def dh_encrypt(pub, message): """ Assume you know the public key of someone else (Bob), and wish to Encrypt a message for them. - Generate a fresh DH key for this message. - Derive a fresh shared key. - Use the shared key to AES_GCM encrypt the message. - Optionally: sign the message. """ Group, private, public = dh_get_key()#generate new DH pair for Alice #private key is an integer/scalar and public key is a point on the curve #check whether public key of Bob is valid and on curve assert Group.check_point(pub) #Alice obtains shared secret by multiplying her private key with bob's forwarded public key key = pub.pt_mul(private)#dA* qB print "key from enc is", key hashedKey=sha256(key.export()).digest() plaintext = message.encode("utf8")#encode message aes = Cipher("aes-128-gcm")#select cipher iv = urandom(16)#generate initialization vector cipher, tag = aes.quick_gcm_enc(hashedKey[:16], iv, plaintext)#encrypt using shared key ciphertext = [iv,cipher,tag,public] return ciphertext
def dh_encrypt(pub, message, aliceSig=None): """ Assume you know the public key of someone else (Bob), and wish to Encrypt a message for them. - Generate a fresh DH key for this message. - Derive a fresh shared key. - Use the shared key to AES_GCM encrypt the message. - Optionally: sign the message with Alice's key. """ ## YOUR CODE HERE # Bob's public key is a point on the curve bob_pub = pub G, alice_priv, alice_pub = dh_get_key() # Alice's private key is a scalar # shared_key_point = bob_pub * alice_priv # this is multiplication of a point with a scalar shared_key_point = bob_pub.pt_mul(alice_priv) # We convert this shared_key point to a # string binary representation with .export # # .export : # "Returns a string binary representation # of the point in compressed coordinates" shared_key_point_binary = shared_key_point.export() # Then we hash the value to produce a 256 bit key shared_key = sha256(shared_key_point_binary).digest() plaintext = message.encode("utf8") ## YOUR CODE HERE aes = Cipher("aes-256-gcm") iv = urandom(16) encrypted_text, tag = aes.quick_gcm_enc(shared_key, iv, plaintext) # iv, encrypted_text, tag = encrypt_message(shared_key, message) return alice_pub, iv, encrypted_text, tag
def dh_encrypt(pub, message): """ Assume you know the public key of someone else (Bob), and wish to Encrypt a message for them. - Generate a fresh DH key for this message. - Derive a fresh shared key. - Use the shared key to AES_GCM encrypt the message. - Optionally: sign the message. """ Group, private, public = dh_get_key() #generate new DH pair for Alice #private key is an integer/scalar and public key is a point on the curve #check whether public key of Bob is valid and on curve assert Group.check_point(pub) #Alice obtains shared secret by multiplying her private key with bob's forwarded public key key = pub.pt_mul(private) #dA* qB print "key from enc is", key hashedKey = sha256(key.export()).digest() plaintext = message.encode("utf8") #encode message aes = Cipher("aes-128-gcm") #select cipher iv = urandom(16) #generate initialization vector cipher, tag = aes.quick_gcm_enc(hashedKey[:16], iv, plaintext) #encrypt using shared key ciphertext = [iv, cipher, tag, public] return ciphertext
