python keygen.py
python cipher.py --private-key alice.pem --public-key bob.pub -p [password]
python decipher.py --public-key alice.pub --private-key bob.pem -p [password]
In order to situate ourselves in a scenario where RSA encryption can be applied, we will take two actors named Alice and Bob, for instance. Both actors will generate a key pair, exchange their public keys and be able to encrypt and decrypt messages between each other at the end of this explanation. Follow the lecture closely and it will all be clear!
First, both users execute the keygen.py script, which will generate a pair of RSA keys (public and private) for each
one of them.
Optionally, the RSA keys may be generated with a password. In this case, in order to cipher and decipher messages using
these keys, Alice and Bob must pass their passwords to the cipher.py and decipher.py scripts through the '-p'
argument.
After generating the keys, both users exchange public keys. Alice sends her key to Bob and vice versa.
Once the keys are generated and the public keys exchange has been done, Alice can encrypt a message utilising the
cipher.py script, passing her private key and Bob's public key as arguments.
When the message has been encrypted, a few files will be generated within the cipher/ directory:
- aes_key.enc: Encrypted AES key.
- ciphertext.txt: Ciphered text.
- IV.iv: Initialiser vector.
- signature.sig: The signature of the message.
These files must be sent to Bob, so that the message encrypted by Alice can be decrypted using Bob's private key.
In order to decrypt the message, Bob may use the decipher.py script, passing Alice's public key and and his private
key as arguments. The files originally generated by Alice must be inside the decipher/ directory on Bob's end before
proceeding with the decryption.
Once the decipher.py script has been executed, Bob will be able to see the message on screen. If the message has not
been altered, then the script will show its original content in plain text so that Bob can read it, followed by a notice
stating that the message is authentic.
On the other hand, if the message has been altered, the program will show that the message may not be authentic and it will end its execution.
- RSA Algorithm (https://www.di-mgt.com.au/rsa_alg.html).
- Asymmetric Algorithms / RSA (https://cryptography.io/en/latest/hazmat/primitives/asymmetric/rsa/).
- Symmetric Encryption (https://cryptography.io/en/latest/hazmat/primitives/symmetric-encryption/).
- Command Line Arguments for Your Python Script (https://machinelearningmastery.com/command-line-arguments-for-your-python-script/).
- PEP 257 – Docstring Conventions (https://peps.python.org/pep-0257/).
- Pylint (https://pylint.readthedocs.io/en/latest/).
- Hash Visualization: a New Technique to improve Real-World Security (http://users.ece.cmu.edu/~adrian/projects/validation/validation.pdf).