# New in the Wolfram Language: Cryptography

May 15, 2015 — Christopher Wolfram, Connectivity Group

Cryptography has existed for thousands of years, but before serious computers came around, only specific kinds of messages were worth encrypting. Now that computers routinely manage a huge amount of communication, there is little downside to invisibly applying cryptography to almost everything, from verifying where information comes from to exchanging information securely. Because of cryptography’s widespread use, we added the basic building blocks of modern cryptography to the Wolfram Language with functions using OpenSSL for key generation, symmetric encryption/decryption, and asymmetric encryption/decryption.

The notion of a key in cryptography is similar to the way we use keys in everyday life, in that only someone with a certain key can perform a certain action. One very simple way of arranging this is to have a single key that is used to encrypt as well as decrypt, much like the locking and unlocking of a door:

This is called symmetric cryptography because both the party encrypting and the party decrypting share a single key. Symmetric cryptography is great for encrypting large amounts of information very securely and very efficiently, but there needs to be a preexisting relationship between both parties to be able to share a key in the first place. Asymmetric cryptography does not require a preexisting relationship—both parties have different keys, typically a public key and a private key. Something encrypted with the public key can only be decrypted with the private one:

Asymmetric cryptography is usually used for exchanging small amounts of information, for instance, a symmetric key that can then be used for transferring a larger message.

These functions have been designed to be usable by those without a technical understanding of cryptography, but still retain enough flexibility to satisfy those who do. For example, to generate a secure symmetric key, you could simply run this:

But if you wanted to generate a more specific kind of key, you could do this:

This flexibility is carried over to encryption and decryption, as those functions can use any generated key:

In the Wolfram Language, encryption isn’t limited to text. You can actually encrypt any expression:

One of the main motivations for adding cryptographic functionality to the Wolfram Language was the arrival of the Wolfram Cloud. The cloud is inherently communication based. Both in the internal workings of the cloud and in almost anything utilizing it, cryptography has the potential to play an important role in ensuring those communications are secure. Hopefully our combination of ease of use and power, as well as the broad user base of the Wolfram Language, will result in lots of interesting new protocols as well as a more secure cloud.

The (new) cryptographic functionality is supported in Version 10.1 of the Wolfram Language and Mathematica, and is rolling out soon in all other Wolfram products.

This product includes software developed by the OpenSSL Project for use in the OpenSSL Toolkit. This product includes cryptographic software written by Eric Young.

Posted in: Developer Insights

 Great addition! Does this also mean that we are one step closer of having DRM tools, for documents, code and package publishing and distribution, like an extension of the Encode[ ] capabilities? Posted by PFonseca    May 15, 2015 at 11:09 am
 It could! With this addition we’re looking into adding more DRM-related features, although a complete DRM system is a pretty big undertaking. Posted by The Wolfram Team    May 28, 2015 at 2:35 pm
 Great useful information, Christopher, thank you! Posted by Vitaliy Kaurov    May 15, 2015 at 2:20 pm
 Nice functionality, looks easy to use. The encryption secures communication with the cloud but going further I understand there are ways of running computations in an encrypted way. So, not even the cloud will know what it is computing. Is this possible using the Wolfram Cloud? Thanks, Paul. Posted by Paul    May 17, 2015 at 9:34 pm
 Thanks for your comment! This is something we’re looking into. The difficulty is running a program without ever decrypting it as a whole, or (as is the case with the Cloud) running a program without being given a key which can unlock source code. Posted by The Wolfram Team    May 21, 2015 at 12:47 pm
 When I run the code above, I get the error message “Decrypt::ivlen: Initialization vector is not of suitable length. >>” after the line “Decrypt[key, %]“. Key then turns out to be SymmetricKey[ Association[ "Cipher" -> "AES256", "BlockMode" -> "CBC", "Key" -> {131, 128, 187, 225, 153, 112, 190, 9, 70, 184, 39, 97, 75, 31, 182, 175, 109, 255, 124, 48, 113, 241, 1, 131, 194, 82, 112, 11, 172, 19, 37, 198}, "InitializationVector" -> None]] rather than SymmetricKey[ Association[ "Cipher" -> "Blowfish", "BlockMode" -> "CFB", "Key" -> {107, 130, 78, 245, 180, 193, 159, 102, 101, 74, 106, 143, 158, 87, 151, 19, 27, 85, 35, 94, 221, 20, 166, 251}, "InitializationVector" -> None]] used in the line “Encrypt[%, "One if by land, and two if by sea"]“. Ifixed this with “keyGAK = GenerateSymmetricKey[ Method -> "Blowfish", "KeySize" -> 192, "BlockMode" -> "CFB"|>]” and then “Decrypt[keyGAK, %]“, which works. Lovely functionality! Barrie Posted by Barrie Stokes    May 26, 2015 at 6:46 pm
 Great post Chris, keep them coming! Posted by Michael Sollami    June 11, 2015 at 9:46 am

Or continue as a guest (your comment will be held for moderation):

Wolfram

BROWSE BY TOPIC