def dh_encrypt(pub, message, aliceSig = None): """ Assume you know the public key of someone else (Bob), and wish to Encrypt a message for them. - Generate a fresh DH key for this message. - Derive a fresh shared key. - Use the shared key to AES_GCM encrypt the message. - Optionally: sign the message with Alice's key. """ # pub is bob's pub key, alicesig is my private sig key, # which shuold be different from enc/dec keypair # for cryptographic sec reasons # priv is an integer, pub is an ec point alice_G, alice_priv, alice_pub = dh_get_key() # shared secret = my priv x bob's pub point shared_key = alice_priv * pub # hash ec pt to derive key shared_key = sha256(shared_key.export()).digest() # aes_gcm encrypt aes = Cipher("aes-256-gcm") iv = urandom(len(shared_key)) ciphertext, tag = aes.quick_gcm_enc(shared_key, iv, message.encode("utf-8")) # sign message (assume using common curve) # hash ciphertext sig = do_ecdsa_sign(EcGroup(), aliceSig, sha256(ciphertext).digest()) if aliceSig else None # return alice_pub for dh_decrypt on bob side # (because bob needs alice's pub to gen shared secret) return (iv, ciphertext, tag, alice_pub, sig)
def encrypt_message(K, message): """ Encrypt a message under a key K """ plaintext = message.encode("utf8") aes = Cipher("aes-128-gcm") iv = urandom(16) ciphertext, tag = aes.quick_gcm_enc(K, iv, plaintext) return (iv, ciphertext, tag)
def encrypt_message(K, message, key_length=16): """ Encrypt a message under a key K """ plaintext = message.encode("utf8") aes = Cipher("aes-{}-gcm".format(key_length * 8)) iv = urandom(key_length) ciphertext, tag = aes.quick_gcm_enc(K, iv, plaintext) return iv, ciphertext, tag
def encrypt_message(K, message): """ Encrypt a message under a key K """ ## YOUR CODE HERE plaintext = message.encode("utf8") aes = Cipher("aes-128-gcm") # Initialize AES-GCM with 128 bit keys iv = urandom(16) # Encryption using AES-GCM returns a ciphertext and a tag ciphertext, tag = aes.quick_gcm_enc(K, iv, plaintext) return (iv, ciphertext, tag)
def encrypt_message(K, message): """ Encrypt a message under a key K """ plaintext = message.encode("utf8") aes = Cipher("aes-128-gcm") iv = urandom(16) # Encryption using AES-GCM returns a ciphertext and a tag ciphertext, tag = aes.quick_gcm_enc(K, iv, plaintext) return (iv, ciphertext, tag)
def encrypt_message(K, message, key_length=128): """ Encrypt a message under a key K """ plaintext = message.encode("utf8") iv = urandom(16) if key_length not in [128, 192, 256]: raise Exception("Invalid key length") aes = Cipher("aes-%s-gcm" % str(key_length)) ciphertext, tag = aes.quick_gcm_enc(K, iv, plaintext) return (iv, ciphertext, tag)
def encrypt_message(K, message): """ Encrypt a message under a key K """ plaintext = message.encode("utf8") ## YOUR CODE HERE # we declare the aes cipher aes = Cipher("aes-128-gcm") # we generate the iv iv = urandom(16) # we encrypt the message "plaintext" using the key K provided and the iv we generated ciphertext, tag = aes.quick_gcm_enc(K, iv, plaintext) return (iv, ciphertext, tag)
def dh_encrypt(pub, message, aliceSig=None): """ Assume you know the public key of someone else (Bob), and wish to Encrypt a message for them. - Generate a fresh DH key for this message. - Derive a fresh shared key. - Use the shared key to AES_GCM encrypt the message. - Optionally: sign the message with Alice's key. """ (G, priv_dec, pub_enc) = dh_get_key() shared_key = pub.pt_mul(priv_dec).export() hashed_shared_key = sha256(shared_key).digest() iv = urandom(16) aes = Cipher("aes-128-gcm") ciphertext, tag = aes.quick_gcm_enc(hashed_shared_key[:16], iv, message.encode("utf-8")) return (iv, ciphertext, tag, pub_enc)
def dh_encrypt(pub, message): """ Assume you know the public key of someone else (Bob), and wish to Encrypt a message for them. - Generate a fresh DH key for this message. - Derive a fresh shared key. - Use the shared key to AES_GCM encrypt the message. - Optionally: sign the message with Alice's key. """ (G, fresh_priv, fresh_pub) = dh_get_key() shared_key = dh_get_shared_key(pub, fresh_priv) plaintext = message.encode("utf8") aes = Cipher("aes-256-gcm") iv = urandom(32) ciphertext, tag = aes.quick_gcm_enc(shared_key, iv, plaintext) signature = ecdsa_sign(G, fresh_priv, message) return (ciphertext, iv, tag, fresh_pub, signature)
