I have to REUSE the same key & IV if I want to keep the files encrypted and decrypt them when needed.

Scenario$1$: Saving the key & IV

$*$Save the key and IV in two files e$.$g$.$ "AES.key" & "AES.IV$"$

$*$Load the key & IV to do the decryption when needed.

Scenario $2$: generate the key & IV from a hash of a password

$*$Input a password and use the SHA$256$ code given in the lecture notes

$*$Discuss ways to use that in practice.

Discuss the Pros & Cons of saving the key & IV vs using it generated from a password. Can you think of other solutions?

This is the code I have:

import os

from Crypto.Cipher import AES

from Crypto.Random import get$\_$random$\_$bytes

import hashlib

def generate$\_$key$\_$iv$()$:

key $=$ get$\_$random$\_$bytes$(16)$ # $128-$bit key

iv $=$ get$\_$random$\_$bytes$(16)$ # $128-$bit IV

return key, iv

def pad$\_$message$($message$)$:

block$\_$size $=$ AES.block$\_$size

padding $=$ block$\_$size $-$ len$($message$)\%$ block$\_$size

return message $+$ padding $*$ chr$($padding$)$

def unpad$\_$message$($padded$\_$message$)$:

padding $=$ ord$($padded$\_$message$[-1])$

return padded$\_$message$[$:$-$padding$]$

def encrypt$\_$message$($message$,$ key, iv$)$:

cipher $=$ AES.new$($key$,$ AES.MODE$\_$CBC$,$ iv$)$

padded$\_$message $=$ pad$\_$message$($message$)$

encrypted$\_$message $=$ cipher.encrypt$($padded$\_$message$)$

return encrypted$\_$message

def decrypt$\_$message$($encrypted$\_$message, key, iv$)$:

cipher $=$ AES.new$($key$,$ AES.MODE$\_$CBC$,$ iv$)$

decrypted$\_$message $=$ cipher.decrypt$($encrypted$\_$message$)$

return unpad$\_$message$($decrypted$\_$message$)$

def encrypt$\_$file$($file$\_$path, key, iv$)$:

with open$($file$\_$path, $\text{'}$rb$\text{'})$ as f:

plaintext $=$ f$.$read$()$

encrypted$\_$data $=$ encrypt$\_$message$($plaintext$,$ key, iv$)$

encrypted$\_$file$\_$path $=$ file$\_$path $+$ 'enc'

with open$($encrypted$\_$file$\_$path, $\text{'}$wb$\text{'})$ as f:

f$.$write$($encrypted$\_$data$)$

return encrypted$\_$file$\_$path

def decrypt$\_$file$($encrypted$\_$file$\_$path, key, iv$)$:

with open$($encrypted$\_$file$\_$path, $\text{'}$rb$\text{'})$ as f:

encrypted$\_$data $=$ f$.$read$()$

decrypted$\_$data $=$ decrypt$\_$message$($encrypted$\_$data, key, iv$)$

decrypted$\_$file$\_$path $=$ encrypted$\_$file$\_$path.replace$(\text{'}$enc$\text{'},$ 'dec.txt$\text{'})$

with open$($decrypted$\_$file$\_$path, $\text{'}$wb$\text{'})$ as f:

f$.$write$($decrypted$\_$data$)$

return decrypted$\_$file$\_$path

# Generate key and IV

key, iv $=$ generate$\_$key$\_$iv$()$

# Encrypt and decrypt message

message $=$ "Cyber Security is fun"

encrypted$\_$message $=$ encrypt$\_$message$($message$.$encode$(),$ key, iv$)$

decrypted$\_$message $=$ decrypt$\_$message$($encrypted$\_$message, key, iv$)$

print$("$Decrypted Message:", decrypted$\_$message.decode$())$

# Encrypt and decrypt a file

file$\_$path $=$ "test.txt$"$

encrypted$\_$file$\_$path $=$ encrypt$\_$file$($file$\_$path, key, iv$)$

decrypted$\_$file$\_$path $=$ decrypt$\_$file$($encrypted$\_$file$\_$path, key, iv$)$

# Check if decrypted file is identical to original file

with open$($file$\_$path, $\text{'}$rb$\text{'})$ as f$1,$ open$($decrypted$\_$file$\_$path, $\text{'}$rb$\text{'})$ as f$2$:

original$\_$content $=$ f$1.$read$()$

decrypted$\_$content $=$ f$2.$read$()$

if original$\_$content $==$ decrypted$\_$content:

print$("$Decrypted file is identical to original file"$)$

else:

print$("$Decrypted file is not identical to original file"$)$