How Do I Implement Symmetric Key Encryption In Ethereum?

With symmetric-key, we have the ability to encrypt with a key and then decrypt with the same key. The most typical method of this is AES…
Photo by Zoltan Tasi on Unsplash

How Do I Implement Symmetric Key Encryption In Ethereum?

With symmetric-key, we have the ability to encrypt with a key and then decrypt with the same key. The most typical method of this is AES. But, AES is a power-intensive method which can take up quite a bit of memory. It is thus not well matched to Ethereum, and which will charge gas for the processing. Well, in our toolbox is the Keccak-256 hashing method, adding points, multiplying points and XOR methods. So, let’s see if we can create a symmetric key method using just Keccak-256 and XOR.

For this, we will take a secret (s_ij) and use an encryption key (k_ij) to encrypt the value, and then for us to be able to reverse this back to the secret. Each of the values will be 256 bits long (as this supports uint256). First, we hash our secret key and append a counter value (j):

The encrypted value is then:

and then to decrypt:

The hash method will just be Keccak-256. In our smart contract, when we want to generate the decryption key (decryption_key), we can generate it with:

uint256 decryption_key = uint256(keccak256(abi.encodePacked(sij, j)));

and then decrypt with:

sij ^= decryption_key;

Note that the “^” operation is XOR in Solidity.

Coding

The following is the code [taken from here][1]:

import secrets
import web3
from typing import Tuple, Dict, List, Iterable, Union
from py_ecc.optimized_bn128 import G1, G2
from py_ecc.optimized_bn128 import add, multiply, neg, normalize
from py_ecc.optimized_bn128 import curve_order as CURVE_ORDER
from py_ecc.optimized_bn128 import field_modulus as FIELD_MODULUS
from py_ecc.typing import Optimized_Point3D
from py_ecc.fields import optimized_bn128_FQ, optimized_bn128_FQ2
PointG1 = Optimized_Point3D[optimized_bn128_FQ]
keccak_256 = web3.Web3.solidityKeccak
def random_scalar() -> int:
    return secrets.randbelow(CURVE_ORDER)
def encrypt_share(s_ij: int, k_ij: PointG1, j: int) -> int:
    x = normalize(k_ij)[0].n
    h = keccak_256(abi_types=["uint256", "uint256"], values=[x, j])
    return s_ij ^ int.from_bytes(h, "big")
sij=random_scalar()
sk = random_scalar()
kij = multiply(G1, sk)
s_bar = encrypt_share(sij,kij,1)
s_recovered = encrypt_share(s_bar,kij,1)
print(f"sij (random):\t{sij}")
print(f"\nkij (random):\t{kij}")
print(f"\ns_bar (encrypted):\t{s_bar}")
print(f"\nsij (recovered):\t{s_recovered}")

A sample run is:

sij (random):	15406876896539067097140597458487302616553123769610477281034868610016143252395

kij (random):	(5783791198709247499244376033878644472809903156605669489657578769719291144220, 3427976152664943344068288169770639841914517906530964549557248133869518630348, 5153890840379491196634762386417574579639576402954864792138310040630436694547)

s_bar (encrypted):	36505052980076577917894185444826629327445079686761253444579044360821205380626

sij (recovered):	15406876896539067097140597458487302616553123769610477281034868610016143252395

As shown previously, within our smart contract, we can decrypt the encrypted value with:

uint256 decryption_key = uint256(keccak256(abi.encodePacked(sij, j)));
sij ^= decryption_key;

Conclusions

Here is the example:

https://asecuritysite.com/ethereum/sym_key