Encrypt

Encrypt["password",expr]

encrypts expr using the specified password, to give an encrypted object.

Encrypt[keyspec,expr]

encrypts expr using the cryptographic key specification keyspec.

Encrypt[expr]

interactively requests a password with which to encrypt expr.

Details and Options

  • Encrypt yields EncryptedObject[], suitable for decryption with Decrypt.
  • Encrypt[key,"string"] yields an EncryptedObject containing the encrypted version of the contents of the string as encoded in UTF-8.
  • Encrypt[key,ByteArray[]] yields an EncryptedObject containing the encrypted version of the raw bytes in the ByteArray object.
  • For a general expression, Encrypt[key,expr] yields an EncryptedObject essentially containing an encrypted version of Compress[expr].
  • The encryption method is based on the cipher and parameters of the key. See GenerateSymmetricKey and GenerateAsymmetricKeyPair for details.
  • In a notebook interface, Encrypt[expr] generates a dialog box; in a textual interface it generates a textual prompt.
  • Encrypt has the following option:
  • Method Automaticdetails of encryption method
  • With the setting Methodassoc, the association assoc gives details of the encryption method to use.
  • The following elements can be given in the association assoc:
  • "Padding"Automaticpadding mode
    "InitializationVector"Automaticinitialization vector for block ciphers
    "BlockMode""CBC"block chaining mode ("ECB","CBC", "OFB", "CFB", "CTR")
  • The "Padding" element in the association assoc specifies the padding method to pad incomplete input.
  • Encryption with symmetric key supports the following padding methods: Automatic and None.
  • Encryption with a public key and decryption with a private key support the following padding methods: "PKCS1", "OAEP", "SSLV23", None.
  • Encryption with a private key and decryption with a public key support the following padding methods: "PKCS1", None.
  • The "PKCS1" padding method is used as a default for asymmetric encryption.
  • All ciphers except RC4 and RSA can use the block modes "ECB", "CBC", "CFB", "OFB". "RC4" can only use None.
  • Possible settings for "InitializationVector" include:
  • Automaticgenerate an appropriate initialization vector
    ByteArray[]use an explicitly specified initialization vector
  • With "InitializationVector"->Automatic, Encrypt will generate a new initialization vector whenever it is run. Later, the vector can be obtained from the EncryptedObject that was produced.
  • Supported ciphers, together with default initialization vector size, include:
  • "Blowfish"64 bits
    "CAST5"64 bits
    "DES"64 bits
    "IDEA"64 bits
    "AES128"128 bits
    "AES192"128 bits
    "AES256"128 bits
  • For RSA cipher, the maximum length of data that can be encrypted is determined by the number of bytes in the modulus, and the padding mode, according to:
  • "PKCS1"<
    "SSLV23"<
    "OAEP"<
    None

Examples

open allclose all

Basic Examples  (3)

Encrypt a message with a password:

Show the raw encrypted data and details about the encryption algorithm used:

Decrypt with the password to get back the message:

Generate a secret key:

Encrypt using the key:

Generate public and private keys:

Encrypt using the public key:

Decrypt using the private key:

Alternatively, encrypt using the private key:

Now decrypt using the public key:

Scope  (2)

Encrypt any expression:

Byte arrays are encrypted literally, making them more easily usable with external programs:

Options  (5)

Method (5)

Encrypt using a specific initialization vector:

With the initialization vector set to Automatic, a random initialization vector will be generated every time Encrypt is called:

Encrypt using CTR block mode:

Specify a padding scheme to use for RSA encryption:

Encrypt exactly one block of data by setting "Padding" to None:

Applications  (2)

Encrypt a message and save the ciphertext to a file:

Read back the contents of the file as bytes:

Compare with the original ciphertext:

Delete the temporary file:

Write simple cryptographic signing and verification functions:

Generate a pair of public and private keys:

Define an expression to sign:

Generate a signature:

Verify that the signature is authentic:

Verifying with another expression will fail:

Properties & Relations  (2)

The returned encrypted object stores all aspects of the encrypted result:

Extract the bytes in the ciphertext:

Extract the bytes in the initialization vector used for encryption:

Some block modes are more secure than others:

There is a noticeable repeating pattern when encrypting uniform data using ECB:

There is not with CBC:

Possible Issues  (5)

Timing  (1)

Encrypting using a password requires key derivation, which is intentionally slow:

You can avoid this by pre-generating a key:

Encrypted Data Size  (1)

The ciphertext may be a different length from the input:

Incompatible Keys  (1)

Encryption with elliptic curve-based keys is not currently supported:

Incompatible Padding Modes  (1)

Encrypting with a private key is not possible for certain padding modes:

Incompatible Block Modes  (1)

RSA is an asymmetric cipher that does not support block modes of operation, so Encrypt will proceed ignoring the setting for "BlockMode":

RC4 is a stream that does not support block modes of operation, so Encrypt will proceed ignoring the setting for "BlockMode":

Wolfram Research (2015), Encrypt, Wolfram Language function, https://reference.wolfram.com/language/ref/Encrypt.html (updated 2021).

Text

Wolfram Research (2015), Encrypt, Wolfram Language function, https://reference.wolfram.com/language/ref/Encrypt.html (updated 2021).

CMS

Wolfram Language. 2015. "Encrypt." Wolfram Language & System Documentation Center. Wolfram Research. Last Modified 2021. https://reference.wolfram.com/language/ref/Encrypt.html.

APA

Wolfram Language. (2015). Encrypt. Wolfram Language & System Documentation Center. Retrieved from https://reference.wolfram.com/language/ref/Encrypt.html

BibTeX

@misc{reference.wolfram_2022_encrypt, author="Wolfram Research", title="{Encrypt}", year="2021", howpublished="\url{https://reference.wolfram.com/language/ref/Encrypt.html}", note=[Accessed: 04-February-2023 ]}

BibLaTeX

@online{reference.wolfram_2022_encrypt, organization={Wolfram Research}, title={Encrypt}, year={2021}, url={https://reference.wolfram.com/language/ref/Encrypt.html}, note=[Accessed: 04-February-2023 ]}