Cryptography with Python: Symmetric, Asymmetric, Hash Functions, and Digital Signatures

Table of Contents

1. Introduction
2. Symmetric Cryptography
   • Encryption
   • Decryption
3. Asymmetric Cryptography
   • Key Generation
   • Encryption
   • Decryption
4. Hash Functions
   • Generating Hash
   • Verifying Hash
5. Digital Signatures
   • Signing a Message
   • Verifying a Message
6. Conclusion

Introduction

In today’s interconnected world, data security is of utmost importance. Cryptography is a fundamental building block in ensuring the confidentiality, integrity, and authenticity of information. In this tutorial, you will learn about different cryptographic techniques and how to implement them using Python.

By the end of this tutorial, you will be able to:

• Understand the concepts of symmetric and asymmetric cryptography
• Implement encryption and decryption using both symmetric and asymmetric algorithms
• Generate hash values for data integrity
• Create and verify digital signatures for message authentication

Before starting this tutorial, you should have a basic understanding of Python programming language. Additionally, you need to have Python installed on your computer.

Symmetric Cryptography

Symmetric cryptography involves using the same key for both encryption and decryption of a message. It is commonly used for secure communication over insecure channels.

Encryption

To encrypt a message using symmetric cryptography, follow these steps:

1. Import the necessary Python library, such as cryptography.
2. Generate a secret key using a secure random number generator.
3. Convert the message to bytes.
4. Create a cipher object with the chosen symmetric algorithm and secret key.
5. Use the cipher object to encrypt the message.
6. Print or store the encrypted message.

Here is an example of encrypting a message using symmetric cryptography: ```python import cryptography from cryptography.fernet import Fernet

message = "Hello, World!"
secret_key = Fernet.generate_key()

cipher = Fernet(secret_key)
encrypted_message = cipher.encrypt(message.encode())

print(encrypted_message)
``` ### Decryption

To decrypt a message encrypted using symmetric cryptography, follow these steps:

1. Import the necessary Python library, such as cryptography.
2. Convert the encrypted message to bytes.
3. Create a cipher object with the chosen symmetric algorithm and secret key used for encryption.
4. Use the cipher object to decrypt the message.
5. Print or use the decrypted message.

Here is an example of decrypting a message using symmetric cryptography: ```python import cryptography from cryptography.fernet import Fernet

encrypted_message = b'...'
secret_key = b'...'

cipher = Fernet(secret_key)
decrypted_message = cipher.decrypt(encrypted_message)

print(decrypted_message.decode())
``` ## Asymmetric Cryptography

Asymmetric cryptography, also known as public-key cryptography, uses two different keys for encryption and decryption. This provides stronger security and enables secure key exchange.

Key Generation

To generate a key pair for asymmetric cryptography, follow these steps:

1. Import the necessary Python library, such as cryptography.
2. Generate a key pair using the chosen asymmetric algorithm.
3. Extract the public and private keys from the generated pair.
4. Print or store the keys.

Here is an example of generating a key pair for asymmetric cryptography: ```python import cryptography from cryptography.hazmat.primitives import serialization from cryptography.hazmat.primitives.asymmetric import rsa

key_pair = rsa.generate_private_key(
    public_exponent=65537,
    key_size=2048
)

public_key = key_pair.public_key()
private_key = key_pair.private_bytes(
    encoding=serialization.Encoding.PEM,
    format=serialization.PrivateFormat.PKCS8,
    encryption_algorithm=serialization.NoEncryption()
)

print(public_key)
print(private_key.decode())
``` ### Encryption

To encrypt a message using asymmetric cryptography, follow these steps:

1. Import the necessary Python library, such as cryptography.
2. Convert the message to bytes.
3. Load the recipient’s public key.
4. Create a cipher object with the recipient’s public key and chosen asymmetric algorithm.
5. Use the cipher object to encrypt the message.
6. Print or store the encrypted message.

Here is an example of encrypting a message using asymmetric cryptography: ```python import cryptography from cryptography.hazmat.primitives import serialization from cryptography.hazmat.primitives.asymmetric import rsa from cryptography.hazmat.primitives.asymmetric import padding

message = "Hello, World!"
public_key = b'...'

public_key = serialization.load_pem_public_key(public_key)

encrypted_message = public_key.encrypt(
    message.encode(),
    padding.OAEP(
        mgf=padding.MGF1(algorithm=hashes.SHA256()),
        algorithm=hashes.SHA256(),
        label=None
    )
)

print(encrypted_message)
``` ### Decryption

