey = fullKey%self.publicKey2
    self.fullKey = fullKey
    return fullKey
  
  def encryptMessage(self, message):
    encryptedMessage = ""
    key = self.fullKey
    for c in message:
      encryptedMessage += chr(ord(c)+key)
    return encryptedMessage
  
  def decryptMessage(self, encryptedMessage):
    decryptedMessage = ""
    key = self.fullKey
    for c in encryptedMessage:
      decryptedMessage += chr(ord(c)-key)
    return decryptedMessage


<p>Now that we implemented the class with all the functions needed, we can test how it is encrypting and decrypting the message.</p>

In [None]:
message="This is a top secret message!!!"
oliverPublic=197
oliverPrivate=199
dominicPublic=151
dominicPrivate=157
Oliver = DiffieHellman(oliverPublic, dominicPublic, oliverPrivate)
Dominic = DiffieHellman(oliverPublic, dominicPublic, dominicPrivate)

print("The original message is: " + message)
print("----------------------------------------------------------------")

#Exchanging partial key
oliverPartial = Oliver.generatePartialKey()
print("Oliver's generated partial key is: " + str(oliverPartial))
dominicPartial = Dominic.generatePartialKey()
print("Dominic's generated partial key is: " + str(dominicPartial))

print("----------------------------------------------------------------")

#Generating full key
oliverFull = Oliver.generateFullKey(oliverPartial)
print("Oliver's generated full key is: " + str(oliverFull))
dominicFull = Dominic.generateFullKey(dominicPartial)
print("Dominic's generated full key is: " + str(dominicFull))

print("----------------------------------------------------------------")

#Encryption
oliverEncrypted = Oliver.encryptMessage(message)
print("Oliver's encrypted message is: " + str(oliverEncrypted))
dominicEncrypted = Dominic.encryptMessage(message)
print("Dominic's encrypted message is: " + str(dominicEncrypted))

print("----------------------------------------------------------------")

#Decryption
oliverDecrypted = Oliver.decryptMessage(oliverEncrypted)
print("Oliver's decrypted message is: " + str(oliverDecrypted))
dominicDecrypted = Dominic.decryptMessage(dominicEncrypted)
print("Dominic's decrypted message is: " + str(dominicDecrypted))

The original message is: This is a top secret message!!!
----------------------------------------------------------------
Oliver's generated partial key is: 147
Dominic's generated partial key is: 66
----------------------------------------------------------------
Oliver's generated full key is: 46
Dominic's generated full key is: 147
----------------------------------------------------------------
Oliver's encrypted message is: ¡N¡NN¢N¡ ¢N¡¡OOO
Dominic's encrypted message is: çûüĆ³üĆ³ô³ćĂă³Ćøöąøć³ĀøĆĆôúø´´´
----------------------------------------------------------------
Oliver's decrypted message is: This is a top secret message!!!
Dominic's decrypted message is: This is a top secret message!!!


<h2><b>VII- ASYMETRIC ENCRYPTION ALGORITHMS</b></h2>

<p>Asymmetric cryptography is a branch of cryptography where a secret key can be divided into two parts, a public key and a private key. The public key can be given to anyone, trusted or not, while the private key must be kept secret (just like the key in symmetric cryptography).</p>

<p>Asymmetric cryptography has two primary use cases: authentication and confidentiality. Using asymmetric cryptography, messages can be signed with a private key, and then anyone with the public key is able to verify that the message was created by someone possessing the corresponding private key.</p>

<h4><b> VII.1 - RSA </b></h4>
<p>RSA is the most widespread and used public key algorithm. Its security is based on the difficulty of factoring large integers. The algorithm can be used for both confidentiality (encryption) and authentication (digital signature).</p>

<p>RSA encryption uses the fact that, for well-chosen keys :</p>
<p align="center"> $(t^c)^d$ % $n$ = $t$ % $n$</p>

<p>In other words, $(t^c)^d$ ≡ t[n]</p>
<p>where :  $(t^c)^d$ and $t$ have same modulo $n$ reduction.</p>

<p>Three main functionalities define this algorithm:
  <ul>
    <li>Choosing the keys using Bezout's identity.</li>
    <li>Encrypting the message.</li>
    <li>Decrypting the message.</li>
  </ul>
</p>

