# Cryptography: Symmetric Ciphers

This series is intended to be a layperson friendly explantion of the basics of cryptography. 

As with anything complex, there is jargon that makes the topic seem inaccessible. You'll see the most import terms and their defintions in bold throughout this walk through. Like this! 
* **term** *definition*

Also! we will give you some extra info in blockquotes, like this 
> This info is good to know but dont worry no one is testing you on it 

Finally! There is no better way to learn then getting your hands dirty! We will ease you in by giving you 
```code snippets```
 but it will soak in a little better if you type it yourself instead of copying and pasting. 

## What is "cryptography"? 

The word "cryptography" comes from a combination of the Ancient Greek words kryptós for “hidden or secret” and graphein which is “to write”. At its most basic it is the ability to send and receive a private message. The *key* is that you want your recipient and only your recipient to be able to read the message. Therefore, in most cases cryptography is a 2-way street in hiding AND unhiding a communicated message.


## What is a cipher?

A cipher is a **cryptographic algorithm** that provides a way to encrypt as well as decrypt data. This allows someone to jumble up some info, send it safely without revealing the content, and have someone at the other end un-jumble it to see the original info.

But it’s useless if we can’t control who is able to decrypt the message. Fortunately, there is another input to a cipher – the **key**! This is the small piece of information that is necessary in order to encrypt and decrypt information with a cipher. Some ciphers require other small details as well such as an initialization vector, but we are not going to focus on those for now.

* **Cryptographic Algorithm** *is just a fancy term for jibberish instructions. It’s what we call the ruleset that is used to take data from one state to another and (most of the time) back.*

* A **key** *is a piece of information used as input into an encryption or decryption algorithm in addition to the data that needs to be transformed. The data cannot properly be transformed without the proper key data.*


## Let's make it easy!

In this walk through we will use the **Cryptographic Algorithms** implemented in the Python Cryptography Toolkit (pycrypto). Pycrypto is a collection of both secure hash functions (such as SHA256 and RIPEMD160), and various encryption algorithms (AES, DES, RSA, ElGamal, XOR, etc.). But mostly it means we don't have to code the hard stuff from scratch. 


## Getting started

Lets begin by importing a couple cryptographic algorithms from pycrypto. 

Type the following into the code box below:

```from Crypto.Cipher import AES, XOR```

So how do we use these things (XOR,AES)? To use **symmetric ciphers** like XOR or AES, we put the **plaintext** and the **key** into the algorithm, tell the algorithim which direction we want to go (in this case encrypt), and it spits out **ciphertext** or encrypted message. 

* **Plaintext** is your message, the content to be communicated and is understandable and readable.
* **Ciphertext** is your hidden message, the content after it has been hidden (encrypted) and is no longer understandable.
* **Symmetric Ciphers** are a family of ciphers that uses the same key to encrypt as it does to decrypt; these are sometimes referred to as secret key algorithms because if the key is the same on both sides, it needs to be kept secret so that not just anyone can decrypt it.

We now know we need a key and a plaintext to get started so lets declare a couple variables

Type the following into the code box below:

```key = 1
plaintext = 5 
```

## How does Cryptography Work

Without getting too in the weeds ciphers work by switching one character or number for another. One of the most basic **symmetric ciphers** is XOR which uses 'exclusive or' as its **cryptographic algorithm**.

You have probably seen a binary numbers before, its numbers based on base_2 instead of the base_10 we are used to. Binary numbers are fun and you should research them! but essentially each numbers place is set by the value of 2^n and the first few are


| Base_10  |  Base_2 |
|----------|---------|
|    1     |  0001   |
|    2     |  0010   |
|    3     |  0011   |
|    4     |  0100   |
|    5     |  0101   |


If you XOR a binary **plaintext** with a binary **key** it means the **ciphertext** is the XOR or 'exclusive or' of the **plaintext** and **key**. 

So if our...

plaintext = 1 (base_10) = 0001 (base_2) 

and our key is...

key = 5 (base_10) = 0101 (base_2) 
___
we expect the ciphertext will be ciphertext = 0100 (base_2) 

because XOR means the ciphertext is 1 when either plaintext or key are 1 but not when both are 1, hence the *exclusive* in XOR. What is 0100 in base_10?

