In [None]:
import rsa

# Public Key Cryptography

Public-key cryptography provides a radical departure from all that has gone before. For one thing, public-key algorithms are based on mathematical functions rather than on substitution and permutation. More important, public-key cryptography is asymmetric, involving the use of two separate keys, in contrast to symmetric encryption, which uses only one key. The use of two keys has profound consequences in the areas of confidentiality, key distribution, and authentication, as we shall see.

<img src='public_key_images/public_key_terminology.png' width=50%>

## Public Key Cryptosystem

Asymmetric algorithms rely on one key for encryption and a different but related key for decryption. These algorithms have the following important characteristic.

-  It is computationally infeasible to determine the decryption key given only knowledge of the cryptographic algorithm and the encryption key.

-  Either of the two related keys can be used for encryption, with the other used for decryption.

A public-key encryption  scheme has six ingredients: 

- *Plaintext:*  This is the readable message or data that is fed into the algorithm as input.

- *Encryption algorithm:* The encryption algorithm performs various transformations on the plaintext.

- *Public and private keys:* This is a pair of keys that have been selected so that if one is used for encryption, the other is used for decryption. The exact transformations performed by the algorithm depend on the public or private key that is provided as input.

- *Ciphertext:* This is the scrambled message produced as output. It depends on the plaintext and the key. For a given message, two different keys will produce two different ciphertexts.

- *Decryption algorithm:* This algorithm accepts the ciphertext and the matching key and produces the original plaintext.

<img src='public_key_images/conv_vs_public.png' width=50%>

## Rivest-Shamir-Adleman (RSA) Algorithm

The RSA  scheme is a cipher in which the plaintext and ciphertext are integers between $0$ and $n - 1$ for some $n$. A typical size for $n$ is $1024$ bits, or $309$ decimal digits. That is, $n$ is less than $21024$. 

RSA makes use of an expression with exponentials. Plaintext is encrypted in blocks, with each block having a binary value less than some number n . That is, the block size must be less than or equal to $log_2 (n) +  1$; in practice, the block size is $i$ bits, where $2^i < n \le 2^{i+1}$ . Encryption and decryption are of the following form, for some plaintext block $M$  and ciphertext block $C$.

$C = M^e$  mod $n$ <br>
$M = C^d$  mod $n = (M^e)^d$  mod $n = M^{ed}$  mod  n <br>


Both sender and receiver must know the value of $n$ . The sender knows the value of $e$ , and only the receiver knows the value of $d$. Thus, this is a public-key encryption algorithm with a public key of $PU =  \{e , n\}$ and a private key of $PR = \{d , n \}$. For this algorithm to be satisfactory for public-key encryption, the following requirements
must be met.
1.  It is possible to find values of $e$ , $d$ , $n$  such that $M^{ed}$  mod $n = M$  for all $M < n$.
2.  It is relatively easy to calculate $M^e$  mod $n$ and $C^d$  mod $n$  for all values of $M < n$.
3.  It is infeasible to determine $d$  given $e$  and $n$.

<img src='public_key_images/RSA_algorithm.png' width=50%>

## Key Generation

Before the application of the public-key cryptosystem, each participant must generate a pair of keys. This involves the following tasks.
-  Determining two prime numbers, $p$  and $q$.
-  Selecting either $e$ or $d$ and calculating the other.

**Exercise:** Implement `generate_keys()` to generate public and private keys for a specific user. Using the Python RSA package, generate a public and private keys based on the given number of bits for $n$ (e.g., $n=512$). 

**Hint:** Refer to https://stuvel.eu/python-rsa-doc/usage.html for usage of RSA package.

In [None]:
def generate_keys(user_name, n_bits):
    # empty dictonary with user_name as a key 
    # another dictioary as a value with 'PUBLIC' and 'PRIVATE' keys and None as values 
    ret = {user_name: {'PUBLIC': None,
                       'PRIVATE': None
                      }
          }
    
    # generate public and private keys using RSA package
    (pubkey, privkey) = None
    
    # assign the keys to the corresponding values in ret
    None
    
    return ret
    

## Encryption and Decryption

The essential steps in public key encryption and decryption are shown below:

<img src='public_key_images/public_key_encyption.png' width=50%>

**Exercise:** Implement `public_key_cryptography()` to perform pubic key encryption and decryption. Note that 
- mode: represent whether the encryption is for secrecy or authentication
    - mode == "SECRECY": use public key for encryption. **Hint**: Use RSA encryption and decryption functions for the encryption/decryption algorithms (see https://stuvel.eu/python-rsa-doc/usage.html#encryption-and-decryption).
    - mode == "AUTHENTICATION": use private key for encryption. **Hint**: Use RSA sign and verify functions for the encryption/decryption algorithms (see https://stuvel.eu/python-rsa-doc/usage.html#signing-and-verification).




In [None]:
def public_key_cryptography(plain_input, mode):
    
    assert mode == 'SECRECY' or mode == 'AUTHENTICATION'
    
    # create empty dictionary for keys
    keys = {}
    
    # generate public and private keys for Bob, Joy, Mike, Alice and Ted
    n_bits = 512
    for user_name in ('Bob', 'Joy', 'Mike', 'Alice', 'Ted'):
        # generate key
        ret = None
        
        # update keys dictioanry
        keys.update(None)
    
    # based on the mode, perform ecnryption of plain text at Bob's computer for Alice
    # and decryption and Alice's
   
    
    # if mode == 'SECRECY' implement figure (a) 
    # use RSA encryption and decryption functions
    if mode == 'SECRECY':
        cipher_text = None
        decoded_text = None
        sanity = plain_input == decoded_text
    
    # if mode == 'AUTHENTICATION' implement figure (b)
    # use RSA sign and verify function
    elif mode == 'AUTHENTICATION':
        cipher_text = None
        hash_used = None
        sanity = hash_used == 'SHA-1'
        
        
    
    
    return sanity

In [None]:
plain_input = bytes('hello world'.encode())
print('Public Key cryptography with public key: ', public_key_cryptography(plain_input, mode='SECRECY'))
print('Public Key cryptography with private key: ', public_key_cryptography(plain_input, mode='AUTHENTICATION'))