# Modern Cryptography

Generally speaking there are two *kinds* of encryption: symmetric and asymmetric.

In symmetric encryption, the parties involved share the ***same*** key.

In asymmetric encryption, the parties use ***different*** keys, that are mathematically ***related*** to each other.

<img src="img/sym_vs_asym.png" width="750">

## Symmetric Encryption

In the following, we look at symmetric encryption algorithms. In symmetric crypto, we use the same key for encryption and decryption. **Therefore, the two parties need to establish a secret key between them.** Symmetric encryption can be up to 1000 times faster than asymmetric encryption. Given the support of some crypto algorithm in the CPU and at hardware level, even faster.

### Advanced Encryption Algorithm (AES)

AES is based on Rijndael encryption algorithm, designed by Joan Daemen and Vincent Rijmen. It was one of the algorithms submitted to U.S. National Institute of Standards and Technology (NIST) to replace DES and 3DES. It was published in 1998 and accepted and standardized in 2001.

 * AES supports key sizes of 128/192/256 bits
 * Block size: 128 bit
 * It's iterative rather than Feistel cipher
 * Treats data in 4 groups of 4 bytes
 * Operates on an entire block in every round
 * Resistant against known attacks
 * Speed and code compactness on many CPUs
 * Rijndael block and key size vary between 128, 192, 256
 * However, in AES block size in 128
 * Number of rounds a function of key size
  * 128 bits     10 rounds
  * 192 bits     12 rounds
  * 256 bits     14 rounds

 * Today most implementations use the CPU support (Intel AES-NI)

### Block cipher mode of operation

To encrypt messages of arbitrary size with block ciphers, we use the following algorithms, called the modes of operation. They define how to encrypt each block of the plaintext to produce the corresponding cipher text block. Some of these are completely insecure (ECB) and should not be used.

 * Electronic Codebook (ECB)
 * Cipher Block Chaining (CBC)
 * Counter (CTR)
 
 
### Electronic Codebook (ECB)

<img src="img/ECB_enc.png">
<img src="img/ECB_dec.png">



### Cipher Block Chaining (CBC)

<img src="img/CBC_enc.png">
<img src="img/CBC_dec.png">



### Counter (CTR)

<img src="img/CTR_enc.png">
<img src="img/CTR_dec.png">


## SHA Family

Secure Hash Algorithm (SHA) family, is a series of hashing algorithms.

    Ranging from SHA-0 to SHA-3. 
    SHA-0 should never be used. 
    It's advised to move from SHA-1 to SHA-2. 
    SHA-3 is the most recent version, published in 2015.


    SHA-1: Digest size (160), Block size (512)
    SHA-2: Digest size (224, 256, 384, or 512), Block size (512, 1024)
    SHA-3: Digest size (224, 256, 384, 512), Block size (1600)


In [127]:
from cryptography.hazmat.backends import default_backend
from cryptography.hazmat.primitives import hashes
import base64 # to produce human readable encoding of the bytes

digest = hashes.Hash(hashes.SHA256(), backend=default_backend())
digest.update(b"Cryptography Class")
digest.update(b"2019")
msg_digest = digest.finalize()
# Notice the output size of the digest
print ("msg_digest:", len(msg_digest), len(msg_digest) * 8)
print ("base64 encoding:", base64.b64encode(msg_digest))

print()
print('*'*70)

digest = hashes.Hash(hashes.SHA256(), backend=default_backend())
digest.update(b"Cryptography Class 2019")
msg_digest = digest.finalize()
# Notice the output size of the digest
print ("msg_digest:", len(msg_digest), len(msg_digest) * 8)
print ("base64 encoding:", base64.b64encode(msg_digest))

print()
print('*'*70)

digest = hashes.Hash(hashes.SHA256(), backend=default_backend())
digest.update(b"Cryptography Class 2019")
msg_digest = digest.finalize()
# Notice the output size of the digest
print ("msg_digest:", len(msg_digest), len(msg_digest) * 8)
print ("base64 encoding:", base64.b64encode(msg_digest))

msg_digest: 32 256
base64 encoding: b'Ac3zIwNL0+Tm2TwmwUiZXIKzQ5Wy+ON7DdisgBdw8Ys='

**********************************************************************
msg_digest: 32 256
base64 encoding: b'e0X8i9hmsRwIC11vopL7wF+2M5sMcfkq5KNRAaPlSdA='

**********************************************************************
msg_digest: 32 256
base64 encoding: b'e0X8i9hmsRwIC11vopL7wF+2M5sMcfkq5KNRAaPlSdA='


