# SYMMETRIC ENCRYPTION 

The same key is used for encryption and decryption in symmetric encryption. 

## Monoalphabetic Substitution (Historical) Ciphers 

### Caesar Cipher / Shift Cipher

<img src="./9.Images/CC.jpg" alt="Caasar Cipher, how does it work?"/><br>
Traditional Caesar Cipher key is 3.<br>
This means 'A' becomes 'D' and 'B' becomes 'E'...<br>
Traditional Caesar Cipher uses upper case.<br>
Below you can test the implementation of Caesar Cipher in Python.<br>
Since selecting key 3 is trivial to implement, we let the user to choose the key.<br>
For instance, if the key is selected as 5 then 'A' will be shifted 5 characters and becomes'F'.

In [1]:
# Caesar Cipher
def caesar_cipher(text, shift):
    encrypted_text = ""
    for char in text:
        if char.isalpha():  # Check if the character is a letter
            if char.islower():
                shifted_char = chr(((ord(char) - ord('a') + shift) % 26) + ord('a'))
            else:
                shifted_char = chr(((ord(char) - ord('A') + shift) % 26) + ord('A'))
        else:
            shifted_char = char
        encrypted_text += shifted_char
    return encrypted_text

def caesar_decipher(text, shift):
    return caesar_cipher(text, -shift)

In [2]:
plaintext = input(f'Input the text to encrypt')
shift = int(input(f'Input the shift'))
encrypted = caesar_cipher(plaintext,shift)
print("Encrypted "+ "\'"+ plaintext +"\'"+ " is "+"\'"+ encrypted+"\'")

Encrypted 'Cryptanalysis in Action Course, EC-Council' is 'Fubswdqdobvlv lq Dfwlrq Frxuvh, HF-Frxqflo'


In [3]:
decrypted = caesar_decipher(encrypted, shift)
print("Deciphered "+"\'"+  encrypted +"\'"+  " is "+ "\'"+ decrypted + "\'")

Deciphered 'Fubswdqdobvlv lq Dfwlrq Frxuvh, HF-Frxqflo' is 'Cryptanalysis in Action Course, EC-Council'


### General Substitution Cipher
<img src="./9.Images/GSC.jpg" alt="General Substitution Cipher"><br>
Similar to Caesar Cipher, but we create a mixed alphabet and send the message with the matching letter for the plaintext letter.<br>
The possible keys are 26! ~ 2^88<br>
The general substitution cipher can bebroken using frequency analysis.<br>

In [4]:
import random

alphabet = ['a','b','c','d','e','f','g','h','i','j','k','l','m','n','o','p','g','r','s','t','u','v','w','x','y','z']
cipher_alphabet = ['a','b','c','d','e','f','g','h','i','j','k','l','m','n','o','p','g','r','s','t','u','v','w','x','y','z']

n = len(alphabet)-1
for i in range(n):
    rand_i = random.randint(0,n)
    tmp = cipher_alphabet.pop(rand_i)
    cipher_alphabet.append(tmp)
print(cipher_alphabet)
lookup = dict(zip(alphabet,cipher_alphabet))
              
def general_sub_cipher_encrypt(message):
    encrypted_message = ""
    for char in message:
        if char.isalpha():
            if char.isupper():
                tmp = lookup[char.lower()]
                encrypted_char = tmp.upper()
                encrypted_message += encrypted_char
            else:
                encrypted_char = lookup[char]
                encrypted_message += encrypted_char
        else:
            encrypted_message += char
    return encrypted_message


def general_sub_cipher_decrypt(encrypted_message):
    decrypted_message = ""
    for char in encrypted_message:
        if char.isalpha():
            if char.isupper():
                tmp = char.lower()
                for key, value in lookup.items():
                    if tmp == value:
                        decrypted_message += key
            else:
                for key, value in lookup.items():
                    if char == value:
                        decrypted_message += key             
        else:
            decrypted_message += char
    return decrypted_message

