Shulou(Shulou.com)06/01 Report--

Editor to share with you what are the ways to achieve encryption of python, I believe most people do not know much about it, so share this article for your reference, I hope you can learn a lot after reading this article, let's go to know it!

Basic knowledge literacy

Symmetrical encryption

Symmetric key encryption, also known as private key encryption. That is, the sender and receiver of the message use a key to encrypt and disclose the data. The biggest advantage is the high speed of encryption and decryption, which is suitable for encrypting a large amount of data. the disadvantage of symmetric encryption is the management and distribution of the key, in other words, how to send the key to the person who needs to decrypt your message. In the process of sending a key, there is a great risk that the key will be intercepted by hackers. In reality, the symmetrically encrypted key is asymmetrically encrypted and then passed on to those who need it.

Asymmetric encryption

Asymmetric encryption system, also known as public key encryption. Asymmetric encryption provides a very secure way for data encryption and decryption. She used a pair of keys, private keys and public keys. The private key can only be kept securely by one party and cannot be leaked, while the public key can be sent to anyone who requests her. Asymmetric encryption uses one of this pair of keys to encrypt, while decryption requires another key. For example, if you go to the bank, you ask the bank for the public key, the bank sends you the public key, and you use the public key to encrypt the message, then only the holder of the private key, the bank, can decrypt your message. Unlike symmetric encryption, banks do not need to send private keys over the network. Therefore, the security is greatly improved. At present, the most commonly used asymmetric encryption algorithm is RSA algorithm. The public key mechanism is flexible, but the encryption and decryption speed is much slower than the symmetric key encryption. Public key mechanisms are flexible, but encryption and decryption are much slower than heap encryption.

1) Alice needs to make a transaction on the bank's website, and her browser first generates a random number as a symmetric key.

(2) the browser of Alice requests the public key from the bank's website.

(3) the bank sends the public key to Alice.

(4) Alice's browser uses the bank's public key to encrypt its own symmetric key.

(5) Alice's browser sends the encrypted symmetric key to the bank.

(6) the bank uses the private key to decrypt the symmetric key of the Alice browser.

(7) Alice and banks can use symmetric keys to encrypt and decrypt the content of communication.

Summary

(1) symmetric encryption uses the same key as decryption, so it is fast, but the security is not high because the key needs to be transmitted over the network.

(2) asymmetric encryption uses a pair of keys, public key and private key, so the security is high, but the speed of encryption and decryption is slow.

(3) the solution is to encrypt the key of symmetric encryption using the public key of asymmetric encryption, and then send it out, and the receiver uses the private key to decrypt it to get the key of symmetric encryption, and then the two parties can use symmetric encryption to communicate.

Attention points of encryption in python

The encryption method we are talking about is to encrypt the binary encoding format, and corresponding to the Python, it is our Bytes.

So when we encrypt in Python, make sure that we are operating on Bytes, otherwise an error will be reported.

You can use the encode () and decode () methods to convert strings to and from Bytes.

Base64

Base64 is a way to represent arbitrary binary data in 64 characters.

Base64 coding can be called the cornerstone of cryptography. Arbitrary binary data can be encoded with Base64. All data can be encoded into a text file that can be represented in only 65 characters. (65 characters: Amuri Zamurz 0Murmur9 + / =) the encoded data-- = 4max 3 of the pre-encoded data-- will be about 1max / 3 larger.

Principle

Description

During the conversion, the data of three byte are put into the buffer of one 24bit successively, and the first-come byte occupies the high position.

If the data is not enough for 3byte, use 0 to make up the remaining bit in the buffer. Then, take out 6 bit at a time, look up the table according to their values and select the corresponding characters as the encoded output.

Keep going until all the input data is converted.

If the last two pieces of input data are left, add a "=" to the encoding result.

If there is only one input data left, add 2 "=" to the encoding result.

If there is no data left, do not add anything, so as to ensure the correctness of the data restore.

Base64 encryption and decryption

Note:

1. Used for base64 encoding, either characters contained in ASCII or binary data

2.base64 is symmetrical encryption

MD5

Message-digest algorithm 5 (Information-Summary algorithm). The so-called "MD5 encryption" is the information summary algorithm.

