# NSA Cyber Challenge

## Introduction

### What is Cyber Security?

Especially in today's world, cyber security is crucial to ensuring the protection of computer systems and the information contained within them. 

### What is Cryptography?

While there are many aspects to cyber security, one way to protect information is by the use of <b>cryptography</b>, which is the encrypting and decrypting of messages. Cryptography can be utilized for confidentiality,  authentification, security and many other applications.

#### <i><u>KEY</u></i> terms

There are 3 main terms to note when talking about cryptography: <b>Plain Text, Cipher Text, and Key. </b>

+ In order to <u>encrypt</u> a message, you use a <b>Key</b> to transform the <b>Plain Text</b> into <b>Cipher Text</b>. 
+ To <u>decrypt</u> the message, the <b>Key</b> will then be used to transform the <b>Cipher Text</b> back into <b>Plain Text</b>.

### History & Classical Cryptography

The earliest known use of encryption methods were circa 1900 BCE with the use of hieroglyphs. In third century BCE, the Greeks and Spartans used a cryptographic device to send and receive secret messages called a Scytale, which used a cylindrical device and leather to wrap and "jumble" plain text into cipher text.

Auguste Kerckhoffs was a Dutch cryptographer in the 19th century who stated 6 design principles for ciphers:
+ Must be indecipherable
+ Should not require secrecy; a.k.a not a problem when in enemy hands
+ Easily communicable and easy to remember the key without notes
+ Applicable to telegraphs (could say computers in today's world)
+ Portable and not require several persons
+ Easy to use

Within classic cryptography, there are various kinds of ciphers including <b>substitution ciphers</b>, where text is <i>interchanged</i> with other text, and <b>transposition ciphers</b>, where the text is <i>rearranged</i> into a different order.

The Caesar cipher is a simple example of a substitution cipher. Named after Julius Caesar, this particular cipher is used to encrypt  messages by replacing letters with another letter that is a particular distance away from the original character in the alphabet. For instance, Caesar used a shift of 3, which means, the letter A would be replaced with the letter D, the letter B would be replaced by E, and so on. Check out his mapping below:

| | |
| --- | ---------- |
|Plain text |  ABCDEFGHIJKLMNOPQRSTUVWXYZ
|Cipher text| DEFGHIJKLMNOPQRSTUVWXYZABC


### Example 
We will try using the provided ROT function below. Run the next cell without making any changes.

In [None]:
# --- Simply, run this cell. No changes necessary.
# Feel free to look through it to see if you can understand what this function is doing!

import string

def ROT(input_string, shift, encrypt_decrypt):
  ''' Encrypt/Decrypt string using a given shift of the alphabet. 
  AKA. Caesar Cipher 
  
  input_string = string type
  shift = integer type
  encrypt_decrypt = 0 (encrypt) or 1 (decrypt)'''
  
  # --- Verify inputs are of correct type
  if type(input_string) is not str: 
    raise ValueError('input argument index 0 must be string type')
  elif type(shift) is not int:
    raise ValueError('input argument index 1 must be integer type')
  elif encrypt_decrypt not in (0,1):
    raise ValueError('input argument index 2 must be 0 or 1')
    
  # --- Cycle through string & replace value
  output_string=''  
  for char in input_string:
    if char in string.ascii_lowercase: 
      char_set = string.ascii_lowercase
      output_string += get_sister(char, char_set, shift, encrypt_decrypt)
    elif char in string.ascii_uppercase: 
      char_set = string.ascii_uppercase
      output_string += get_sister(char, char_set, shift, encrypt_decrypt)
    else: 
      output_string += char
  return output_string
  
def get_sister(char, char_set, shift, encrypt_decrypt):
  ''' Retrieve shifted character '''
  
  # --- Verify given character is included in given set
  if char not in char_set: raise ValueError ('char not in char_set')
  char_set_len = len(char_set)
  shift = abs(char_set_len*encrypt_decrypt-shift)
  return char_set[(char_set.find(char)+shift)%char_set_len]

Now, let's try to actually encrypt a phrase using the ROT function.

To use this function, you will need to provide a phrase to encrypt/decrypt, the shift value to create the key, and a 0 or 1 to say if you are encrypting or decrypting.

<u>Run the cell below.</u> Feel free to replace the phrase with your own. 

Remember, the 13 is our shift value which creates the key.
The 0 is telling us to ENCRYPT the phrase.

In [None]:
ROT('Hello World!', 13, 0)

If you kept 'Hello World!' you should have seen the cipher text as 'Uryyb Jbeyq!' Now, let's try to change it back by decrypting! 

Our key was created by using a shift of 13, so we want to keep that. However, now we need to DECRYPT (change 0 to 1).

In [None]:
ROT('Uryyb Jbeyq!', 13, 1)

Let's try using Caesar's favorite shift of 3.


In [None]:
ROT('Hello World!', 3, 0)

Now, our cipher text says 'Khoor Zruog!' Let's go ahead and retrieve the plain text back.

In [None]:
ROT('Khoor Zruog!', 3, 1)

Great! Now you are able to create your own secret messages!


### Modern Cryptography

In modern times, cryptography is achieved through the use of algorithms, which encrypt and decrypt <b>bits</b> instead of letters. This is stronger, more complex and used for things such as emails, cellphones, banking, bluetooth, passwords, etc. Some examples of algorithms include XOR, which is a boolean logic operator, Data Encryption Standard (DES), which was developed in the early 70s at IBM and was highly influential in modern cryptography, and Public Key, which is an asymmetric key algorithm that uses a public and private key for encryption/decryption.

