Simple AES Encryption in Python

[maboroshi]

Ok so in this tutorial I will demonstrate AES Encryption in Python

What is AES and how is it used?

The AES protocol is a set of three block ciphers selected by the National Institute of Standards and Technology (NIST) in 2000 after a three-year competition. NIST is a federal technology agency that develops and promotes measurement standards. Its selection ousted Data Encryption Standard (DES) as the national and international security encryption standard. DES was the most widely deployed block cipher in both software and hardware applications.

Why should you care? AES encryption is the vault that secures online information and financial transactions by financial institutions, banks and e-commerce sites.

Encrypting information in Python is generally pretty easy. Using high level modules it makes it pretty straightforward to encrypt data

Ok first lets start with encrypting data note you will need PyCrypto installed

Code: Select all

from Crypto.Cipher import AES

your_key = "ABCDEFGHIJKLMNOP"

def encrypt_my_message(msg):
    key = your_key
    iv = '1234567812345678'
    aes = AES.new(key, AES.MODE_CBC, iv)
    if len(msg) % 16 != 0:
        msg += ' ' * (16 - len(msg) % 16)
    msg = aes.encrypt(msg)
    return msg

encrypt_my_message("Hello my name is Maborosh")

Whoa wait a min what is all this code

ok first we import our crypto library easy enough. next we create a 16 char key for us to use you would probably want to use 32 or 64 for heavy encryption (this is defined as your_key)

Here is something new to you (maybe) called the iv (initialization vector) now what does this mean well (lets have wiki explain it).

In cryptography, an initialization vector (IV) is a fixed-size input to a cryptographic primitive that is typically required to be random or pseudorandom. Randomization is crucial for encryption schemes to achieve semantic security, a property whereby repeated usage of the scheme under the same key does not allow distinction between the encrypted message and the message parts. For block ciphers, the use of an IV is described by so-called modes of operation. Randomization is also required for other primitives, such as universal hash functions and message authentication codes based thereon.

Your iv and your_key will obviously have to change to be more secure.

Code: Select all

    if len(msg) % 16 != 0:
        msg += ' ' * (16 - len(msg) % 16)

Ok this is important this checks to see that the message is in blocks of 16 chars and if not adds spaces to the last bit of the message to make it a block of 16.

The reason why this is needed is because in AES everything is encrypted in 16 byte chunks (Actually don't quote me on that) Some one feel free to correct that. But regardless that code is needed to make the data total 16 chars

The rest is pretty straightforward.

Tomorrow I will write how to decrypt this data

[maboroshi]

Decrypting the Data in Python is pretty straightforward here is an example of decrypting encrypted data.

Code: Select all

your_key = "ABCDEFGHIJKLMNOP"

def decrypt_my_message(msg):
    iv = "1234567812345678"
    key = your_key
    if len(key) not in (16, 24, 32):
        raise ValueError("Key must be 16, 24, or 32 bytes")
    if (len(msg) % 16) != 0:
        raise ValueError("Message must be a multiple of 16 bytes")
    if len(iv) != 16:
        raise ValueError("IV must be 16 bytes")
    cipher = AES.new(key, AES.MODE_CBC, iv)
    plaintext = cipher.decrypt(msg)
    return plaintext

We check if our key is of a proper length. Then we check if the message is of 16 bytes, and finally our iv should be 16 bytes.

then call decrypt and return our decrypted message. Obviously the message would need to be encrypted to be passed to the decrypt_my_message function

Anyway that is it hope you enjoyed my simple tutorial

*cheers

Maboroshi

[bad_brain]

great tut man,stickyfied...