Shulou(Shulou.com)06/01 Report--

This article mainly introduces the relevant knowledge of "how to use 20 lines of Python code to achieve encrypted communication". The editor shows you the operation process through an actual case. The operation method is simple, fast and practical. I hope this article "how to use 20 lines of Python code to achieve encrypted communication" can help you solve the problem.

I. introduction

The Internet is full of eavesdropping, and our information is easily obtained by malicious people, which has a bad influence on us. If you need to transmit confidential or sensitive private information on the network, encryption may be needed in case of eavesdropping by people with ulterior motives. And the use of online or mobile phone encryption software, may be bad software is a hotbed of information disclosure. So as programmers, we can implement an encryption system by ourselves.

Second, encryption technology

We demonstrate two kinds of encryption techniques here, which are symmetric encryption and asymmetric encryption.

Before we talk about encryption, we need to assume our usage scenario, which is also a common setting in cryptography.

Alice Bob is both sides of the communication.

Eve is an eavesdropper.

The message passed is PlainText

Secret key key used for encryption

The encrypted ciphertext is secret message.

Common lock: simple symmetric encryption

Symmetric encryption: both encryption and decryption use the same secret key. For example, here, key='1234567887654321'.encode ('utf-8'), this key is the common key of Alice and Bob. When Alice sends a message, he needs to do the following to complete the encryption.

From Crypto.Cipher import AEScryptor = AES.new (key, AES.MODE_ECB) secret = cryptor.encrypt (plain.encode ('utf-8')) secret = b64encode (secret)

The first line imports the AES algorithm. AES is an algorithm of symmetric encryption.

In the second line, create a new cipher. Key is the secret key and AES.MODE_ECB is the information filling mode.

The third line completes the encrypt encryption

The fourth line of encrypted information is encoded by b64encode and sent to Bob.

HTTP is a text protocol, and the content is all text characters. If you want to transfer a binary file, you need to convert it to text, and Base64 code refers to the binary encoding form with characters.

After receiving the message, Bob performs the following decoding and decryption operations.

Secret = b64decode (secret) plainText = cryptor.decrypt (secret) .decode ('utf-8')

The obtained plainText is a plaintext message from Alice.

Note: two people use the same secret key to encrypt and decrypt.

Now let's solve a small problem: the network often loses packets, which leads to the lack of beginning and end of Alice speech. What should we do?

4. Untampered fingerprints: hash function

Just as everyone has fingerprints, the messages sent have their own fingerprints. The hash function is used to find the fingerprint of the message. The hash function, also known as the message digest function, is to extract a section of content and make a fingerprint. This output (fingerprint) is very characteristic:

No matter how long the input is, the output length is fixed and the output looks like garbled code.

If the input changes a little, the output is very different.

Fingerprints can be released from the message, but not from the fingerprint.

With the above features, Alice can hash the message and give both the hash value and the message to Bob. Bob also hashes the message, and if the two values are the same, it indicates that the sentence is complete and has not tampered with or lost the information.

From hashlib import md5plainText ='I love youthful hash.hash.hexdigest () md5 (plainText.encode ('utf-8')).

The result is this: 690a8cda8894e37a6fff4d1790d53b33. If Bob also hashes this message and the result is the same, the message is complete.

Now let's solve a big problem: symmetric encryption if the key is lost and acquired by the bad guy Eve, he can eavesdrop on the communication between Alice and Bob, or even pretend to send a message to the other party.

Now it's time for asymmetric encryption.

Spear and Shield: asymmetric encryption

Asymmetric encryption means that the encryption and decryption keys are not one, but a pair. The one held by oneself is called the private key, and the one given to the other party is called the public key. The characteristics are:

Public key encryption, private key decryption.

Private key encryption, public key decryption.

The private key can derive the public key, and vice versa.

Taking advantage of the above characteristics, we can implement a secure encryption algorithm. First, Bob generates the secret key and saves it as a file.

Import rsaBob_pubkey, Bob_privkey = rsa.newkeys with open ('Bob-pri.pem',' wb') as prif, open ('Bob-pub.pem',' wb') as pubf: prif.write (Bob_privkey.save_pkcs1 ()) pubf.write (Bob_pubkey.save_pkcs1 ())

Among them

Bob_prikey is the private key of Bob, which is stored by yourself.

Bob_pubkey is the public key of Bob, which is given to Bob.

When Alice sends a message to Bob

Use Bob's public key encryption: secret=rsa.encrypt (plain_byte,Bob_pubkey).

After Bob receives the message

Bob uses its own private key to decrypt the message from Alice: plain=rsa.decrypt (secret,Bob_prikey). Decode ('utf-8').

Bob's public key allows Alice to send messages to Bob,Bob to uncover the secret with its own private key. Similarly, Alice's key pair allows the other person to send a message to himself. At this point, Alice and Bob achieve secure communication, encrypting with each other's public key and decrypting messages sent to themselves with their own private keys.

Even if the message sent to Bob by Alice was intercepted by Eve, he did not have the private key of Bob and could not decipher the ciphertext.

However, there is a problem. What if Eve encrypts the message with the public key of Bob and sends a Bob disguised as Alice? How can I be sure that Alice is Alice and not Eve? The crux of the problem is that Alice holds the Alice private key, while Eve has no private key, which is the basis of digital signature technology.

VI. Mantra: digital signature

Eve disguised as Alice, like a fake Tang monk disguised as a Tang monk, words and behavior looks very similar, how can people distinguish it? Very simply, the real Tang monk has a core technology, that is, the hoop spell.

In asymmetric encryption, it is usually encrypted with public key and decrypted by private key. If you encrypt it with a private key, it is actually equivalent to a signature. Because only the holder of the private key can be encrypted and decrypted by the public key. So private key encryption is equivalent to confirming the signature of the private key holder-- the message comes from the private key holder.

The private key is equivalent to the mantra of the real Tang monk.

Because of efficiency, the original information is generally not encrypted, but the value after its hash is encrypted. According to the characteristics of the hash above, this can still ensure that the original information is unique and untampered.

The private key encryption of the message digest is called a digital signature.

The verification steps are as follows:

Alice is ready to send a message PlainText

First calculate its MD5 hash value Hash_a

Then encrypt the hash value with private key (digital signature)

Send Alice's public key, digital signature, and message to Bob

After Bob received the message,

Use the public key of Alice to decrypt the digital signature to produce a hash value of Hash_a to be verified

Then calculate the message hash value Hash_b

If Hasha = = Hashb, the sender must be an Alice with a private key, and the message has not been modified

Otherwise, the message is not sent by Alice

Signature = rsa.sign (plain_byte, Alice_prikey, 'MD5') status = rsa.verify (plain_byte, signature, Alice_pubkey)

Note that in the sign method above, the private key of Alice is signed, while the public key of Alice is used for checking. Alice cannot deny his signed message because only he holds his own private key, and no one else can sign (private key encryption) such a message.

This is the end of the introduction on "how to use 20 lines of Python code to achieve encrypted communication". Thank you for reading. If you want to know more about the industry, you can follow the industry information channel. The editor will update different knowledge points for you every day.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.