Implement AES encryption on strings passed into the cipher.

[M4cs]

In order to make this more cryptographically secure we should implement some sort of AES standard into the strings that are encrypted and add that to the encryption and decryption functions respectively.

[TotallyNotChase]

Hello again!
A few questions regarding how you'd like the AES encryption to be implemented:-

• Do you want the string to be encrypted before this try block but inside encrypt_w_user_key?
  
• Do you want to implement a manual AES algorithm using matrices or am I allowed to import the Pycrypto module?
• We have to store the AES key somewhere, for the sake of organization, is it ok to store it in the key_image?

[M4cs]

I think the Crypto module should work for this. And yes before that try block would be the best place i think as that try block is really just ciphering the message into the pixel map. I think we should also store the AES key in key_image or re-write the base_key generator to better create a cipher for the user and keep their AES key private.

[M4cs]

p.s Glad to see you around again @TotallyNotChase always appreciate your PRs ;)

[TotallyNotChase]

So, a little progress update, I was reading into AES encryption and according to its standards, we'll need an initialization vector that is different each encryption. This means we can't store it in the user_key. I'm thinking of generating the primary AES key in the user_key but I'm not sure about the initialization vector, any suggestions?

also sorry for the massive delay, a bit busy this week but I highly advise leaving the library unchanged. Expect a PR by 12th dec :)

[M4cs]

All good! I will not be touching it until you make your PR as you always seem to have great refactoring changes to go along with your logical changes.

As for the initialization vector I think we can generate one using this: random.read(AES.block_size) using the PyCrypto module but this is off memory so I'm not sure.

[M4cs]

I've assigned this ticket to you @TotallyNotChase, it seems you are going to be taking this on and I'm excited to see the PR you come up with. Always appreciated.

[M4cs]

This gist looks like a good reference point for generating AES encrypted strings and decrypting: https://gist.github.com/mborgerson/9847638

EDIT: Disclaimer!! Be careful for vulnerabilities in stream cipher attacks if using this method of AES or any AES Stream Ciphers for that matter. I'll review during code review of your PR but i would still check to make sure while self-reviewing!