In [128]:
from cryptography.hazmat.backends import default_backend
from cryptography.hazmat.primitives import hashes
import base64 # to produce human readable encoding of the binary bytes

for _hash in [hashes.SHA1, hashes.SHA224, hashes.SHA256, hashes.SHA384, hashes.SHA512]:
    digest = hashes.Hash(_hash(), backend=default_backend())
    digest.update(b"Cryptography Class 2019")
    # digest.update(b"2019")
    msg_digest = digest.finalize()
    # Notice the output size of the digest
    print(_hash.name, len(msg_digest), len(msg_digest) * 8,'\n', base64.b64encode(msg_digest), '\n')

sha1 20 160 
 b'33aBOypIgAiFptpOz7tyEvg6Ock=' 

sha224 28 224 
 b'xYr2ZdcSZACj2j52Lg/YlS5vSvJImM5zcI4Txg==' 

sha256 32 256 
 b'e0X8i9hmsRwIC11vopL7wF+2M5sMcfkq5KNRAaPlSdA=' 

sha384 48 384 
 b'ayosYcv2ijTBVNlSKg4jchpXYzrzRA9036wwGaNBiEtinvqYt0KxyY3pzChv9nUs' 

sha512 64 512 
 b'qdMZZ/v008yB+PqPBkFki04UJQjL8S1PIeiCDxU9FbFsxFpFqjTmg9Cst0OXn2Dzwp9x4TChQfWB6AfxmZA81w==' 



In [129]:
import os
from cryptography.hazmat.primitives.ciphers import Cipher, algorithms, modes
from cryptography.hazmat.backends import default_backend
key = os.urandom(16) # in bytes, 128 bits
iv = os.urandom(16)

In [130]:
# ECB Mode, we only need a key
### *** DO NOT USE ECB. IT IS INSECURE *** ###

cipher = Cipher(algorithms.AES(key), modes.ECB(), backend=default_backend())
encryptor = cipher.encryptor()
# note that we don't need padding here, since len("Cryptography2019") = 16
cipher_text = encryptor.update(b"Cryptography2019") + encryptor.finalize()

In [131]:
cipher_text

b'+\x9a\xc4\xd7\xa7\xff)\xcf\xf0\xf7\xd1\x18\xc2\x97\xa0\x86'

In [132]:
print (len(cipher_text))

16


In [133]:
decryptor = cipher.decryptor()
decryptor.update(cipher_text) + decryptor.finalize()

b'Cryptography2019'

In [134]:
# CBC Mode, we also need an IV
cipher = Cipher(algorithms.AES(key), modes.CBC(iv), backend=default_backend())
encryptor = cipher.encryptor()
# note that we don't need padding here, since len("Cryptography2019") = 16
cipher_text = encryptor.update(b"Cryptography2019") + encryptor.finalize()

In [135]:
cipher_text

b'a\x06\x1a\xec3p\x13~\xffq\x0bv\x1f\x94\xc8\xf0'

In [136]:
decryptor = cipher.decryptor()
decryptor.update(cipher_text) + decryptor.finalize()

b'Cryptography2019'

In [137]:
# CTR Mode, we don't need padding in CTR mode. In transforms a block cipher into a stream cipher
# we only need to introduce the nonce
cipher = Cipher(algorithms.AES(key), modes.CTR(os.urandom(16)), backend=default_backend())
encryptor = cipher.encryptor()
# len(b"Cryptography Class 2019") = 23, however no padding is needed.
cipher_text = encryptor.update(b"Cryptography Class 2019") + encryptor.finalize()

In [138]:
cipher_text

b'\xfc\xcdn\x9d[\x0e\xe0\x19\xb5\x90\x96\x855B\x1b\xc4\xdd\xfb\xaf\xc9\xa4\x17e'

## *<font color=" #6495ED">Exercise</font>*

 - Encrypt the file following text using the ECB, and CBC or CTR mode and compare the results.

In [139]:
plain_text = b"Cryptography2019" * 128

In [140]:
plain_text

b'Cryptography2019Cryptography2019Cryptography2019Cryptography2019Cryptography2019Cryptography2019Cryptography2019Cryptography2019Cryptography2019Cryptography2019Cryptography2019Cryptography2019Cryptography2019Cryptography2019Cryptography2019Cryptography2019Cryptography2019Cryptography2019Cryptography2019Cryptography2019Cryptography2019Cryptography2019Cryptography2019Cryptography2019Cryptography2019Cryptography2019Cryptography2019Cryptography2019Cryptography2019Cryptography2019Cryptography2019Cryptography2019Cryptography2019Cryptography2019Cryptography2019Cryptography2019Cryptography2019Cryptography2019Cryptography2019Cryptography2019Cryptography2019Cryptography2019Cryptography2019Cryptography2019Cryptography2019Cryptography2019Cryptography2019Cryptography2019Cryptography2019Cryptography2019Cryptography2019Cryptography2019Cryptography2019Cryptography2019Cryptography2019Cryptography2019Cryptography2019Cryptography2019Cryptography2019Cryptography2019Cryptography2019Cryptography2019Crypto

