In this exercise we shall encrypt and decrypt a text message using a symmetric cipher AES-CBC-256, combined with Scrypt password-to-key derivation and HMAC message authentication code. In fact we shall implement a password-based symmetric authenticated encryption scheme.
Symmetric Encryption (AES + Scrypt + HMAC)
Write a program to encrypt a text message using given password. Use the following steps:
Derive a 512-bit key from the password using Scrypt (n=16384, r=16, p=1) with random salt (128 bits).
Split the derived key into two 256-bit sub-keys: encryption key and HMAC key.
Pad the input message using the PKCS7 algorithm to length, which is multiple of 16 bytes (128 bits).
Encrypt the padded message using AES-256-CBC using the encryption key. The obtained result is the ciphertext. Its length should be a multiple of 16 bytes (128 bits), which is the block size in the AES cipher.
Use a randomly generated 128-bit initial vector (IV).
Calculate message authentication code (MAC) using HMAC-SHA256(hmac_key, ciphertext).
Input: message + password (space separated).
Output: JSON document (see the example below), holding the following assets:
The Scrypt randomly-generated salt (in hex format).
The randomly-generated iv (in hex format), used for the AES cipher.
The encrypted message ciphertext (in hex format) from the AES cipher.
The message authentication code - mac (in hex format).
Write your code in programming language of choice.