# Encrypting AES BIE1

### Bitcoin conventions

In [1]:
import binascii
import hashlib
import ecdsa
import codecs
from Crypto.Cipher import AES

In [2]:
# secp256k1, http://www.oid-info.com/get/1.3.132.0.10
p_ec = 0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFC2F
r_ec = 0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEBAAEDCE6AF48A03BBFD25E8CD0364141
b_ec = 0x0000000000000000000000000000000000000000000000000000000000000007
a_ec = 0x0000000000000000000000000000000000000000000000000000000000000000
Gx = 0x79BE667EF9DCBBAC55A06295CE870B07029BFCDB2DCE28D959F2815B16F81798
Gy = 0x483ada7726a3c4655da4fbfc0e1108a8fd17b448a68554199c47d08ffb10d4b8
curve_secp256k1 = ecdsa.ellipticcurve.CurveFp(p_ec, a_ec, b_ec)
generator_secp256k1 = ecdsa.ellipticcurve.Point(curve_secp256k1, Gx, Gy, r_ec)
oid_secp256k1 = (1, 3, 132, 0, 10)
SECP256k1 = ecdsa.curves.Curve("SECP256k1", curve_secp256k1, generator_secp256k1, oid_secp256k1)

### Establishing a shared secret

In [3]:
SA = 68391376603652558019677085321245066310756998499824362348774548882158845001985
PA = SA * generator_secp256k1

SB = 95741376603652558019677085321245066310756998499824362348774548882158845001985
PB = SB * generator_secp256k1

In [4]:
# Shared secret

SAB = SA * PB

In [5]:
# Check shared secrets are equal if calculated by either Alice or Bob

(SA * PB) == (SB * PA)

True

In [6]:
def get_point_pubkey(point_input):
    if (point_input.y() % 2) == 1:
        result = '03' + '%064x' % point_input.x()
    else:
        result = '02' + '%064x' % point_input.x()
    return binascii.hexlify(codecs.decode(result, 'hex'))

In [7]:
str(SAB.x())

'24547207253151602529617225665887624910292130993218504679930071992194063220891'

In [8]:
S = get_point_pubkey(SAB)
S

b'0236453a194181e14a3333f9e284afefffc05eec8680e25c6bf5432aa53d65409b'

### Symmetric keys

In [10]:
# Base 64
print(hashlib.sha512(S).digest())

# Hex
print(binascii.hexlify(hashlib.sha512(S).digest()))

b'V\xe4\xce~\x93\xa9\x92\x14\xeb\x81\xf8\xba\xde\x11\xa0\xdc\xe9T\xb1R\r\xb5\xd8\xb1\'\xba\x91^?f\x95\xe4*o\xcfv&\xebX"\xf5yf\xe6\x8a\xffe\x9257\xbf\xa1N\xd7R!\xae\x97b\xc6\xd4*6\n'
b'56e4ce7e93a99214eb81f8bade11a0dce954b1520db5d8b127ba915e3f6695e42a6fcf7626eb5822f57966e68aff65923537bfa14ed75221ae9762c6d42a360a'


In [11]:
IV = hashlib.sha512(S).digest()[0:16]
KAES = hashlib.sha512(S).digest()[16:32]
KHMAC = hashlib.sha512(S).digest()[32:48]

### Encrypt message

In [38]:
aes = AES.new(KAES, AES.MODE_CBC, IV)

plaintext = b'The answer is no'            # plaintext in ascii
print('plaintext =', plaintext)
plaintext = binascii.hexlify(plaintext)    # convert to hex
print('plaintext in hex =', plaintext)
ciphertext = aes.encrypt(plaintext)        # encrypt
print('ciphertext =', binascii.hexlify(ciphertext))

aes = AES.new(KAES, AES.MODE_CBC, IV)
print('decrypt ciphertext in hex =', aes.decrypt(IV + ciphertext)[16:])                 # decrypt
print('decrypt ciphertext =', binascii.unhexlify(aes.decrypt(IV + ciphertext)[16:]))    # convert back to ascii

plaintext = b'The answer is no'
plaintext in hex = b'54686520616e73776572206973206e6f'
ciphertext = b'6d622ce583dee1c4618a026ced39dea07fd95e756af53a12f41869eda78e6dba'
decrypt ciphertext in hex = b'54686520616e73776572206973206e6f'
decrypt ciphertext = b'The answer is no'


In [39]:
# Check that we could have encrypted the message in hex

aes = AES.new(KAES, AES.MODE_CBC, IV)
plaintext = binascii.hexlify(codecs.decode('54686520616e73776572206973206e6f', 'hex'))  
print(plaintext)
ciphertext = aes.encrypt(plaintext)
print(binascii.hexlify(ciphertext))

aes = AES.new(KAES, AES.MODE_CBC, IV)
print(aes.decrypt(IV + ciphertext)[16:])

b'54686520616e73776572206973206e6f'
b'6d622ce583dee1c4618a026ced39dea07fd95e756af53a12f41869eda78e6dba'
b'54686520616e73776572206973206e6f'