Md5 is actually an algorithm. You can md5 a string, or a file, or a compressed package, and then generate a string with a fixed length of 128bit. This string is basically unique.

Description

Compressibility: any length of data, the calculated MD5 value length is fixed.

Easy to calculate: it is easy to calculate the MD5 value from the original data.

Anti-modification: any change to the original data, even if only modify 1 byte, the MD5 value obtained is very different.

Strong anti-collision: knowing the original data and its MD5 value, it is very difficult to find a data with the same MD5 value (that is, forged data).

Irreversibility: everyone has different fingerprints, see this person, you can get his fingerprint and other information, and the only corresponding, but you only look at a fingerprint, it is impossible to see or read this person's appearance or identity and other information.

MD5 encryption and decryption

Because the MD5 module is removed in python3, use the hashlib module for md5 operations in python3

Output result

Before MD5 encryption: this is a test MD5 encryption is: cfca700b9e09cf664f3ae80733274d9f

The length of md5 defaults to 128bit, that is, 128binary strings of zeros and ones. It is very unfriendly to express this. So the binary is converted to hexadecimal, and every four bit represents a hexadecimal, so 128ap4 = 32 is changed to hexadecimal, which is 32 bits.

Why are there still 16-bit md5 on the Internet?

In fact, the 16-bit length is derived from the 32-bit MD5 value. It is obtained by removing the first eight bits of the 32-bit md5 and the last eight bits.

DES

Introduction to PyCrypto

PyCrypto is the most famous third-party software package in cryptography in Python, which provides the use of many encryption algorithms. Unfortunately, its development work stopped in 2012.

Fortunately, there is a branch of the project, PyCrytodome, that replaces PyCrypto.

Installation and import

Microsoft Visual C++ 2015 needs to be installed before installation.

To install on Linux, you can use the following pip command:

Pip install pycryptodome

Import:

Import Crypto

Installation on Windows systems is slightly different:

Pip install pycryptodomex

Import:

Import Cryptodome

DES introduction

DES algorithm is a symmetric cryptosystem in the cryptosystem, also known as the American data encryption Standard.

DES is a packet encryption algorithm. Typical DES encrypts data with 64-bit packets, using the same algorithm for encryption and decryption.

There are three entry parameters of DES algorithm: Key, Data, and Mode. Among them, Key is 7 bytes and 56 bits, which is the working key of DES algorithm; Data is 8 bytes and 64 bits, which is the data to be encrypted or decrypted; Mode is the working mode of DES, there are two ways: encryption or decryption.

The key length is 64 bits, and the key is actually 56 bits participating in the DES operation (8, 16, 24, 32, 40, 48, 56, 64 bits are parity bits, so that each key has an odd number of 1). The grouped plaintext group and the 56-bit key are replaced or exchanged to form a ciphertext group.

Encryption principle

DES uses a 56-bit key and additional 8-bit parity bits to produce a maximum packet size of 64 bits. This is an iterative block cipher using a technique called Feistel where encrypted text blocks are split in half. Apply the loop function to half of them using the subkey, and then "XOR" the output with the other half; then exchange the two halves, and the process continues, but the last loop is not exchanged. DES uses 16 loops and uses four basic operations: XOR, permutation, substitution, and shift operations.

Algorithm step

1) initial replacement

Its function is to reassemble the 64-bit data blocks of the input bit by bit, and divide the output into two parts, L0 and R0, each of which is 32 bits long. the replacement rule is to change the 58th bit of the input to the first bit, and the 50th bit to the second bit. And so on, the last one is the original seventh. L0 and R0 are the two parts after transposition output. L0 is the left 32-bit of the output, and R0 is the right 32-bit. For example, the input value before transposition is set to D1D2D3. D64, the result after the initial replacement is: L0=D58D50... D8TX R0mm D57D49. D7 .

The replacement rules are shown in the following table:

58,50,42,34,26,18,10,2,60,52,44,36,28,20,12,4

62,54,46,38,30,22,14,6,64,56,48,40,32,24,16,8

57,49,41,33,25,17,9,1,59,51,43,35,27,19,11,3

61,53,45,37,29,21,13,5,63,55,47,39,31,23,15,7

2) inverse permutation

After 16 iterative operations, L16 and R16 are obtained, which are used as inputs for inverse permutation, which is exactly the inverse operation of the initial permutation, from which the ciphertext output is obtained.