## Why does this matter?
## Let's start by looking at the binary of our plaintext and key we declared above

First lets convert both our declared variables to binary 

Type the following into the code box below:

```binary_key = bin(key)
binary_plaintext = bin(plaintext)
```


Lets take a look at both the binary key and plain text we just created

Type the following into the code box below:

```print("Binary of key used in XOR cipher: ")
print(binary_key)
print("\nBinary of plaintext or message used in XOR cipher: ")
print(binary_plaintext)
```

Did you notice the binary evaluates to two different lengths? Pycrypto is actually low level enough that it only correctly encrypts **keys** and **plaintext** that are divisible by 16. So we will **pad** both key and plain text to have a **block size** of at least 16.

* **Padding** is a process that adds to data of an improper size (i.e. not a multiple of the block size) in order to make it the proper size to fit into the algorithm (some ciphers require inputs be a multiple of a certain size in order to function properly).
* **Block Size** refers to the size of chunks that an algorithm will chop data into in order to process it.

Type the following into the code box below:

```binary_key_padded = format(key,'016b')
binary_plaintext_padded = format(plaintext,'016b')
```

Lets take a look at both the binary key and plaintext as padded binary now

Type the following into the code box below:

```print("Padded Binary of key used in XOR cipher: ")
print(binary_key_padded)
print("Padded Binary of plaintext or message used in XOR cipher: ")
print(binary_plaintext_padded)
```

## It's time to encrypt!

Now that we have the basics down lets encrypt something!!! 

First we will intialize the encryption object

Type the following into the code box below:

```xOR_encrypt = XOR.new(binary_key_padded)```


Now that we have intialized the encryption object lets use it to encrypt the **plaintext** to get the **ciphertext**

Type the following into the code box below:

```xOR_ciphertext = xOR_encrypt.encrypt(binary_plaintext_padded)
```

Lets look at our results!

Type the following into the code box below:

```print("The resulting ciphertext from XOR is: ")
print(XOR_ciphertext)
```

Does the resulting cipertext make sense to you? Does it look like our expected outcome when we dicussed how cryptography works?

## We encrypted, now can we get it back?

We will put it all together to decrypt the ciphertext we just created

1. First we will intialize the decryption object the same way we intialized the encryption object. Using same padded key
2. We will use the decryption object to decrypt() the xOR_ciphertext we just printed above
3. We will print our results to see!

Type the following into the code box below:

```xOR_decrypt = XOR.new(binary_key_padded) 
xOR_plaintext = xOR_decrypt.decrypt(xOR_ciphertext)
print("XOR decrypted data: ")
print(xOR_plaintext)
```


## Sweet you got your message back!

Dont belevie me? What is the base 10 equivalent of the plaintext we just found? does it match the 'plaintext' variable we declared at the beginning?

# Numbers are fun, but how about encrypting some actual messages

We will use the AES **cryptographic algorithm** to encrypt and decrypt some text next. Like the XOR algorithim it requires we declare a key and plaintext variable, but also the *initialization vector (IV)* as another piece of input that will go into the AES **cryptographic algorithm** as well as what *mode* we want the AES algorithim to run in. 

> A couple of well-known symmetric ciphers are AES and 3DES. AES stands for Advanced Encryption Standard and 3DES is also known as TDEA, Triple Data Encryption Algorithm. We will use AES in our examples with python below, since it is widely known.

We are going to take a few shortcuts this time though

* Instead of converting to binary we will declare the key and plain text as binary to begin with by using a binary string b'*sometext*'. A binary string is human redable in the code but your computer *interprets* it as the binary the **cryptographic algorithm** requires 
* Also instead of worying about **padding** this time we are just going to make our strings 16 characters in length since we know 16 is divisible by 16

### Lets declare our variables!

Type the following into the code box below:

```key = b"testkey,testkey!"
plaintext = b"cryptography yay"
iv = b"randomIVrandomIV"
mode = AES.MODE_CBC
```

Like before we will intialize a new instance of the **cryptographic algorithim** this time or algorithim is AES 

Typing the following into the code box below:

```aes_encrypt = AES.new(key, mode, iv)```

Now that we have intialized the encryption object lets use it to encrypt the **plaintext** to get the **ciphertext**

Type the following into the code box below:

```ciphertext = aes_encrypt.encrypt(plaintext)
```

Lets look at our results!

Type the following into the code box below:

```print("AES encrypted data: ")
print(ciphertext)
```

AES encrypted data: 
b'G\x9a\xed\xadAp\xf4\x94\x1cx\xce\x9d\xc2\xf6\xccL'


### Okay now we have gobbledygook again, lets get our message back!

Like before we will intialize a new instance of the cryptographic algorithim.
* remember you need the same key, iv and mode to get your message back!

Typing the following into the code box below:

```aes_decrypt = AES.new(key, AES.MODE_CBC, iv)
```

Now that we have intialized the decryption object lets use it to decrypt the **ciphertext** to get the **plaintext**

Type the following into the code box below:

```decrypted_plaintext = aes_decrypt.decrypt(ciphertext)
```

Lets look at our results!