<p>Let's implement this algorithm by writing the first functions: gcd, multiplicativeInverse, isPrime and the generateKeys.</p>

In [None]:
def power(x, y, m):
  if (y == 0):
    return 1
  p = power(x, y // 2, m) % m
  p = (p * p) % m

  return p if(y % 2 == 0) else  (x * p) % m

def gcd(a, b):
  if(b == 0):
    return a
  else:
    return gcd(b, a % b)

def multiplicativeinverse(a, m):
  if (gcd(a, m) != 1):
    return None
  else:
    return power(a, m - 2, m)

def isPrime(num):
  if num == 2:
    return True
  if num < 2 or num % 2 == 0:
    return False
  for n in range(3, int(num**0.5)+2, 2):
    if num % n == 0:
      return False
  return True

def generateKeypair(p, q):
  if not (isPrime(p) and isPrime(q)):
    raise ValueError('Both numbers must be prime.')
  elif p == q:
    raise ValueError('p and q cannot be equal')
  #n = pq
  n = p * q

  #Phi is the totient of n
  phi = (p-1) * (q-1)

  #Choose an integer e such that e and phi(n) are coprime
  e = random.randrange(1, phi)

  #Use Euclid's Algorithm to verify that e and phi(n) are comprime
  g = gcd(e, phi)
  while g != 1:
    e = random.randrange(1, phi)
    g = gcd(e, phi)
  #Use Extended Euclid's Algorithm to generate the private key
  d = multiplicativeinverse(e, phi)
  #Return public and private keypair
  #Public key is (e, n) and private key is (d, n)
  return ((e, n), (d, n))

<p>Next, we implement the encrypt function. </p>

In [None]:
def encrypt(pk, plaintext):
    #Unpack the key into it's components
    key, n = pk
    #Convert each letter in the plaintext to numbers based on the character using a^b mod m
    cipher = [(ord(char) ** key) % n for char in plaintext]
    #Return the array of bytes
    return cipher

<p>After that, we implement the decrypt function.</p>

In [None]:
def decrypt(pk, ciphertext):
    #Unpack the key into its components
    key, n = pk
    #Generate the plaintext based on the ciphertext and key using a^b mod m
    plain = [chr((char ** key) % n) for char in ciphertext]
    #Return the array of bytes as a string
    return ''.join(plain)

<p>Now, we can test the functions we wrote and see the encryption and decryption of the message.</p>

In [None]:
p = int(input("Enter a prime number (17, 19, 23, etc): "))
q = int(input("Enter another prime number (Not one you entered above): "))
print("Generating your public/private keypairs now . . .")
public, private = generateKeypair(p, q)
print("Your public key is " + str(public) + " and your private key is " + str(private))
message = input("Enter a message to encrypt with your private key: ")
encryptedMessage = encrypt(private, message)
print("Your encrypted message is: ")
print(''.join(map(lambda x: str(x), encryptedMessage)))

Enter a prime number (17, 19, 23, etc): 17
Enter another prime number (Not one you entered above): 23
Generating your public/private keypairs now . . .
Your public key is (95, 391) and your private key is (1, 391)
Enter a message to encrypt with your private key: This is a top secret message!!!
Your encrypted message is: 
841041051153210511532973211611111232115101991141011163210910111511597103101333333


<h4><b> VII.2 - EL GAMAL </b></h4>

<p>In cryptography, the ElGamal encryption system is an asymmetric key encryption algorithm for public-key cryptography. ElGamal encryption consists of three components: the key generator, the encryption algorithm, and the decryption algorithm.</p>

<p>Suppose Alice wants to communicate to Bob. </p>
<p>
  <ol>
    <li>Bob generates public and private key : 
      <ul>
       <li>Bob chooses a very large number q and a cyclic group Fq.</li>
        <li>From the cyclic group Fq, he choose any element g and
an element a such that gcd(a, q) = 1.</li>
        <li>Then he computes h = ga.</li>
        <li>Bob publishes F, h = ga, q and g as his public key and retains a as private key.</li>
      </ul>
    </li>
    <li>Alice encrypts data using Bob’s public key : 
      <ul>
        <li>Alice selects an element k from cyclic group F 
such that gcd(k, q) = 1.</li>
        <li>Then she computes p = gk and s = hk = gak.</li>
        <li>She multiples s with M.</li>
        <li>Then she sends (p, M*s) = (gk, M*s).</li>
      </ul>
    </li>
    <li>Bob decrypts the message : 
      <ul>
        <li>Bob calculates s′ = pa = gak.</li>
        <li>He divides M*s by s′ to obtain M as s = s′.</li>
      </ul>
    </li>
  </ol>
</p>

