#### <center> Module 4b - Asymmetric Cryptographic Primitives 
## <center> ENGR 580A2: Secure Vehicle and Industrial Networking
## <center> <img src="https://www.engr.colostate.edu/~jdaily/Systems-EN-CSU-1-C357.svg" width="600" /> 
### <center> Instructor: Dr. Jeremy Daily<br>Fall 2021

## Learning Objectives
By the end of this exercise, students should be able to
1. Use asymmetric encryption algorithms to encrypt messages
1. Use asymmetric encryption algorithms for envelope encryption
by using RSA public-private key pairs.

In [None]:
# Install some prequisites
# Be sure version 3.1 or higher is installed
%pip install --upgrade --user cryptography

## Proposition: 

### Confidentiality
Alice would like to send a message to Bob such that only Bob can read it.

Bob sends Alice his public key. He doesn't care if anyone else can read it. 

Alice uses Bob's public key to encrypt data and send it back to Bob.

Bob decrypts the data with his private key. 

<img src="Asymmetric Encryption Primitives - Send Secret Message.svg"/> 



Let's work out these scenarios with some code. We'll use the RSA asymmetric key for this example.

In [None]:
# Import only the modules we need
from cryptography.hazmat.primitives.asymmetric import rsa
from cryptography.hazmat.primitives import serialization
from cryptography.hazmat.primitives import hashes
from cryptography.hazmat.primitives.asymmetric import padding

https://cryptography.io/en/latest/hazmat/primitives/asymmetric/rsa/

## Generate Keys for Alice

In [None]:
#Alice needs to generate a key pair
private_key_for_alice = rsa.generate_private_key(
                         public_exponent=65537,
                         key_size=2048 # should use at least 4096, but smaller keys are easier to display
                        )
private_key_for_alice

In [None]:
# let's see what this looks like. We'll serialize the key and render it in ascii text (base64 encoded)
private_pem_for_alice = private_key_for_alice.private_bytes(
    encoding=serialization.Encoding.PEM,
    format=serialization.PrivateFormat.TraditionalOpenSSL,
    encryption_algorithm=serialization.NoEncryption()
 )
print(private_pem_for_alice.decode('ascii'))

In [None]:
#To send out the public key, we have to derive it from the private key and serialize it
public_key_for_alice = private_key_for_alice.public_key()
public_key_for_alice

In [None]:
#Let's serialize it so we can send it accross the network to bob (and everyone)
public_pem_key_for_alice = public_key_for_alice.public_bytes(
       encoding=serialization.Encoding.PEM,
       format=serialization.PublicFormat.SubjectPublicKeyInfo
)
print(public_pem_key_for_alice.decode('ascii'))

## Generate Keys for Bob

In [None]:
#Bob also needs to generate a key pair
private_key_for_bob = rsa.generate_private_key(
                         public_exponent=65537,
                         key_size=2048 # should use at least 4096, but smaller keys are easier to display
                        )
private_key_for_bob

In [None]:
# let's see what this looks like. We'll serialize the key and render it in ascii text (base64 encoded)
private_pem_for_bob = private_key_for_bob.private_bytes(
    encoding=serialization.Encoding.PEM,
    format=serialization.PrivateFormat.TraditionalOpenSSL,
    encryption_algorithm=serialization.NoEncryption()
 )
print(private_pem_for_bob.decode('ascii'))

In [None]:
# Bob extracts the public key 
public_key_for_bob = private_key_for_bob.public_key()
public_key_for_bob

In [None]:
#Let's serialize it so we can send it across the network to Alice (and everyone)
public_pem_key_for_bob = public_key_for_bob.public_bytes(
       encoding=serialization.Encoding.PEM,
       format=serialization.PublicFormat.SubjectPublicKeyInfo
)
print(public_pem_key_for_bob.decode('ascii'))

## Alice Sends a Message to Bob

In [None]:
# Alice has a message for Bob:
plain_text = b'We choose to go to the Moon in this decade and do the other things, not because they are easy, but because they are hard;'
plain_text

In [None]:
public_pem_key_for_bob

In [None]:
# Alice needs Bob's public key as the encryption key
# Alice gets Bob's PEM key (as bytes) and converts it into a usable form
encryption_key = serialization.load_pem_public_key(public_pem_key_for_bob)
encryption_key

In [None]:
# Alice encrypts the message with Bob's public key
cipher_text_from_alice = encryption_key.encrypt(
     plain_text,
     padding.OAEP(
         mgf=padding.MGF1(algorithm=hashes.SHA256()),
         algorithm=hashes.SHA256(),
         label=None
     )
 )
cipher_text_from_alice