['c', 'f', 'h', 'i', 'j', 'n', 'o', 'w', 'g', 'e', 'l', 'x', 'g', 'v', 'k', 'b', 'd', 'u', 'z', 'a', 't', 'y', 's', 'm', 'p', 'r']


In [5]:
# Get the user input for ciphertext
print("General Substitution Cipher Encryption Example -->")
plaintext = input("Please input the plaintext: ")
print("Plaintext: " + plaintext)
ciphertext = general_sub_cipher_encrypt(plaintext)
print("Encryption result: " + ciphertext)

General Substitution Cipher Encryption Example -->
Plaintext: Cryptanalysis in Action. Cryptography is fun.
Encryption result: Hupbacvcxpzgz gv Chagkv. Hupbakducbwp gz ntv.


In [6]:
# Get the user input for paintext
print("General Substitution Cipher Decryption Example -->")
ciphertext = input("Please input the ciphertext: ")
print("Ciphertext: " + ciphertext)
ciphertext = general_sub_cipher_decrypt(ciphertext)
print("Decryption result: " + plaintext)

General Substitution Cipher Decryption Example -->
Ciphertext: Hupbacvcxpzgz gv Chagkv. Hupbakducbwp gz ntv.
Decryption result: Cryptanalysis in Action. Cryptography is fun.


## Polyalphabetic Substitution Ciphers
With monoalphabetic ciphers, every time we saw a given input (with some key) it become a given output.<br>
We hid the original character, but we failed to hide the underlying language.<br>


### Vigenère Cipher
Invented by Blaise de Vigenere c. 1550, considered unbreakable for 300 years, <br>
broken by Charles Babbage, and used by the South in the U.S. Civil War.<br>
<br>
We treat that top row as the Caesar cipher key and the leftmost column as the plaintext.<br> 
Then, the middle stuff is the ciphertext.<br>
You can see how each column is just a shift of the alphabet, according to the key. An example follows in the next few slides.<br>

<img src="./9.Images/VC.jpg">
<br>
Key = ROPE<br>
<br>
M = ATTACK AT DAWN<br>
K = ROPERO PE ROPE<br>


In [7]:
def vignere_ciher_encrypt(plaintext, key):
    ciphertext = ""
    key_index = 0
    for char in plaintext:
        if char.isalpha():
            key_char = key[key_index % len(key)]
            if char.isupper():
                base = ord('A')
            else:
                base = ord('a')
            encrypted_char = chr((ord(char) - base + ord(key_char) - base) % 26 + base)
            ciphertext += encrypted_char
            key_index += 1
        else:
            ciphertext += char
    return ciphertext


def vignere_ciher_decrypt(ciphertext, key):
    plaintext = ""
    key_index = 0
    for char in ciphertext:
        if char.isalpha():
            key_char = key[key_index % len(key)]
            if char.isupper():
                base = ord('A')
            else:
                base = ord('a')
            decrypted_char = chr((ord(char) - base - (ord(key_char) - base) + 26) % 26 + base)
            plaintext += decrypted_char
            key_index += 1
        else:
            plaintext += char
    return plaintext

In [8]:
# Get the user input for ciphertext
print("Vignere Cipher Encryption Example -->")
plaintext = input("Please input the plaintext: ")
key = input("Please input the key: ")
print("Plaintext: " + plaintext)
ciphertext = vignere_ciher_encrypt(plaintext, key)
print("Encryption result: " + ciphertext)

Vignere Cipher Encryption Example -->
Plaintext: This is a test for the Vignere Cipher. 
Encryption result: Djkg cf c bpwv hcl gjm Mmipslr Kqalgt. 


In [9]:
# Get the user input for plaintext
print("Vignere Cipher Decryption Example -->")
ciphertext = input("Please input the ciphertext: ")
key = input("Please input the key: ")
print("Ciphertext: " + ciphertext)
plaintext = vignere_ciher_decrypt(ciphertext, key)
print("Decryption result: " + plaintext)

Vignere Cipher Decryption Example -->
Ciphertext: Djkg cf c bpwv hcl gjm Mmipslr Kqalgt. 
Decryption result: This is a test for the Vignere Cipher. 


