# WEEK 04 - Procedural Programming 3

## Learning Objectives

- Getting familiar with functions and recursion
- Working with file I/O and the CSV format
- Consolidating the use of variables and flow control statements
- Getting familiar with the basics of cryptography
- Using basic cryptography algorithms available in Python

# Encryption

Welcome to the world of Alice and Bob! A magical land in which the sole worry of its noble habitats, Alice and Bob, is the sending and receiving of messages in a safe and secure fashion, and in whose dark corners lurk villains ready to intercept messages.

Your task in the following is to follow Alice and Bob in their intellectual journey in achieving privacy.

To flesh things out, Alice and Bob want to send each other messages but do not want anyone else to find out what their contents are. How can they achieve such a feat?

## Symmetric encryption

One answer is that Alice could create a *secret key* and *lock* her messages using that key. This is called symmetric encryption.

Symmetric encryption can be visualized as follows

<center><img src="figures/symmetric_encryption.png"/></center>

Sounds like a promising idea! Let's give it a try.

Note that *how* we create the secret key and *how* we lock the messages are beyond the scope of this tutorial, and, therefore, we will delegate those details to available implementations. The interested among you can refer to the following [article](https://en.wikipedia.org/wiki/Advanced_Encryption_Standard) for an overview of the *advanced encryption standard* which is one such encryption technique.

Here, we are going to use `cryptography` to encrypt (*lock*) a secret message.

In [6]:
"""
Your task is to encrypt a secret message using symmetric encryption.
""";

from cryptography.fernet import Fernet

# Generate a symmetric key
symmetric_key = Fernet.generate_key()

# Print out the key to see how it looks like
# Run the program a few times and see how the key changes

# Create Fernet object
f = Fernet(symmetric_key)

# Create secret message
# The plain text message must be encoded in bytes before being passed to the encrypt function.
# A string can be encoded in bytes simply by putting the letter b in front of it, i.e., b""
plain_text = b"What the hell!"
# Print out secret message in plain text
print(plain_text)
# Encrypt message using the symmetric key
cipher_text = f.encrypt(plain_text)
print("My cipher key:")
print(cipher_text)
# Print out the encrypted message

# Decrypt the encrypted message
dectrypted_text = f.decrypt(cipher_text)

# Print the decrypted message
print("My decrypted text:")
print(dectrypted_text)

b'What the hell!'
My cipher key:
b'gAAAAABpFv-iELNrIEzJEnNmRfVRIgddT2s_q-mecvW8iMx4tDR5WEW3QC_zmWgiecrwz8Wlvi-MeRLXUKPj3sbrLG896WEIxA=='
My decrypted text:
b'What the hell!'


You should have seen by now how a key can be used to encrypt a message, or more generally, some data. Moreover, the key, used for encryption, can be stored and called up when needed. In fact, this is how the key is typically deployed. Alice generates a key once and uses it to encrypt her messages using the same key in the future.

### File I/O

Just to hammer down these points, let us use the same technique to generate a key, store it in a file, and use it to encrypt a file this time.

But first, we need a file to encrypt. And what better way to generate a file than to use the `csv` module! A CSV file simply contains comma separated values (hence the name) in a row-wise format, e.g.,

```
"Alice",12.10.1990,40.5
"Bob",10.01.1991,85.4
```

could be two rows in a CSV file, where each row comprises three values.

Your task to generate a CSV file with two values in each row, where the first value is an integer $n$ and the second value is its factorial $n!$. Remember that the factorial function is defined as $n! := n \cdot (n - 1) \cdot (n - 2) \cdots \cdot 1$ for all integers $n \ge 1$ and the factorial of zero is 1.

Let us break the task down a bit further. First, we need to write a function that computes the factorial of $n$, where $n \ge 0$. We are going to write a couple of versions of this, one using loops and one using **recursion**. Remember that a [recursive algorithm](https://en.wikipedia.org/wiki/Recursion_(computer_science)) is where the solution to the target problem is arrived at using a repeated solution to smaller problems of the same type and is typically implemented as a function calling itself.

