<a href="https://colab.research.google.com/github/Codewiz22/AES/blob/main/Argon2_Implementation.ipynb" target="_parent"><img src="https://colab.research.google.com/assets/colab-badge.svg" alt="Open In Colab"/></a>

In [1]:
import os
from argon2 import PasswordHasher
from argon2.exceptions import VerifyMismatchError

class Argon2Manager:
    """
    A professional-grade Argon2 implementation for academic study.
    Standard: Argon2id (The hybrid version resistant to both side-channel and GPU attacks).

    Argon2 is a memory-hard function designed specifically for password hashing.
    Unlike standard hashes (SHA-256), it is designed to be slow and resource-intensive
    to prevent brute-force attacks.
    """
    def __init__(self, time_cost=3, memory_cost=65536, parallelism=4):
        """
        Initializes the hasher with configurable cost parameters.
        :param time_cost: Number of iterations (CPU effort).
        :param memory_cost: Amount of RAM used in KiB (Memory effort).
        :param parallelism: Number of threads used.
        """
        self.ph = PasswordHasher(
            time_cost=time_cost,
            memory_cost=memory_cost,
            parallelism=parallelism,
            hash_len=32,
            salt_len=16
        )

    def hash_password(self, password: str) -> str:
        """
        Hashes a password. Argon2 handles the random salt generation
        automatically and includes it in the resulting string.
        """
        return self.ph.hash(password)

    def verify_password(self, hashed_password: str, provided_password: str) -> bool:
        """
        Verifies a password against an existing hash.
        """
        try:
            return self.ph.verify(hashed_password, provided_password)
        except VerifyMismatchError:
            return False

# --- Usage Example for Week 14 / Password Security Module ---
if __name__ == "__main__":
    print("--- Argon2id Password Hashing Demo ---")

    # Initialize with academic default parameters
    # (3 iterations, 64MB RAM, 4 threads)
    argon_mgr = Argon2Manager(time_cost=3, memory_cost=65536, parallelism=4)

    user_password = "CorrectHorseBatteryStaple"

    # 1. Generate Hash
    print(f"\nHashing password: {user_password}...")
    password_hash = argon_mgr.hash_password(user_password)

    # The output string contains the parameters, salt, and hash
    print(f"Stored Hash String: {password_hash}")

    # 2. Successful Verification
    is_valid = argon_mgr.verify_password(password_hash, user_password)
    print(f"\nLogin Attempt (Correct Password): {'✅ GRANTED' if is_valid else '❌ DENIED'}")

    # 3. Failed Verification
    wrong_password = "WrongPassword123"
    is_valid_wrong = argon_mgr.verify_password(password_hash, wrong_password)
    print(f"Login Attempt (Wrong Password):   {'✅ GRANTED' if is_valid_wrong else '❌ DENIED'}")

    # 4. Presentation point: Explain the components of the hash string
    print("\n[Breakdown of Argon2 Hash Format]")
    print("$argon2id$v=19$m=65536,t=3,p=4$salt$hash")
    print("m: Memory, t: Time, p: Parallelism")

--- Argon2id Password Hashing Demo ---

Hashing password: CorrectHorseBatteryStaple...
Stored Hash String: $argon2id$v=19$m=65536,t=3,p=4$VUsiEjvufTsD1ZYjReVlIg$IgxBZhC+gXPGJDzDAxwyStuv5BD2kM8Qaf+bfZl4imw

Login Attempt (Correct Password): ✅ GRANTED
Login Attempt (Wrong Password):   ❌ DENIED

[Breakdown of Argon2 Hash Format]
$argon2id$v=19$m=65536,t=3,p=4$salt$hash
m: Memory, t: Time, p: Parallelism
