# Symmetric cryptography using PyNaCl

We are going to use libsodium library to do a practical example of symmetric cipher. First, Alice and Bob establish a common random key using cryptographically secure pseudorandom generators, in this example we skip the Diffie-Hellman key exchange (shown already) and generate a fresh key using the system random.

## Step 1: Generating key using Diffie-Hellman

Alice and Bob need to perform DH exchange protocol to get the key. Here for simplicity we'll generate a random key of 32 bytes with the system random.

In [14]:
import secrets

r = secrets.SystemRandom()

# our key is going to be 32 bytes or lager
key_bytes = 32

key_int = r.getrandbits(8*key_bytes)
key_bytes = key_int.to_bytes(key_bytes, 'big')

# alternativelly you can use the default by nacl package
#key_bytes = nacl.utils.random(key_bytes)

In [15]:
print(f"key in different bases:\n")

print(f"(bytes):\n{key}\n")
print(f"(int):\n{int.from_bytes(key, 'big')}\n")
print(f"(bits):\n{bin(int.from_bytes(key, 'big'))[2:]}\n")
print(f"(individual bytes in integer):\n{[k for k in key]}\n")

key in different bases:

(bytes):
b'\xa9\xa0A^fPS\x07\xd4\x05\xe0\x83\xd4iK|\xbey+6\xc40\xbd\xbbs;\x1d\xdc\x99\xf9\xbf\x99'

(int):
76724018099458986492966865218514208743877189162187690893866404943530533961625

(bits):
1010100110100000010000010101111001100110010100000101001100000111110101000000010111100000100000111101010001101001010010110111110010111110011110010010101100110110110001000011000010111101101110110111001100111011000111011101110010011001111110011011111110011001

(individual bytes in integer):
[169, 160, 65, 94, 102, 80, 83, 7, 212, 5, 224, 131, 212, 105, 75, 124, 190, 121, 43, 54, 196, 48, 189, 187, 115, 59, 29, 220, 153, 249, 191, 153]



## Use PyNaCl to secure communication

In [2]:
import nacl.secret
import nacl.utils

# define a box, an object to encrypt/decrypt
box = nacl.secret.SecretBox(key)

In [9]:
# the message one wants to send
message = b"How much wood would a woodchuck chuck if a woodchuck could chuck wood?"

In [10]:
# nonce (number used once) can be public but never reused for the same key
nonce = nacl.utils.random(nacl.secret.SecretBox.NONCE_SIZE)

# encryption with the message and the nonce
encrypted = box.encrypt(message, nonce)

In [20]:
len(encrypted.ciphertext)

86

In [19]:
len(message)

70

In [18]:
len(nonce)

24

In [17]:
box.MACBYTES

16

In [11]:
# checking the length of the 
assert len(encrypted.ciphertext) == len(message) + box.MACBYTES

In [16]:
plaintext = box.decrypt(encrypted)
print(plaintext)

How much wood would a woodchuck chuck if a woodchuck could chuck wood?
b'How much wood would a woodchuck chuck if a woodchuck could chuck wood?'