<p>Let's implement the ElGamal Encryption Algorithm.</p>

<p>We start by implementing the gcd, power and generateKey functions.</p>


In [None]:
from math import pow
 
a = random.randint(2, 10)
 
def gcd(a, b):
  if a < b:
    return gcd(b, a)
  elif a % b == 0:
    return b;
  else:
    return gcd(b, a % b)
 
# Generating large random numbers
def generateKey(q):
  key = random.randint(pow(10, 20), q)
  while gcd(q, key) != 1:
    key = random.randint(pow(10, 20), q)

  return key
 
# Modular exponentiation
def power(a, b, c):
  x = 1
  y = a

  while b > 0:
    if b % 2 != 0:
      x = (x * y) % c;
    y = (y * y) % c
    b = int(b / 2)

  return x % c

<p>Next, we implement the encrypt function.</p>

In [None]:
# Asymmetric encryption
def encrypt(message, q, h, g):
  encryptedMessage = []

  k = generateKey(q)# Private key for sender
  s = power(h, k, q)
  p = power(g, k, q)
    
  for i in range(0, len(message)):
      encryptedMessage.append(message[i])

  print("g^k used : ", p)
  print("g^ak used : ", s)
  for i in range(0, len(encryptedMessage)):
      encryptedMessage[i] = s * ord(encryptedMessage[i])

  return encryptedMessage, p

<p>And finally, we implement the decrypt function.</p>

In [None]:
def decrypt(encryptedMessage, p, key, q):
  decryptedMessage = []
  h = power(p, key, q)
  for i in range(0, len(encryptedMessage)):
      decryptedMessage.append(chr(int(encryptedMessage[i]/h)))
        
  return decryptedMessage

<p>Now, we can test the algorithm we implemented by applying an ElGamal Encryption on a message.</p>

In [None]:
message = 'This is a top secret message!!!'
print("The original message is:", message)

print("--------------------------------------------------------------")

q = random.randint(pow(10, 20), pow(10, 50))
g = random.randint(2, q)

key = generateKey(q)# Private key for receiver
h = power(g, key, q)
print("g used : ", g)
print("g^a used : ", h)

encryptedMessage, p = encrypt(message, q, h, g)
print("The encrypted message is:", encryptedMessage);

decryptedMessage = decrypt(encryptedMessage, p, key, q)
dmsg = ''.join(decryptedMessage)
print("The decrypted message is:", decryptedMessage);

print("--------------------------------------------------------------")

print("The final string message is: ", dmsg)

The original message is: This is a top secret message!!!
--------------------------------------------------------------
g used :  17334788862652511585052678830030660449020487169122
g^a used :  1452217099668051044377095778255250567031169588343
g^k used :  17154426723761348540405350447155266599826996389371
g^ak used :  37086406871520231631157281192326957105597388731574
The encrypted message is: [3115258177207699457017211620155464396870180653452216, 3856986314638104089640357244002003538982128428083696, 3894072721509624321271514525194330496087725816815270, 4264936790224826637583087337117600067143699704131010, 1186765019888647412197032998154462627379116439410368, 3894072721509624321271514525194330496087725816815270, 4264936790224826637583087337117600067143699704131010, 1186765019888647412197032998154462627379116439410368, 3597381466537462468222256275655714839242946706962678, 1186765019888647412197032998154462627379116439410368, 4302023197096346869214244618309927024249297092862584, 411659116

<h4><b>VII.3 - BLUM–GOLDWASSER CRYPTOSYSTEM </b></h4>

<p>The Blum–Goldwasser (BG) cryptosystem is an asymmetric key encryption algorithm proposed by Manuel Blum and Shafi Goldwasser in 1984. The encryption algorithm implements an XOR-based stream cipher using the Blum-Blum-Shub (BBS) pseudo-random number generator to generate the keystream. Decryption is accomplished by manipulating the final state of the BBS generator using the private key, in order to find the initial seed and reconstruct the keystream.</p>

