GenerateSymmetricKey

GenerateSymmetricKey[]

randomly generates a SymmetricKey object suitable for use with cryptographic functions.

GenerateSymmetricKey["password"]

derives a SymmetricKey object from the password string given.

GenerateSymmetricKey[bytes]

generates a SymmetricKey object using the byte array or list of bytes directly as the key.

GenerateSymmetricKey[DerivedKey[]]

generates a symmetric key object with a key given by the DerivedKey object.

GenerateSymmetricKey[opts]

randomly generates a symmetric key using the specified options.

Details and Options

  • GenerateSymmetricKey[] uses a system-specific, high-entropy randomness source.
  • GenerateSymmetricKey has a Method option that specifies the cryptography method to use.
  • The current default setting is "AES256".
  • With Method->"name", default settings for the specified method are used.
  • Particular settings can be specified using Method->assoc, where the entries in the association assoc are:
  • "Cipher""AES256"cipher to use
    "KeySize"Automaticsize of key in bits
    "InitializationVector"Noneinitialization vector
    "BlockMode""CBC"block chaining mode ("ECB","CBC", "OFB", "CFB", "CTR")
  • Supported methods, together with default key size and initialization vector size, include:
  • "Blowfish"25664
    "CAST5"25664
    "DES"6464
    "RC4"256
    "IDEA"12864
    "AES128"128128
    "AES192"192128
    "AES256"256128
  • The following ciphers can use any key size that is a multiple of 8:
  • "RC4"
    "Blowfish"
    "CAST5"
  • All ciphers except RC4 can use the block modes "ECB", "CBC", "CFB", "OFB". "RC4" can only use None.
  • "AES128", "AES192", "AES256" ciphers also support CTR block mode.
  • Possible settings for "InitializationVector" include:
  • Automaticgenerate an appropriate initialization vector
    ByteArray[]use an explicitly specified initialization vector
    Nonedo not include any initialization vector
  • With "InitializationVector"->None, Encrypt will generate a new initialization vector whenever it is run. In this case, the vector can be determined only from the EncryptedObject that is produced.
  • GenerateSymmetricKey["password"] effectively uses GenerateDerivedKey to generate a key.
  • In GenerateSymmetricKey[bytes], bytes can be a ByteArray object or a list of integers between 0 and 255. The length of bytes must match the key size of the cipher used.

Examples

open all close all

Basic Examples  (1)

Generate a random symmetric key:

In[1]:=
Click for copyable input
Out[1]=

Use the key to encrypt:

In[2]:=
Click for copyable input
Out[2]=
In[3]:=
Click for copyable input
Out[3]=

Scope  (5)

Possible Issues  (1)

Introduced in 2015
(10.1)
|
Updated in 2019
(12.0)