This algorithm is the representative of symmetric encryption algorithm system and is widely used in computer network system.

DES encryption and decryption

3DES

3DES, or Triple DES, is a generic name for triple data encryption algorithm (TDEA,Triple Data Encryption Algorithm) block ciphers. It is equivalent to applying the DES encryption algorithm three times to each block of data.

Due to the enhancement of computer computing power, the key length of the original DES password becomes easy to be violently cracked. 3DES is designed to provide a relatively simple method, that is, to avoid similar attacks by increasing the key length of DES, rather than designing a new block cryptographic algorithm.

3DES (i.e. Triple DES) is an encryption algorithm for the transition from DES to AES (in 1999, NIST designated 3-DES as the transitional encryption standard). The encryption algorithm is implemented as follows: let Ek () and Dk () represent the encryption and decryption process of the DES algorithm, K represents the key used by the DES algorithm, M represents plaintext, and C represents ciphertext, so:

The 3DES encryption process is: C=Ek3 (Dk2 (Ek1 (M)

3DES decryption process is: M=Dk1 (EK2 (Dk3 ©))

AES

Advanced encryption Standard (Advanced Encryption Standard, abbreviation: AES), also known as Rijndael encryption method in cryptography, is a block encryption standard adopted by the federal government of the United States. This standard, which is used to replace the original DES, has been analyzed by many parties and is widely used all over the world. After a five-year selection process, the Advanced encryption Standard was issued by the National Institute of Standards and Technology (NIST) in FIPS PUB 197 on November 26th, 2001, and became a valid standard on May 26th, 2002. In 2006, the advanced encryption standard has become one of the most popular algorithms in symmetric key encryption.

AES can encrypt and decrypt quickly in both software and hardware, so it is relatively easy to implement and requires very little memory. As a new encryption standard, it is currently being deployed to a wider range of applications.

Characteristics

To resist all known attacks.

The speed is fast and the coding is compact on multiple platforms.

The design is simple.

AES encryption and Decoding

AES is a block cipher, which divides plaintext into groups of equal length, encrypting one group of data at a time until the whole plaintext is encrypted. In the AES standard specification, the packet length can only be 128 bits, that is, each packet is 16 bytes (8 bits per byte). The length of the key can be 128 bits, 192 bits, or 256 bits. The recommended number of encryption rounds varies with the length of the key.

The commonly used one is 128 bits.

RSA

RSA encryption algorithm is an asymmetric encryption algorithm. RSA is widely used in public key encryption and e-commerce.

The algorithm is based on a very simple number theory fact: it is very easy to multiply two large primes, but it is extremely difficult to decompose the product at that time, so the product can be made public as the encryption key, that is, the public key. and two big primes are combined into a private key. The public key is publishable for anyone to use, while the private key is owned by itself for decryption.

Asymmetric encryption

Typical methods such as RSA, etc., use tools such as openssl and keytools to generate a pair of public and private keys. Data encrypted by the public key can be decrypted using the private key, and vice versa (data encrypted by the private key can also be decrypted by the public key).

In practical use, the private key is generally kept in the hands of the publisher, which is private and not public. Only by publicizing the public key, we can realize the method that only the holder of the private key can decrypt the data. This encryption method has a high security factor because it does not have to transmit the decrypted key, so there is no risk that the key will be intercepted in the process of transmission, and it is almost impossible to crack the ciphertext.

However, the efficiency of the algorithm is low, so it is often used for very important data encryption, often used in conjunction with symmetry, using the key of asymmetric encryption to encrypt the key of symmetric encryption.

RSA encryption and decryption

First we need to install a rsa module:

Pip install rsa

Moreover, because of the characteristics of the RSA encryption algorithm, the public and private keys of RSA are decimal, but the value of the public key is often saved in hexadecimal format, so it needs to be converted to decimal format with the int () method.

The above is all the contents of this article entitled "what are the ways to encrypt python?" Thank you for reading! I believe we all have a certain understanding, hope to share the content to help you, if you want to learn more knowledge, welcome to follow the industry information channel!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.