In [None]:
import base64

In [None]:
# To send this to Bob, we need to encode it in base64 and then transmit it 
# across the network.
message_from_alice = base64.b64encode(cipher_text_from_alice)
message_from_alice

In [None]:
# Only bob can decrypt the message. If Alice tries, it won't work
plaintext = private_key_for_alice.decrypt(
     base64.b64decode(message_from_alice),
     padding.OAEP(
         mgf=padding.MGF1(algorithm=hashes.SHA256()),
         algorithm=hashes.SHA256(),
         label=None
     )
 )

In [None]:
#Only Bob can decrypt the message with his private key, which was kept safe.
plaintext = private_key_for_bob.decrypt(
     base64.b64decode(message_from_alice),
     padding.OAEP(
         mgf=padding.MGF1(algorithm=hashes.SHA256()),
         algorithm=hashes.SHA256(),
         label=None
     )
 )
plaintext

## There's more to it
What happens if the message is actually longer? For example, we wanted to include more content.
Let's make the message longer and repeat the process.

In [None]:
plain_text = plaintext + b' because that goal will serve to organize and measure the best of our energies and skills, because that challenge is one that we are willing to accept, one we are unwilling to postpone, and one we intend to win, and the others, too.'
plain_text

In [None]:
# Alice encrypts the message with Bob's public key
cipher_text_from_alice = encryption_key.encrypt(
     plain_text,
     padding.OAEP(
         mgf=padding.MGF1(algorithm=hashes.SHA256()),
         algorithm=hashes.SHA256(),
         label=None
     )
 )
cipher_text_from_alice

# Envelope Encryption
In the previous example, the size limitations of the message became apparent. Asymmetric encryption is not very good at encrypting long messages. Instead, the approach is to encrypt long messages with a symmetric cipher, then use asymmetric encryption to encipher the key. You can then send both the enciphered key and the ciphertext together.

Recall symmetric encryption using the Fernet recipe: https://cryptography.io/en/latest/fernet/

<img src="Asymmetric Encryption Primitives - Envelope Encryption.svg"/> 

Let's work out this scenario.

In [None]:
# Alice has a long message to send to Bob
plain_text

In [None]:
# This message must be encrypted using a symmetric cipher.
from cryptography.fernet import Fernet
key = Fernet.generate_key()
# This key should be unique for each operation.
key

In [None]:
f = Fernet(key)
cipher_text = f.encrypt(plain_text)
cipher_text

In [None]:
# If the key is sent along with the token, then extracting the message is trivial.
# Therefore, we must protect the key.
# Alice already has Bob's public key, so let's use that to encrypt the key.
protected_key_from_alice = encryption_key.encrypt(
     key,
     padding.OAEP(
         mgf=padding.MGF1(algorithm=hashes.SHA256()),
         algorithm=hashes.SHA256(),
         label=None
     )
 )
protected_key_from_alice

In [None]:
# Let's create a message for transmission across the internet.
# Use the JSON format
import json

In [None]:
#Raw bytes need to be base64 encoded, then decoded into python strings
# The Fernet recipe already produces a base64 encoded output
message_for_bob = {
    'protected_key': base64.b64encode(protected_key_from_alice).decode('utf-8'),
    'cipher_text': cipher_text.decode('utf-8')
}
message_for_bob

In [None]:
# This is a dictionary
# It works within Python, but isn't able to be sent across the Internet.
type(message_for_bob)

In [None]:
# We can serialize a dictionary 
json_for_bob = json.dumps(message_for_bob, indent=4)
print(json_for_bob)

In [None]:
# This is simply formated and encoded text data and
# it can be sent safely through the Internet
type(json_for_bob)

In [None]:
# Once Bob recieves the message, he can decrypt the key, then decrypt the message. 
# (i.e. open the envelope, then read the letter)
message_from_alice = json.loads(json_for_bob)
message_from_alice

In [None]:
# The message from alice is loaded into a dictionary
type(message_from_alice)

In [None]:
# Let's extract the key
key_bytes = base64.b64decode(message_from_alice['protected_key'])
print(key_bytes)

In [None]:
# This should match the example above. Let's decrypt this ciphertext.
# Only Bob can decrypt using his private key
key_for_bob = private_key_for_bob.decrypt(
     key_bytes,
     padding.OAEP(
         mgf=padding.MGF1(algorithm=hashes.SHA256()),
         algorithm=hashes.SHA256(),
         label=None
     )
 )
key_for_bob

In [None]:
# We now have the Fernet symmetric key, so we can decrypt the message (as bytes)
f = Fernet(key_for_bob)
plaintext_for_bob = f.decrypt(message_from_alice['cipher_text'].encode('ascii'))
plaintext_for_bob

This is great! We are no longer limited by the size constraints of RSA encryption. We just focus on encrypting the symmetric key to take advantage of the speed and size of symmetric (i.e. AES-CBC) encryption.