We are first going to implement a non-recursive version of the factorial function.

In [54]:
"""
Your task is to implement the function "factorial" that computes the factorial of a given integer input.
The function must NOT use recursion, i.e., self call.
The input is assumed to be an integer greater than or equal to 0.
""";

# Code here
def factorial(n):
    if n >= 0:
        m = 0
        for i in range(n):
            m += (i-1)*i
            print(m)
        print(m)
    else:
        raise ValueError("The value should be greater or equal to 0!")

def factorial_real(n):
    
    return (n-1)*=(n)
    

factorial_real(4)

SyntaxError: invalid syntax (4110303910.py, line 19)

We are now going to turn our attention to the implementation of the recursive version of the factorial function. It is a good mental exercise to try and break down the computation of $n!$ such that it can be computed repeatedly.

**Hint**: Recursive algorithms often have what is called a *base case*, where the problem cannot be broken down any further.

In [5]:
"""
Your task is to implement the function "factorial" that computes the factorial of a given integer input.
The function MUST use recursion.
The input is assumed to be an integer greater than or equal to 0.
""";

# Code here

Note that by redefining the function `factorial`, you are effectively overwriting it. Make sure that you run the cell containing the recursive version last so that it is used in the following cells.

Now that we have the function to compute factorials, we can move on with our task.

Your next task involves the generation and storage of an encryption key, which you have seen above, on the one hand, and the generation of a CSV file, in which each row comprises the pair $(n, n!)$, where $n := \{n | n \in \mathbb{Z}^{+}_{0} \land n < u \land n \; \text{is a multiple of} \; 3\}$ given an upper bound integer $u$.

In [17]:
"""
Your task is to 
- generate a key
- store the key in a file
- generate a csv file and store it
""";

from cryptography.fernet import Fernet
import csv

# Generate a symmetric key

# Write symmetric key to file
with open('symmetric_key', 'wb') as key_file:
   # key_file.write(<symmetric_key>)

# Upper bound for factorial computation
upper_bound = 16

# Generate and write csv file
with open("factorial.csv", mode='w') as factorial_file:
    writer = csv.writer(factorial_file, delimiter=',')

    # Use writer.writerow([x, y]) to write x and y to the CSV file

You can inspect the generated files and verify that the symmetric key is a random-appearing string, similar to the key generated in the previous exercise above, and that the CSV file contains human-readable numbers.

We would like to use the stored key to encrypt the plain text CSV file using the stored key.

In [19]:
"""
Your task is to use the stored key to encrypt the generated CSV file in the previous exercise:
- Read in the stored symmetric key from disk
- Read in the plain text CSV file from disk
- Encrypt the plain text CSV file using the symmetric key
- Write the encrypted CSV file to disk
""";

# Read the symmetric key
with open('symmetric_key', 'rb') as key_file:
    # symmetric_key = key_file.read()

# Create Fernet object

# Read in the plain text CSV file
with open('factorial.csv', 'rb') as file:
    # plain_text = file.read()

# Encrypt the plain text CSV file

# Write the encrypted CSV file to disk
with open('factorial_encrypted', 'wb') as encrypted_file:
    # encrypted_file.write(<cipher_text>)

You can verify that the encrypted CSV file is not human readable and appears as a random string of characters.

Finally, let us read the encrypted CSV file back from disk and decrypt it.

In [25]:
"""
Your task is to use the stored key to decrypt the encrypted CSV file in the previous exercise:
- Read in the stored symmetric key from disk
- Read in the encrypted CSV file from disk
- Decrypt the encrypted CSV file using the symmetric key
- Write the decrypted CSV file to disk
""";

# Read the symmetric key

# Create Fernet object

# Read in the cipher text CSV file

# Decrypt the cipher text using the symmetric key

# Write the decrypted CSV file to disk

Verify that the decrypted file is human readable and identical in content to the original plain text CSV file.

It may seem that we have reached the end of our journey, triumphant and heroic, having rescued the damsel---and Bob---in distress from the far-reaching hands of the villains.

...Or have we? This is the part where they play chilling music with dissonant notes in movies.