### One-Time Pad

What if we changed the rules for using the Vigenère cipher to the following:<br>
<ol>
<li>Have a key as long as the message (is non-repeating)</li>
<li>A randomly generated key</li>
</ol>
<em>How could this be broken? If the key was used on multiple messages, we could still analyze each 1st letter of every message to get a frequency distribution.<br>
We need about 20 messages or so to do it.</em><br>

OTP becomes the known unbreakable encryption if:<br>
<ol>
<li>Have a key as long as the message (is non-repeating)</li>
<li>Use a randomly generated key</li>
<li>The key is never used on another plaintext</li>
</ol>
Because:<br>
<ol>
<li>The use of the key, there are no statistics to use for plaintext extraction</li>
<li>Brute force is too expensive and even if the resulting messages are all different you cannot tell which message is the genuine one.</li>
</ol>
Problems:<br>
<ol>
<li>Key distribution</li>
<li>The key must be as long as the message</li>
<li>Keys must be random.</li>
</ol>


## Transposition/Permutation Ciphers
Until this point, we try to hide secrets using the substitution operation. Transposition is rearranging the characters in a reversible way to obtain plaintext later.<br>
Take a table and write the message in columns and read it off in rows.<br>

M = ATTACKTODAY<br>

<table>
<tr>
<td>A</td>
<td>A</td>
<td>T</td>
<td>A</td>
</tr>
<tr>
<td>T</td>
<td>C</td>
<td>O</td>
<td>Y</td>
</tr>
<tr>
<td>T</td>
<td>K</td>
<td>D</td>
<td> </td>
</tr>
</table>

C = AATATCOYTKD<br>


<table>
<tr>
<td>K</td>
<td></td>
<td></td>
<td></td>
<td></td>
</tr>
<tr>
<td>3</td>
<td>A</td>
<td>A</td>
<td>T</td>
<td>A</td>
</tr>
<tr>
<td>1</td>
<td>T</td>
<td>C</td>
<td>O</td>
<td>Y</td>
</tr>
<tr>
<td>2</td>
<td>T</td>
<td>K</td>
<td>D</td>
<td> </td>
</tr>
</table>

C = TCOYTKDAATA


## Modern Block Ciphers

### DES 3DES AES

In [10]:
%pip install pycryptodome
# to testing with python -m Crypto.SelfTest
%pip install pycryptodome-test-vectors
# If PyCrypto is installed (it is the case for Anaconda)
%pip install pycryptodomex

Note: you may need to restart the kernel to use updated packages.
Note: you may need to restart the kernel to use updated packages.
Note: you may need to restart the kernel to use updated packages.


In [11]:
# DES Example

from Cryptodome.Cipher import DES

def pad(text):
    n = len(text) % 8
    return text + (b' ' * n)


key = b'hello123'
text1 = b'Cryptography is the best'

des = DES.new(key, DES.MODE_ECB)

padded_text = pad(text1)
encrypted_text = des.encrypt(padded_text)

print(encrypted_text)
print(des.decrypt(encrypted_text))

b'\xf3w\x1a\xf5\xb4\xc85\xcf\x0f\xb9\xcc\x08\xe7M=O\x7f\x89E;\xd6`\xe8\x18'
b'Cryptography is the best'


In [12]:
%pip install pyaes
%pip install pbkdf2

import pyaes, pbkdf2, binascii, os, secrets

# Derive a 256-bit AES encryption key from the password
password = "s3cr3t*c0d3"
passwordSalt = os.urandom(16)
key = pbkdf2.PBKDF2(password, passwordSalt).read(32)
print('AES encryption key:', binascii.hexlify(key))

Note: you may need to restart the kernel to use updated packages.
Note: you may need to restart the kernel to use updated packages.
AES encryption key: b'5dd2f9dbb70a533d81c4ce5e8ff248e7aabc4d1daf7687d3c543e91a8253735e'