Type the following into the code box below:

```print("AES decrypted data: ")
print(decrypted_plaintext)
```

# You did it! 
## You have encrypted and decrypted using **TWO** cryptographic algorithims

Do you have any thoughts on which one might be more secure?

other follow up questions...

# Text is fun, but can we encrypt something else?

## YES! Encryption/decryption will work on any data
## Lets do a  picture next!

Before we get started lets look at the original **plaintext** image. You should be able to find a 'Tines.png' image in the same folder this notebook is in by returning to the file tree. You can click on the jupyter logo to get there. 

---

Welcome back! Did you see the picture? Good lets see what we can do with it!

This time we went ahaed and put it all together and provided the code below. Read through it! 

Do you recognize some of the same steps we did before? Can you find the function that encrypts? The function that decrypts?

When you are done reviewing run the code block:


In [18]:
from Crypto.Cipher import AES #Using Pycrypto so we dont have to code the hard stuff
import os, random, struct
from PIL import Image

#Declare or variables required by the AES cryptographic algoritim
key = b"testkey,testkey!"
plaintext = b"cryptography yay"
iv = b"randomIVrandomIV"
mode = AES.MODE_CBC

# AES CBC Encryption
def aes_cbc_encrypt(key, iv, data, mode=AES.MODE_CBC):
    aes_encrypt = AES.new(key, mode, iv) #Intilaize a encryption object
    new_data = aes_encrypt.encrypt(data) #Encrypt your data or plaintext
    return new_data

# AES CBC Decryption
def aes_cbc_decrypt(key, iv, data, mode=AES.MODE_CBC):
    aes_decrypt = AES.new(key, mode, iv) #Intilaize a decryption object
    new_data = aes_decrypt.decrypt(data) #Decrypt your data or ciphertext
    return new_data

# AES requires that plaintexts be a multiple of 16, so we add padding to data as needed
def pad(data):
    return data + b"\x00"*(16-len(data)%16) 

# Maps the RGB, So we can create a picture from the resulting encrypted/decrypted data
def convert_to_RGB(data):
    r, g, b = tuple(map(lambda d: [data[i] for i in range(0,len(data)) if i % 3 == d], [0, 1, 2]))
    pixels = tuple(zip(r,g,b))
    return pixels

def encrypt_image(filename, filename_out=None ):
    format = "BMP"
    
    # Opens image and converts it to RGB format for PIL
    # Not prefect so you will see some data loss
    im = Image.open(filename)
    data = im.convert("RGB").tobytes() 
 
    # Since we will pad the data to satisfy AES's multiple-of-16 requirement, we will store the original data length and "unpad" it later.
    original = len(data) 
 
    # Encrypts using AES
    new = convert_to_RGB(aes_cbc_encrypt(key, iv, pad(data))[:original]) 
    
    #create a file name out if not set 
    if not filename_out:
        filename_out = os.path.splitext(filename)[0]+'.encoded'
        
    
    # Create a new PIL Image object and save the old image data into the new image.
    im2 = Image.new(im.mode, im.size)
    im2.putdata(new)
    
    #Save image
    im2.save(filename_out+"."+format, format)
    
def decrypt_image(filename, filename_out=None ):
    format = "BMP"
    
    # Opens image and converts it to RGB format for PIL
    im = Image.open(filename)
    data = im.convert("RGB").tobytes() 
 
    # Since we will pad the data to satisfy AES's multiple-of-16 requirement, we will store the original data length and "unpad" it later.
    original = len(data) 
 
    # Decrypts using AES
    new = convert_to_RGB(aes_cbc_decrypt(key, iv, pad(data))[:original]) 
    
    #create a file name out if not set 
    if not filename_out:
        filename_out = os.path.splitext(filename)[0]+'.decoded'
        
    
    # Create a new PIL Image object and save the old image data into the new image.
    im2 = Image.new(im.mode, im.size)
    im2.putdata(new)
    
    #Save image
    im2.save(filename_out+"."+format, format)


Now that we have all our functions and variables declared lets use the encrypt_image function to encrypt Tines.png

Type the following into the code box below:

``` encrypt_image('Tines.png')```

### Go Look at the encrypted image! Its got a new name!

Is it recognizable? is it jibberish just like when we encrypted text?

### OMG?!? Can we get it back?
Of course we can! if we use the same key, iv and mode!

Type the following into the code box below:

``` decrypt_image('Tines.encoded.BMP')```