## Class Exercise

Please send me an encrypted form of the Star Spangled Banner (or some other meaningful text).

Use these specifications:
1. RSA with 2048 bit key
2. The message I receive should be in a JSON format with two fields:
    1. 'protected_key': a base64 encoded RSA public key encrypted output of the Fernet key used for enciphering the message.
    1. 'cipher_text': The output of the Fernet encryption

In [None]:
#Using triple quotes keeps the message format by inserting newline characters
text_to_send = b'''O say can you see, by the dawn's early light,
What so proudly we hailed at the twilight's last gleaming,
Whose broad stripes and bright stars through the perilous fight,
O'er the ramparts we watched, were so gallantly streaming?
And the rocket's red glare, the bombs bursting in air,
Gave proof through the night that our flag was still there;
O say does that star-spangled banner yet wave
O'er the land of the free and the home of the brave?'''
text_to_send

In [None]:
# Open a locally stored PEM key and create a private key object
with open('Daily_Private_RSA2048_key.pem','rb') as pem:
    private_key_for_daily = serialization.load_pem_private_key(pem.read(),password=None)
private_key_for_daily

In [None]:
# Generate the sharable public key
public_key_for_daily = private_key_for_daily.public_key()
public_key_for_daily

In [None]:
# Produce a format that we can share
public_pem_key_for_daily = public_key_for_daily.public_bytes(
       encoding=serialization.Encoding.PEM,
       format=serialization.PublicFormat.SubjectPublicKeyInfo
)
print(public_pem_key_for_daily.decode('ascii'))
with open('Daily_Public_RSA2048_key.pem','wb') as f:
    f.write(public_pem_key_for_daily)

Now, follow some of the steps and make a message for me that I can run through the following function to decode your message.

In [None]:
import json
import base64
from cryptography.fernet import Fernet
from cryptography.hazmat.primitives.asymmetric import rsa
from cryptography.hazmat.primitives import serialization
from cryptography.hazmat.primitives import hashes
from cryptography.hazmat.primitives.asymmetric import padding
from cryptography.hazmat.backends import default_backend

def encrypt_class_message(plain_text,public_pem_key):
    public_key = serialization.load_pem_public_key(public_pem_key.encode('utf-8'))
    print(public_key)
    unique_key = Fernet.generate_key()
    print(unique_key)
    f = Fernet(unique_key)
    cipher_text = f.encrypt(plain_text.encode('ascii'))
    print(cipher_text)
    protected_key = public_key.encrypt(
         unique_key,
         padding.OAEP(
             mgf=padding.MGF1(algorithm=hashes.SHA256()),
             algorithm=hashes.SHA256(),
             label=None
         )
     )
    message_dict = {
        'protected_key': base64.b64encode(protected_key).decode('utf-8'),
        'cipher_text': cipher_text.decode('utf-8')
    }
    json_with_encrypted_message = json.dumps(message_dict)
    return json_with_encrypted_message

In [None]:
daily_pub_pem = """-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1bHZs7RxSNTk+Z1MMkHE
v7F7WK5oxLmJ9HypDyagbF4csmwCqsnhMwqJ9vEi3zmlE3VtjfrjpNSJSSvr1RDV
mxh7yz7z+sKvH+JBccMxmFS7/IrKZpNLJPnSY4JlrrCVKYhGwcx0z+kr0Xd4fi97
NVH7xSZaVTXJ+SC19j4EN/gb8nWcYk6umBJmVF688RdOeHQ6ZE3hLbUhKW48oDu1
u8YyRWIHNYyxZXz7G7ojuosd69e7bkO2GR0gAmQpZhXurxD5EGJLYWKvNFYcWPux
YJvgjlmBJCcGz4lKSJcdNzZfSg2YLqopKLcKmNSR9NmywpXIMu0S3wUAWJ7SgGMm
XQIDAQAB
-----END PUBLIC KEY-----"""

encrypt_class_message("Hello!",daily_pub_pem)

In [None]:
def decrypt_class_message(json_from_student,private_pem_key):
    message_from_student = json.loads(json_from_student)
    key_bytes = base64.b64decode(message_from_student['protected_key'])
    ##
    ## Fill in this part for the exercise
    ##
    plaintext_message = f.decrypt(message_bytes)
    return plaintext_message