The entire security of symmetric encryption, as you may have guessed, hinges on keeping the secret key secret! In other words, as you have seen, anyone with access to the secret key can gain access to the encrypted data.

At first glance, this may seem reasonable and intuitive; however, after some consideration, you may realize that the current scheme poses a challenge for the given problem. Remember that we started with Alice wanting to send Bob a secret message.

Symmetric encryption solves one problem: no one would be able to read Alice's messages without knowing her secret key. However, it would create an equally challenging problem to solve, namely how could Alice communicate this key to Bob securely such that he can gain access to Alice's message but no one else.

Try to verify for yourself that in the absence of a secure channel, which is the starting assumption in the first place, it would not be possible for Alice and Bob to share their secret keys with each other.

Nevertheless, symmetric encryption has its use cases. For one, it can be used to encrypt data which a single party is allowed to access. In our example, if Alice wants to keep some personal files secure, she can use symmetric encryption as she is the only one with access to the secret key and, thus, the files. As you will see below, symmetric encryption can also play a role in the original problem, namely sending a secret message between Alice and Bob.

## Asymmetric encryption

We are back to the drawing board! It seems that our efforts have been all in vain and Alice and Bob are doomed to live a life of transparency.

After all, how can Alice overcome the chicken-and-egg problem that was posed by symmetric encryption.

One solution came at the advent of some very smart algorithms that function by generating not one but a pair of keys, where one key, referred to as the *public key*, is used for the encryption and one, referred to as the *private key*, for the decryption of information.

This class of encryption is denoted as asymmetric encryption and can be visualized as follows

<center><img src="figures/asymmetric_encryption.png"/></center>

The beauty of asymmetric encryption clearly lies in the algorithms that allow encryption using such a key pair. RSA and Ed25519 are two prevalently used algorithms that enable asymmetric encryption. Nevertheless, the inner workings of such algorithms are outside the scope of this document, see this [article](https://en.wikipedia.org/wiki/Public-key_cryptography) for more detail.

As you may have worked it out yourself, the existence of a key pair as described above largely solves Alice and Bob's problem. If you have not figured it out yet, take a moment and see if you can find a way for them to exchange secret messages securely using the presented scheme.

The answer is that Alice and Bob could each generate a pair of public and private keys. They will then exchange their public keys with each other over a public channel. Now Alice is able to encrypt a secret message using Bob's public key and only Bob is able to decrypt the message using his private key. Vise versa, Bob can encrypt a message using Alice's public key and only Alice can gain access to it using her private key. Note that it is unimportant if third parties gain access to the public keys as they cannot be used to decrypt messages encrypted with the public keys.

Here, we are going to use the [RSA](https://en.wikipedia.org/wiki/RSA_(cryptosystem)) algorithm to encrypt some plain text message. We first need to generate a public/private key pair.

In [8]:
from cryptography.hazmat.primitives import hashes
from cryptography.hazmat.primitives.asymmetric import rsa, padding

def generate_rsa_key_pair():
    # Generate private key
    private_key = rsa.generate_private_key(
        public_exponent = 65537,
        key_size = 2048)

    # Generate public key
    public_key = private_key.public_key()

    # Return key pair
    return public_key, private_key

The next piece of the puzzle is to write a function to encrypt a given message. Remember that the public key is used for encryption. Note that padding is the process of attaching some extra information to the encrypted message, which you can safely ignore for this tutorial.

In [9]:
def rsa_encrypt(message, public_key):
    return public_key.encrypt(
        message,
        padding.OAEP(
            mgf = padding.MGF1(algorithm = hashes.SHA256()),
            algorithm = hashes.SHA256(),
            label = None
        )
    )

The final piece is to write a function to decrypt an encrypted message. Remember that the private key is used for decryption.

In [10]:
def rsa_decrypt(cipher_text, private_key):
    try:
        return private_key.decrypt(
            cipher_text,
            padding.OAEP(
                mgf = padding.MGF1(algorithm = hashes.SHA256()),
                algorithm = hashes.SHA256(),
                label = None))
    except ValueError:
        return "Failed to decrypt"

Let us now put all the pieces together to generate a key pair and encrypt a plain text message using the RSA algorithm.