<p>The Blum–Goldwasser cryptosystem consists of three algorithms: a probabilistic key generation algorithm which produces a public and a private key, a probabilistic encryption algorithm, and a deterministic decryption algorithm.</p>

<p>Let's implement the algorithm by defining first the xor, isPrime and modInverse functions.</p>

In [None]:
import random
import numpy
import os
import sys
import math

#function for checking if a number is prime
def is_prime_number(x):
  if x >= 2:
    for y in range(2,x):
      if not ( x % y ):
        return False
  else:
    return False
  return True

#function for XORing two strings
def XOR(a,b):
  a,b = str(a),str(b)
  assert(len(a) <= len(b))
  result = ""
  for i in range(len(a)):
    result += str(int(a[i]) ^ int(b[i]))
  return result

#function for finding the modular inverse
def modInverse(a, m) : 
  a = a % m
  for x in range(1, m) : 
    if ((a * x) % m == 1) : 
      return x 
  return 1

def power(x, y, m):
  if (y == 0):
    return 1
  p = power(x, y // 2, m) % m
  p = (p * p) % m

  return p if(y % 2 == 0) else  (x * p) % m

<p>Then, we will define the keyGenerate function.</p>

In [None]:
def generateKey(message, p, q):
  N = p * q
  print("N =", N)
  splitStringMessage = str(message)
  return N, splitStringMessage

<p>After that, we will create the encryptBGC function.</p>

In [None]:
def encryptBGC(message, p, q, X0):

  X = []
  X.append(X0)

  b = ""
  N, stringMessage = generateKey(message, p, q)
  L = len(stringMessage)
  for i in range(L):
      stringX = bin(X[-1])[2:]
      size = len(stringX)
      b_i = stringX[size-1]
      b = b_i + b
      new_x = (X[i] ** 2) % N
      X.append(new_x)

  print("b =", b)
  str_m = str(stringMessage)

  ciphertext = XOR(str_m, b)
  print("C =", ciphertext)

  XL = X[-1]
  X0 = X[0]
  XL_check = power(X0, math.pow(2, L), N)
  assert (XL == XL_check)

  #this tuple represents what is being sent to Alice
  sent_message = (ciphertext, XL)

  y = sent_message[1]
  return y, L, ciphertext, N

<p>And now, we just have to implement the decryptBGC function.</p>

In [None]:
def decryptBGC(L, encryptedMessage, ciphertext, N):
  firstExponent = (((p+1)//4)**L) % (p-1)
  firstPhrase = "({}^{}) mod {}".format(encryptedMessage, firstExponent,p)
  r_p = power(encryptedMessage, firstExponent,p)

  secondExponent = (((q+1)//4)**L) % (q-1)
  secondPhrase = "({}^{}) mod {}".format(encryptedMessage, secondExponent,q)
  r_q = power(encryptedMessage, secondExponent,q)

  NEWX0 = (q*modInverse(q,p)*r_p + p*modInverse(p,q)*r_q)%N
  NEWX = []
  NEWX.append(NEWX0)


  b = ""
  for i in range(L):
      stringX = bin(NEWX[-1])[2:]
      size = len(stringX)
      b_i = stringX[size-1]
      b = b_i + b
      new_x = (NEWX[i] ** 2) % N
      NEWX.append(new_x)

  plaintext = XOR(ciphertext,b)

  return plaintext

<p>Finally, we can test our algorithm.</p>


In [None]:
p=499
q=547
a=-57
b=52
X0 =159201
message = 10011100000100001100

#making sure p and q are congruent to 
assert(is_prime_number(p))
assert(is_prime_number(q))

assert(p % 4 == 3)
assert(q % 4 == 3)

print("The original message is: ", message)

encryptedMessage, L, ciphertext, N = encryptBGC(message, p, q, X0)
print("The encrypted message is: ", encryptedMessage)

decryptedMessage = decryptBGC(L, encryptedMessage, ciphertext, N)
print("The decrypted message is: ", decryptedMessage)

The original message is:  10011100000100001100
N = 272953
b = 00101100000010001011
C = 10110000000110000111
The encrypted message is:  36858
The decrypted message is:  10011100000100001100


<p align = "center"><b> Labs Done by Carlita Khawand & Hussein Jaber </b></p>