Wolfram Computation Meets Knowledge

New in the Wolfram Language: Cryptography

Cryptography has existed for thousands of years, but before serious computers came around, only specific kinds of messages were worth encrypting. Now that computers routinely manage a huge amount of communication, there is little downside to invisibly applying cryptography to almost everything, from verifying where information comes from to exchanging information securely. Because of cryptography’s widespread use, we added the basic building blocks of modern cryptography to the Wolfram Language with functions using OpenSSL for key generation, symmetric encryption/decryption, and asymmetric encryption/decryption.

The notion of a key in cryptography is similar to the way we use keys in everyday life, in that only someone with a certain key can perform a certain action. One very simple way of arranging this is to have a single key that is used to encrypt as well as decrypt, much like the locking and unlocking of a door:

Making one key to encrypt and decrypt

This is called symmetric cryptography because both the party encrypting and the party decrypting share a single key. Symmetric cryptography is great for encrypting large amounts of information very securely and very efficiently, but there needs to be a preexisting relationship between both parties to be able to share a key in the first place. Asymmetric cryptography does not require a preexisting relationship—both parties have different keys, typically a public key and a private key. Something encrypted with the public key can only be decrypted with the private one:

Decrypting with a private key versus a public key

Asymmetric cryptography is usually used for exchanging small amounts of information, for instance, a symmetric key that can then be used for transferring a larger message.

These functions have been designed to be usable by those without a technical understanding of cryptography, but still retain enough flexibility to satisfy those who do. For example, to generate a secure symmetric key, you could simply run this:

Creating a secure symmetric key

But if you wanted to generate a more specific kind of key, you could do this:

Generating a specific secure symmetric key

This flexibility is carried over to encryption and decryption, as those functions can use any generated key:

Flexibility with encryption and decryption functions

In the Wolfram Language, encryption isn’t limited to text. You can actually encrypt any expression:

Encrypting an expression

One of the main motivations for adding cryptographic functionality to the Wolfram Language was the arrival of the Wolfram Cloud. The cloud is inherently communication based. Both in the internal workings of the cloud and in almost anything utilizing it, cryptography has the potential to play an important role in ensuring those communications are secure. Hopefully our combination of ease of use and power, as well as the broad user base of the Wolfram Language, will result in lots of interesting new protocols as well as a more secure cloud.

The (new) cryptographic functionality is supported in Version 10.1 of the Wolfram Language and Mathematica, and is rolling out soon in all other Wolfram products.

This product includes software developed by the OpenSSL Project for use in the OpenSSL Toolkit. This product includes cryptographic software written by Eric Young.

Download this post as a Computable Document Format (CDF) file.

Comments

Join the discussion

!Please enter your comment (at least 5 characters).

!Please enter your name.

!Please enter a valid email address.

7 comments

  1. Great addition!

    Does this also mean that we are one step closer of having DRM tools, for documents, code and package publishing and distribution, like an extension of the Encode[ ] capabilities?

    Reply
  2. Great useful information, Christopher, thank you!

    Reply
  3. Nice functionality, looks easy to use.

    The encryption secures communication with the cloud but going further I understand there are ways of running computations in an encrypted way. So, not even the cloud will know what it is computing. Is this possible using the Wolfram Cloud?

    Thanks,
    Paul.

    Reply
  4. When I run the code above, I get the error message “Decrypt::ivlen: Initialization vector is not of suitable length. >>” after the line “Decrypt[key, %]”. Key then turns out to be SymmetricKey[
    Association[
    “Cipher” -> “AES256”, “BlockMode” -> “CBC”,
    “Key” -> {131, 128, 187, 225, 153, 112, 190, 9, 70, 184, 39, 97, 75,
    31, 182, 175, 109, 255, 124, 48, 113, 241, 1, 131, 194, 82, 112,
    11, 172, 19, 37, 198}, “InitializationVector” -> None]]
    rather than
    SymmetricKey[
    Association[
    “Cipher” -> “Blowfish”, “BlockMode” -> “CFB”,
    “Key” -> {107, 130, 78, 245, 180, 193, 159, 102, 101, 74, 106, 143,
    158, 87, 151, 19, 27, 85, 35, 94, 221, 20, 166, 251},
    “InitializationVector” -> None]]
    used in the line
    “Encrypt[%, “One if by land, and two if by sea”]”.
    Ifixed this with
    “keyGAK = GenerateSymmetricKey[
    Method -> “Blowfish”, “KeySize” -> 192,
    “BlockMode” -> “CFB”|>]”
    and then
    “Decrypt[keyGAK, %]”,
    which works.

    Lovely functionality!

    Barrie

    Reply