In [141]:
def print_text(text, b64=False):
    for i in range(0, 128, 16):
        if b64:
            pt = base64.b64encode(text[i:i+16])
        else:
            pt = text[i:i+16]
        print(pt)

In [142]:
import os
from cryptography.hazmat.backends import default_backend
from cryptography.hazmat.primitives.ciphers import Cipher, algorithms, modes
import base64 # to produce human readable encoding of the bytes
key = os.urandom(16) # in bytes, 128 bits

cipher = Cipher(algorithms.AES(key), modes.ECB(), backend=default_backend())
encryptor = cipher.encryptor()
ecb_ct = encryptor.update(plain_text) + encryptor.finalize()

In [143]:
print_text(ecb_ct)

b'3\xb7\xd9S]h\xd7\xfd\x1er\x186&Y@_'
b'3\xb7\xd9S]h\xd7\xfd\x1er\x186&Y@_'
b'3\xb7\xd9S]h\xd7\xfd\x1er\x186&Y@_'
b'3\xb7\xd9S]h\xd7\xfd\x1er\x186&Y@_'
b'3\xb7\xd9S]h\xd7\xfd\x1er\x186&Y@_'
b'3\xb7\xd9S]h\xd7\xfd\x1er\x186&Y@_'
b'3\xb7\xd9S]h\xd7\xfd\x1er\x186&Y@_'
b'3\xb7\xd9S]h\xd7\xfd\x1er\x186&Y@_'


In [144]:
cipher = Cipher(algorithms.AES(key), modes.CBC(iv), backend=default_backend())
encryptor = cipher.encryptor()
cbc_ct = encryptor.update(plain_text) + encryptor.finalize()

In [145]:
print_text(cbc_ct)

b"3\xbb\x8b\xca\xf1F\x83\xfd'e\x08\xab\xd8\xfb#\xbc"
b'\xe9\x98Mj\xbe\xd6\xf6\xf5\x84=\xdc\xdbTjj\x95'
b'i\x8fJ\x82\x05<S\xa7Y~\xb2\x9fJ\xfc\x08\x1d'
b'\xecm\x7f\x08\xa8]\xc7\xc3q\x7f\x05\xd7\xd0s\xd4z'
b'\x82\xe1\xef\x814\xa2\xffq\xf0W\xdb\xe4\x05}\xc65'
b'\x14\x19\r\xb4\xa5"\xd6\x82\\\xfe\xd5\xdc\x08<\xb1P'
b'\x8bi,\xc12\x08\x08\x15\xcb\t\x0b\xd1\xe3\xfa\xe7e'
b'"\x15\xb4\x95+H\x02\x10V6\xcc\x19@\xe7\xe6\xd0'


In [146]:
cipher = Cipher(algorithms.AES(key), modes.CBC(os.urandom(16)), backend=default_backend())
encryptor = cipher.encryptor()
ctr_ct = encryptor.update(plain_text) + encryptor.finalize()

In [147]:
print_text(ctr_ct)

b'\xce\xf3_X>\xd1 ,d\xfc\xafu\n\xd5\xf3/'
b')-7\xc3j\xf8\xbd7\x90\x08\x9f\xc5\xaa\x81\xd6\xa5'
b'\x86X\\\xa1\xd6\x0e]\xea\x12NnN9\xf5\xfaz'
b":\x1a\x14\x7f^\xfb\x19y\x97\xe3a\x11^\x19'\xbc"
b'\x8f}2.{)\x1d\xfe\xb6\xf3\xcbNx\xc1@5'
b'\x90\xcaARx\xf4\xa3[\xf2\xa5\xae\x81\xc3\x1a\x19d'
b'\x85\x00\x94\xe2\xee\x92g_`\x8d\xd0\xc9Q\xd4,|'
b'\x83\xe9W\xd0Z=J/h\x03\xf2\xfb\x08\xbd\xd5\xea'


In [148]:
import PIL

with open('img/tux.png', 'rb') as f:
    clear = f.read()
    
len(clear)
len(clear)%16
clear_trimmed = clear[64:-2]
len(clear_trimmed)%16

0

In [149]:
cipher = Cipher(algorithms.AES(key), modes.ECB(), backend=default_backend())
encryptor = cipher.encryptor()
ecb_ct = encryptor.update(clear_trimmed) + encryptor.finalize()

In [150]:
with open('img/tux_ecb.png', 'wb') as f:
    f.write(ecb_ct)