def dh_encrypt(pub, message, aliceSig=None): """ Assume you know the public key of someone else (Bob), and wish to Encrypt a message for them. - Generate a fresh DH key for this message. - Derive a fresh shared key. - Use the shared key to AES_GCM encrypt the message. - Optionally: sign the message with Alice's key. """ ## YOUR CODE HERE plaintext = message.encode("utf8") G, priv_dec, pub_enc = dh_get_key() #get a 16 byte string freshKey = pub.pt_mul(priv_dec).export()[:16] aes = Cipher("aes-128-gcm") iv = urandom(16) ciphertext, tag = aes.quick_gcm_enc(freshKey, iv, plaintext) return (iv, ciphertext, tag, pub_enc)
def dh_encrypt(pub, message, aliceSig = None): """ Assume you know the public key of someone else (Bob), and wish to Encrypt a message for them. - Generate a fresh DH key for this message. - Derive a fresh shared key. - Use the shared key to AES_GCM encrypt the message. - Optionally: sign the message with Alice's key. """ ## YOUR CODE HERE # pub is Q_B = d_B G # we generate Q_A = d_A G # if we send Q_A, recipient calculates d_B Q_A = d_A d_B G # we can calculate d_A Q_B = d_A d_B G # shared key is x coord of d_A d_B G # Generate a fresh public key G, priv, public = dh_get_key() # Use private part of key to generate shared key # - scalar multiplication instead of exponentiation ''' Multiply the private part by Bob's public key ''' secret = pub.pt_mul(priv) # x, y = secret.get_affine() # shared = x.binary()[:24] shared = sha256(secret.export()).digest() # print(len(shared)) # Perform encryption with shared key plaintext = message.encode("utf8") aes = Cipher("aes-256-gcm") # print(aes.len_key()) iv = urandom(16) ciphertext, tag = aes.quick_gcm_enc(shared, iv, plaintext) # Send fresh public key, output of AEAD and possibly signatures return (public, iv, ciphertext, tag)
def dh_encrypt(pub, message, aliceSig = None): """ Assume you know the public key of someone else (Bob), and wish to Encrypt a message for them. - Generate a fresh DH key for this message. - Derive a fresh shared key. - Use the shared key to AES_GCM encrypt the message. - Optionally: sign the message with Alice's key. """ ## YOUR CODE HERE ## Diffie Hellman fresh key G, fresh_priv, fresh_pub = dh_get_key() ## Use the private part of the key to derive a shared key ## The shared key is the x-coordinate of the multiplication point from pub*fresh_priv shared_key, y = pub.pt_mul(fresh_priv).get_affine() shared_key = sha256(shared_key.repr()).digest()[:32] plaintext = message.encode("utf8") aes = Cipher("aes-256-gcm") iv = urandom(32) ciphertext, tag = aes.quick_gcm_enc(shared_key, iv, plaintext) return (iv, ciphertext, tag, fresh_pub)
def dh_encrypt(pub, message, aliceSig = None): """ Assume you know the public key of someone else (Bob), and wish to Encrypt a message for them. - Generate a fresh DH key for this message. - Derive a fresh shared key. - Use the shared key to AES_GCM encrypt the message. - Optionally: sign the message with Alice's key. """ # priv is class Bn, pub is class EcPt G, new_priv, new_pub = dh_get_key() # Get the x coordinate of the point multiplication, which is # the shared key shared_K, _ = pub.pt_mul(new_priv).get_affine() shared_K = sha256(shared_K.repr()).hexdigest() shared_K = shared_K[:32] plaintext = message.encode("utf8") aes = Cipher("aes-256-gcm") iv = urandom(32) ciphertext, tag = aes.quick_gcm_enc(shared_K, iv, plaintext) return iv, ciphertext, tag, new_pub