#### What is Base64?
Base64 allows binary data to be represented in a way that looks and acts as plain text for email transmission over the Internet. It facilitates reliablility of data to be stored in databases, sent in emails, or used in text-based format such as XML. Base64 is basically used for representing data in an ASCII string format.

#### How does Base64 work?

Base64 encoding is executed as follows:
 1. The text to be encoded is converted into its respective decimal values, that is, into their ASCII equivalent. 
 2. The decimal values are converted into their binary equivalents.
 3. All the binary equivalents are concatenated, obtaining a large set of binary numbers.
 4. The large set of binary numbers is divided into equal sections, with each section containing only 6 bits.
 5. The equal sets of 6 bits are converted into their decimal equivalents.
 6. The decimal equivalents are converted into their Base64 values.

Base64 decoding is executed as follows:
 1. Each character in the string is changed to its Base64 decimal value.
 2. The decimal values are converted into their binary equivalents.
 3. The first two bits of the binary numbers are truncated from each of the binary numbers obtained, and the sets of 6 bits are combined, forming one large string of binary digits
 4. The large string of binary digits is split into groups of 8 bits.
 5. The 8-bit binary numbers are converted into their decimal equivalents.
 6. The decimal values obtained are converted into their ASCII equivalent.

#### Hexa-what?
You may have heard the term <i>hexadecimal</i> before, but what does it mean? Hexadecimal refers to the base-16 number system and is commonly used in the transmission of data for its readability as opposed to the lengthy binary formats such as base-2. You might be familiar with hexadecimal color representations:
+ Black --> #000000
+ Green --> #00FF00
+ White --> #FFFFFF


### Examples

#### How are we going to implement this? Easy, with Python!

For our benefit, python already includes a library, <i>base64</i> that contains all of the code we need to encode or decode using base64 and <i>binascii</i> that will help us "hexlify". Let's try some examples. Run the cell below to encode to base64.

In [None]:
import base64 

string_to_encode = str.encode('Encode me!') # make the string a bytes object
encoded = base64.b64encode(string_to_encode) # do base64 encoding
print(encoded) # should output b'RW5jb2RlIG1lIQ==' where the b is for bytes

You will notice that we have a bytes object and it doesn't look anything like the string we gave it.
<p>Let's get back the original...

In [None]:
data = base64.b64decode(encoded) # do base64 decoding
string_to_decode = data.decode('utf-8') # make the bytes object back to a string 
print(string_to_decode) # should give us back the original 'Encode me!'

Awesome! If you wanted to encode an image, you could do the following:

In [None]:
with open('yourfile.ext','rb') as image_file:
  encoded = base64.b64encode(image_file.read())

print(encoded)

# however, this code will not work because 'yourfile.ext' does not exist!
# try uploading your own picture and testing it out 
# by replacing 'yourfile.ext' with your own file's name!

Great job, now you know what base64 encoding looks like! Let's compare to hexadecimal.

In [None]:
import binascii

string_to_hex = str.encode('Hex me!') # make the string a bytes object
encoded = binascii.hexlify(string_to_hex) # hexlify!
print(encoded) # should ouput b'486578206d6521' where b is for bytes

We have ourselves another bytes object. Clearly a different encoding than before!
<p> Can we decode back to the original?

In [None]:
data = binascii.unhexlify(encoded) # un-hexlify
string_to_unhex = data.decode('utf-8') # make the bytes object back to a string 
print(string_to_unhex) # should give us back the original 'Hex me!'

Yes! Awesome! Time to save the galaxy...

## Challenge Scenario - The Email Strikes Back

"We have received medium-confidence reports that the Empire is constructing a secret weapon. Some kind of super-laser space station weapon of impossible power. Naturally, our first instinct would be to reject these claims for the obvious nonsense they are, but just to be on the safe side, we would like you to decrypt these galaxymail intercepts which we believe may contain clues as to the truth of these claims. They were originally authored by one Galen Erso, until recently an engineering director at Kuat Drive Yards, present status unknown."

-<b><i>Chair of the Alliance Council, Mon Mothma</i></b>

### Let's get to work. Here's what you need to know.

We were able to intercept some galaxymail during transmission, but data is transferred over the internet as a hexstream. Fortunately, the hex-to-character system is public knowledge and we can convert it to base64, and subsequently into plain text! Unfortunately, the Empire knows this and has implemented a Caesar cipher on the hex text!

What you must do:

+ Read in hextext.txt.
+ Decode the Caesar cipher to figure out how to get back to original hexidecimal format.
+ <i>Unhexlify</i> the hex text to convert into the email output.
+ Decode the base64 encoding of the email.
+ Save the galaxy!

<b>Hint:</b> Start by reading in the hex text. Take a guess at what shift was used in the Caesar cipher to shift, then unhexlify. If you are correct, it will easily decrypt. Otherwise, you might get an error or something difficult to interpret. How fast/efficient can you decrypt the galaxymail?!

Read in <b>hextext.txt</b> and use your knowledge about Caesar ciphers, base64 & hexidecimals to decode the galaxymail. What information are you able to find that will help us stop the Empire?!

<u>Tips:</u>

1. The Empire is tricky; don't be surprised if you find a different cipher to break. Provide any intelligence from the galaxymail that you can!
<p>
    
2. When decoding base64, if you see an error such as:
  <i>UnicodeDecodeError: 'utf-8' codec can't decode byte 0xf0 in position 156</i> <p>
  try adding the ignore errors option  --> data.decode('utf-8'<b>, errors='ignore'</b>)
<p>

In [None]:
# Write your own code here.