In [None]:
# Example
# This cell won't run if the Private Key file is not available.
with open('Daily_Private_RSA2048_key.pem','rb') as pem:
    private_pem_key = pem.read()

In [None]:
# Who can send me a message through chat?
# Replace the student variable here with your message and try it out.
jeremy = '{"protected_key": "CkWAuKAXMi+BXF/cHRts4VDnp9437JGZCaga/PKFgCglA6q87KxLjS03Xxpa1rwAjP4dyx9lzFfSlyEOdhh45diGXBA2fN7tezJ2W/WTDbv2Sg7K9Bfs0BsXA3uEpuE+5Nj2fPIOC2RYWE1VMhg37OcsOO9xbOpuDzcRACGzWFtCT4R7l5+nLO9u3y9I4UdGYFM4njHriiUcXdFiJD8TbczVRAjt2bi2Pi5RX3tzmhrWlFVyQFELvcCKHv93tfvw7bTzA4QCMyVB4nmT8dsAnqE+SM5KWoDIODEMSRDlpNQz8MCvlkK7dyjDiT9O9a1Q6kaI/qrOHPo+BXXqSgULgw==", "cipher_text": "gAAAAABhQ-8Ecam7MIfrsTrg40qPQnBlgx4ceyMVDbunVMS5D0M8YOmbslEmR7aw_WAjMgYIoNbMV2xHeHCcNxd7Ukiuo8kUIA=="}'
bob = '{"protected_key": "KEo8SI4tLYafiLuqAAsPHE3Vz54ICWXC3UrU6RYpDQf68JPT7B5re10QysECFXausqZuoBcJXjKLqVwW1Ezxk8gKBZsoytJs0PcaMOeLNV9lf1eLAmdjfdiBG8F382rA2QYb5l7q9PfWwDqSL6K7rXaZmBt1i8hZdZ1xxXhcbuFYgF1cN5kNOR7lhrnqPvtqRFi6WmXD52yMwJmyc8Fd7v0UTg5aGJu/uW1WtT6rBao0L+nAA53aGAYiTGkN5JqA+sIytMA6cslFABeTnOXhUS7sPsSYOtpOBpyiM/lPYeEQpl/SSdpBgeD1yumrvNNmLhKLbbgIyfGBvDZBR5DnBg==", "cipher_text": "gAAAAABfbeFZiMpdzgj1ef_irV8Xq1H68PpbM9AYgDJaxjY6tYkAiMa8ZvVVJGisnzcqgb0vEVo6qqB-SZTh2numILEp6jReOoHw_8ElX9iWAysKg7rFrbr_0_eFsnnPVeZonoa7p9BR6Mo9iLmzn1vMh2Hs40XUcXXF5hn_9f1QDs-jA7XkbAieReLguEt6k4TyKQSkD2tgk1iTMhvShfhLQX-Ocv_gwvjtcJlQV4u9sdzIwL06VST-YGLVSqfxTVOpdIodxPz8V6l4vIBWNMNiwrzxFloYrj8M0RCMoXITV23HKIVacFnEJa4SPI_I2tKpGMyNiUEBpBpXlK7a9PDxI_y03Cnw8gIe4TzUDdgDRhsbhdfWEYxfTcUxr8A7db48WjJvdgVlphSgT4YsesN7vbJCKHAPw1m_CJI0SXdMVRhlxfEDOauPB_UHWEEh7suqVFZ5xkJ0dIbmdHYqxnxwv0Sx6L3Zu3bGnK1IU_pl7wI4vRh8lW7R0TwJsHZZfmqIKgzgy4VPCjmIWl1bLn7M9w8IveVdu5e_Jkvq7rdfoWaQmw_gQFA1-2E6yB3Q0VTcBALnEIGtTZ1vg8cv-D3GhBdMdCNsp8IuhtY5UcGqNJjbpqDYrxfyW50bsvMnvAVLcGr51Dy-Lrz2rWqep8Fk8831OSbF6Q=="}'
student = bob
#student = jeremy
decrypt_class_message(student,private_pem_key)

## Summary
We worked with RSA asymmetric encryption to send confidential traffic to a specific person. 

We used envelope encryption to send large messages with symmetric ciphers because asymmetric encryption is too slow and size limited. 

We used asymmetric encryption to digitally sign messages to determine if they have been altered.


A question still remains: How can we trust Alice is who she says? What if Eve is in the middle pretending to be Alice?
