In the IT industry, Cryptography is one of the most important techniques to secure sensitive data. According to Wikipedia Cryptography is about constructing and analyzing protocols that prevent third parties or the public from reading private messages. What this exactly means let's understand, now assume that you have a secret message that you do not want to share with any other except the receiver. Of course, you are sending the message to the receiver so he only will receive that message but what if someone manages to hack your message. In this case, if your message will be in a normal text he can easily read it, so to avoid this type of risk we encrypt our message before sending it. So that even if someone manages to hack our message he can not read the message. As per my understanding, the Encryption/Decryption or Encoding/Decoding of the message is called Cryptography.
There are multiple ways to Encrypt and Decrypt the message, I will be covering here AES (Advanced Encryption Standard) encryption and decryption using Python. AES encryption and description technique use the key to encrypt the message and the same key will be used to decrypt the message. Enough talk let's start with some coding stuff...
The Github link for this blog you can find Here
Encrypt/Decrypt Messages
We will use Python's pycryptodom library, it is open source and available on PyPi so you can easily download using pip by hitting the below command.
pip install pycryptodom
Now the library is installed so let's write a code to encrypt our message using a key, we will also decrypt the message using the same key in this code.
I am using CBC Mode (Cyphertext Block Chaining Mode) in this mode, each Block (explained below) gets XOR-ed with the previous ciphertext block before encryption. There are multiple modes in AES you can find in the Docs.
In this code, I am generating a random key using the Random method from a pycryptodom library. You can use your own key to encrypt your message. Remember that AES uses a fixed-size key (16, 24, or 32 bytes only) for encryption.
The Initialization Vector is a piece of data unpredictable to adversaries, this argument is required to pass while creating the AES object.
I have created two functions encrypt_msg and decrypt_msg. In these functions, I have created an object of AES and passed key, mode, and iv as an argument. Now before moving to the next line let understand what is Block? Since the method encrypt() and decrypt() from CBC Mode of AES expects a fixed size of data at a single time in order to encrypt the message, AES divides the message into 16 bytes of each Block. If your message is less or greater than 16 bytes you have to add a character according to maintain 16 bytes of blocks.
My message in the code is "I Love Making Blog" and the length of this string is 18 bytes including spaces. The first block is properly filled here with 16 bytes but the second block has less character so we are filling it with "*" in order to complete 16 bytes of the Block.
BLOCK-1
I |
| L | o | v | e |
| M | a | k | i | n | g |
| B | l |
1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12 | 13 | 14 | 15 | 16 |
BLOCK-2
o | g | * | * | * | * | * | * | * | * | * | * | * | * | * | * |
1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12 | 13 | 14 | 15 | 16 |
Now let's understand with one more example suppose you have less than 16 bytes string "I Love Java", here the length of the string is 12 bytes so in order to maintain 16 bytes of Block we are adding 5 more characters in the string.
I |
| L | o | v | e |
| J | a | v | a | * | * | * | * | * |
1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12 | 13 | 14 | 15 | 16 |
I hope you understood what is Block. Now in order to maintain 16 bytes of each block we are using pad and unpad module from Crypto.Util.Padding. In a pad module, we have to pass our message and number of block size which 16 bytes equivalent of AES.block_size. Once after padding the message we are ready to pass the message to encrypt() method of CBC cipher and finally return the encrypted message from encrpt_msg() function.
The decrypt_msg() function works the same as the encrypt_msg function, here we are unpadding the message and decrypting it in order to achieve the original plain text message. Still, our message will not be in plain text, it will be in binary form so to convert binary to a plain text we are using the decode method from Python and returning the decrypted message.
The function encrypt_msg() (and likewise decrypt_msg()) from above code expect string message to encrypt and decrypt the message.
We are going to understand how AES works in CBC Mode. In the below diagram, Blocks data are nothing but 16 bytes message inputs that provided with pad to encrypt the data. Now in CBC Mode, it encrypts the first block which is Block-1 as it is with a provided key after this it passes the encrypted data to the next Block. In the next block which is Block-2, encrypted data from Block-1 get XOR with Block-2 data then encrypted, and so on.
Encrypt/Decrypt Files
In the above code, I have used Encryption/Decryption on files, it uses the same concept as we have done in the message. Feel free to ask questions in the comments section below.
Thank you for visiting my blog๐! If you enjoyed this article, you can subscribe to my blog for the latest updates. Let me know your comments about this article.
Comments
Post a Comment