In [21]:
# Generate key pair
public_key, private_key = generate_rsa_key_pair()

# Plain text message
plain_text = b"What the hell is going on?!"
# Print out secret message in plain text
print("My original message:")
print(plain_text)
# Encrypt using RSA
cypher_text = rsa_encrypt(plain_text, public_key)
# Print out the encrypted message
print("---------------------")
print("My cypher text:")
print(cypher_text)
print("---------------------")
# Decrypt the encrypted message
g = rsa_decrypt(cypher_text, private_key)
# Print the dectrypted message
print("My message:")
print(g)

My original message:
b'What the hell is going on?!'
---------------------
My cypher text:
b'h\xcd"~wd\x06\xfc\xb7\x87\xcf\x18\x14\x149\x0c\xaf<\xafN :\xb2mv.<`\x0b\xaf\xffZu=\xc1\xe0\x11\x07\xfe\xba\x04\x14c\x87 \xfd\xab\xab\x8d\xce\x19\x0e\x83!*\xa3|\xfdK\xc8\xea\xa1\xc5\x7f\xfew\xbdt\xf2\x1e\xdb\xd7\xf1\x96\x03 \xf73\xf4\x006\xfdL\xe4^b\xb9\x03vh\tY+\xba\xac\n\x91\xa7\x15\x01cN)\x8c\x98]\x80~\xbd\xdb \xe7\xd0\x1du\xac\xe3\x15\xe2$T\x8d\xdb\xaf\xea\xcc\x80w(\xb32Q)\xc96\'\xbbD\x13@m\x91\x1c\xc6S\xa1\xc0\xb8\x19#\xba\xb5\xd5F\xb1\xe3S=\x9b\xaa\x88\xf7\xb5\x07\xd5\xa5bU\x9f<\x11\x1c8\x14\x96\xdci\x11\x0c\xac\xe2\xc2\r\xf5\x04\x8d\x1e_\xa0\x02\xea\xa9\xf3\xbc\xbd\xb0{\xa8\x89Zb\xd8\xc3\x0b\xe2\xde\x06N\xb3\x88\xf8%\xbb+\xb8Tr\xcc\x01\xab\xebw\xc88\xbe\xff\x1f\xf1^\xab9\xf4?\xac\xd7\x8a\xb2\x9e\xec\xae-\xa0\xcb\xdf\x1d=V\x05H\x0f`\rK\xa0\xcf~'
---------------------
My message:
b'What the hell is going on?!'


Congratulations! If you have made it this far, you arguably have a good footing in not only procedural programming in Python but also the basics of cryptography.

## Homework

It is now time to put your recently acquired knowledge to the test! In the archive that you have received this notebook, there is a directory named `homework`, in which you will find a secret message. The secret message is encrypted. Your task is to decrypt it and read its content! There may be a reward waiting for you :)

Note that it is common practice to use symmetric cryptography in conjunction with public-key cryptography in order to improve performance. In particular, symmetric cryptography is often used to encrypt the actual data to be encrypted, which can be large, while asymmetric cryptography is used to encrypt only the symmetric key, which is limited in size.

The message is, therefore, encrypted using a symmetric key. The symmetric key is in turn encrypted using a public key, whose private key pairs one of the keys in `homework/keys`. Your task is to write a code that looks for the right key to decrypt the secret message.

**Hint**: The program should first look for the right key to decrypt the encrypted symmetric key. The symmetric key can then be used to decrypt the secret message.

Note that the entire security of public-key cryptography hinges on the secure storage of the private key; therefore, the storage and distribution of private keys, as in here, amounts to blasphemy. However, for educational purposes only, the keys are stored in plain text without further protection.

In [None]:
# Code here

Copyright 2024 &copy; Manuel Saberi, High Performance Computing, Ruhr University Bochum. All rights reserved. No part of this notebook may be reproduced, distributed, or transmitted in any form or by any means, including photocopying, recording, or other electronic or mechanical methods, without the prior written permission of the publisher.