In [13]:
# Encrypt the plaintext with the given key:
#   ciphertext = AES-256-CTR-Encrypt(plaintext, key, iv)
iv = secrets.randbits(256)
plaintext = "Text for encryption"
aes = pyaes.AESModeOfOperationCTR(key, pyaes.Counter(iv))
ciphertext = aes.encrypt(plaintext)
print('Encrypted:', binascii.hexlify(ciphertext))

Encrypted: b'a70210cbdf31e1c9b4bfefbd0137f96eaf9e6f'


In [14]:
# Decrypt the ciphertext with the given key:
#   plaintext = AES-256-CTR-Decrypt(ciphertext, key, iv)
aes = pyaes.AESModeOfOperationCTR(key, pyaes.Counter(iv))
decrypted = aes.decrypt(ciphertext)
print('Decrypted:', decrypted)

Decrypted: b'Text for encryption'


In [15]:
key = os.urandom(32)   # random decryption key
aes = pyaes.AESModeOfOperationCTR(key, pyaes.Counter(iv))
print('Wrongly decrypted:', aes.decrypt(ciphertext))

Wrongly decrypted: b"\x93\xca\x08\xb1\xfe)\xaf\xd1\xcf\x8f=\xe1s'\xa0O\xd9\xf6r"


In [16]:
from Cryptodome.Cipher import AES
import binascii, os

def encrypt_AES_GCM(msg, secretKey):
    aesCipher = AES.new(secretKey, AES.MODE_GCM)
    ciphertext, authTag = aesCipher.encrypt_and_digest(msg)
    return (ciphertext, aesCipher.nonce, authTag)

def decrypt_AES_GCM(encryptedMsg, secretKey):
    (ciphertext, nonce, authTag) = encryptedMsg
    aesCipher = AES.new(secretKey, AES.MODE_GCM, nonce)
    plaintext = aesCipher.decrypt_and_verify(ciphertext, authTag)
    return plaintext

secretKey = os.urandom(32)  # 256-bit random encryption key
print("Encryption key:", binascii.hexlify(secretKey))

msg = b'Message for AES-256-GCM + Scrypt encryption'
encryptedMsg = encrypt_AES_GCM(msg, secretKey)
print("encryptedMsg", {
    'ciphertext': binascii.hexlify(encryptedMsg[0]),
    'aesIV': binascii.hexlify(encryptedMsg[1]),
    'authTag': binascii.hexlify(encryptedMsg[2])
})

decryptedMsg = decrypt_AES_GCM(encryptedMsg, secretKey)
print("decryptedMsg", decryptedMsg)

Encryption key: b'7162c72733fcc3f1c661118778afc264b3087fc23685598cb25bd1be8608c6fc'
encryptedMsg {'ciphertext': b'3d7fac19f62837a1e3a78537c07875bf35b41969068b9ce34ae25e42f3711642b05d8c59a2bf2400ed554e', 'aesIV': b'303fc45a81e45f789310fe17a0f54d50', 'authTag': b'9d9f5c90ead41f4bd1da39be34f03e84'}
decryptedMsg b'Message for AES-256-GCM + Scrypt encryption'


### PKCS #5 Padding
Hexadecimal padding of a 64-bit block<br>
1 byte:   01<br>
2 bytes:  0202<br>
3 bytes:  030303, up to<br>
8 bytes:  0808080808080808<br>
Always adds padding, so the last byte is guaranteed to be a pad byte<br>
This allows the padding to be removed unambiguously after decryption<br>

<img src="./9.Images/Pad.jpg">

## Modes in Symmetric Encryption
There are many modes of operation. <br>
We go over the details of them in our course content.<br>
Fundamentally using modes in encryption serves different purposes. One mode is more applicable to streaming data the other is more suitable for the data-at-rest.


## CONCLUSION
We concluded our explanation about the symmetric cryptographic applications.