# AES Encryption in Python

The *Advanced Encryption Standard* or *AES* is a **symmetric block cipher** used by the U.S. government to protect classified information and is implemented in software and hardware throughout the world to encrypt sensitive data.

In Python, library **pycrypto** is commonly used for AES.

### Contents
- Basic Usage
- More Exploration
- Reference

## Basic Usage

### Import the Library & Create An AES Instance

**Note**: AES key must be either 16, 24, or 32 bytes long!

Additionally, we can also specify **`mode`** and **`IV`** (initialization vector) when we create the instance. The default value for `mode` is `MODE_ECB`; `IV` will be ignored for `MODE_ECB` and `MODE_CTR`. It's optional and when not present it will be given a default value of all zeros. Normally, `IV` must be `block_size` bytes longs.

In [1]:
from Crypto.Cipher import AES

key = 'This is a key123'
print "The length of the key is %d" % (len(key))

obj = AES.new(key)
print "The type of the AES instance is \"%s\"" % type(obj)

The length of the key is 16
The type of the AES instance is "<type 'instance'>"


### Encryption

**Note**: 
- Input strings must be a multiple of 16 in length.
- `obj.encrypt` will return the encrypted data as a **byte string**.

In [2]:
plaintext = "The answer is no"
ciphertext = obj.encrypt(plaintext)
print ciphertext

��r_��%+�b �,


### Decryption


In [3]:
print "The decrypted text is: '%s'" % (obj.decrypt(ciphertext))

The decrypted text is: 'The answer is no'


## More Exploration

We may have noticed a few drawbacks in basic example.

- The key and plaintext must be of specific length, which may not be true in real-world data.
- The ciphertext returned is in *byte string* format, which may be not "friendly".

These two issues can be addressed by [1] padding, and [2] using **`base64`** library in Python.

In [4]:
from Crypto.Cipher import AES
import base64

def AES_encrypt(key, plaintext, BLOCK_SIZE = 32, PADDING = '$'):
    
    # one-liner to sufficiently pad the text to be encrypted
    pad = lambda s: s + (BLOCK_SIZE - len(s) % BLOCK_SIZE) * PADDING

    # one-liners to encrypt/encode and decrypt/decode a string
    # encrypt with AES, encode with base64
    EncodeAES = lambda c, s: base64.b64encode(c.encrypt(pad(s)))

    secret = key
    secret = secret + (BLOCK_SIZE - len(secret) % BLOCK_SIZE) * PADDING

    cipher = AES.new(secret)
    return EncodeAES(cipher, plaintext)


def AES_decrypt(key, ciphertext, BLOCK_SIZE = 32, PADDING = '$'):
    
    # one-liner to sufficiently pad the text to be encrypted
    pad = lambda s: s + (BLOCK_SIZE - len(s) % BLOCK_SIZE) * PADDING

    DecodeAES = lambda c, e: c.decrypt(base64.b64decode(e)).rstrip(PADDING)

    secret = key
    secret = secret + (BLOCK_SIZE - len(secret) % BLOCK_SIZE) * PADDING

    cipher = AES.new(secret)
    return DecodeAES(cipher, ciphertext)


test="AES Encryption in Python"
password="Iloveyou"
wrongpassword="Iloveyouu"

encrypted_text=AES_encrypt(password, test)

print "Raw Plaintext:", test
print "Ciphertext:", encrypted_text
print "Decrypted Ciphertext (with correct key):", AES_decrypt(password, encrypted_text)
print "Decrypted Ciphertext (with wrong key):", AES_decrypt(wrongpassword, encrypted_text)

Raw Plaintext: AES Encryption in Python
Ciphertext: tLU3FgHutRyN++CaIhDzL1GzP0yJ/dhMJ+MWge8EPWA=
Decrypted Ciphertext (with correct key): AES Encryption in Python
Decrypted Ciphertext (with wrong key): ���m�^�B)����òP�lyǲ���T�


## Reference

- https://gist.github.com/sekondus/4322469