To decrypt a message encrypted using asymmetric cryptography, follow these steps:

1. Import the necessary Python library, such as cryptography.
2. Convert the encrypted message to bytes.
3. Load your private key.
4. Create a cipher object with your private key and chosen asymmetric algorithm.
5. Use the cipher object to decrypt the message.
6. Print or use the decrypted message.

Here is an example of decrypting a message using asymmetric cryptography: ```python import cryptography from cryptography.hazmat.primitives import serialization from cryptography.hazmat.primitives.asymmetric import rsa from cryptography.hazmat.primitives.asymmetric import padding

encrypted_message = b'...'
private_key = b'...'

private_key = serialization.load_pem_private_key(
    private_key,
    password=None
)

decrypted_message = private_key.decrypt(
    encrypted_message,
    padding.OAEP(
        mgf=padding.MGF1(algorithm=hashes.SHA256()),
        algorithm=hashes.SHA256(),
        label=None
    )
)

print(decrypted_message.decode())
``` ## Hash Functions

Hash functions are used to generate a unique fixed-length value (hash) for a given input. They provide data integrity by ensuring that any change in the input will result in a different hash.

Generating Hash

To generate a hash using a hash function, follow these steps:

1. Import the necessary Python library, such as hashlib.
2. Create a hash object with the chosen hash algorithm.
3. Convert the message to bytes.
4. Update the hash object with the message.
5. Get the hash value.
6. Print or use the hash value.

Here is an example of generating a hash using the SHA-256 algorithm: ```python import hashlib

message = "Hello, World!"

hash_object = hashlib.sha256()
hash_object.update(message.encode())

hash_value = hash_object.hexdigest()

print(hash_value)
``` ### Verifying Hash

To verify the integrity of a message using a hash function, follow these steps:

1. Import the necessary Python library, such as hashlib.
2. Create a hash object with the chosen hash algorithm.
3. Convert the original message to bytes.
4. Update the hash object with the original message.
5. Get the original hash value.
6. Retrieve the received message and its hash value.
7. Verify the integrity by comparing the original and received hash values.

Here is an example of verifying the integrity of a message using the SHA-256 algorithm: ```python import hashlib

original_message = "Hello, World!"
received_message = "Hello, World!" # Could be modified

hash_object = hashlib.sha256()
hash_object.update(original_message.encode())

original_hash_value = hash_object.hexdigest()

received_hash_value = hashlib.sha256()
received_hash_value.update(received_message.encode())
received_hash_value = received_hash_value.hexdigest()

if original_hash_value == received_hash_value:
    print("Message integrity verified.")
else:
    print("Message has been modified!")
``` ## Digital Signatures

Digital signatures provide authentication and non-repudiation capabilities. They are created using a private key and can be verified using the corresponding public key.

Signing a Message

To sign a message using a digital signature, follow these steps:

1. Import the necessary Python library, such as cryptography.
2. Convert the message to bytes.
3. Load your private key.
4. Create a signature object with the chosen asymmetric algorithm and private key.
5. Use the signature object to sign the message.
6. Print or store the digital signature.

Here is an example of signing a message using a digital signature: ```python import cryptography from cryptography.hazmat.primitives import serialization from cryptography.hazmat.primitives.asymmetric import rsa from cryptography.hazmat.primitives import hashes from cryptography.hazmat.primitives.asymmetric import padding

message = "Hello, World!"
private_key = b'...'

private_key = serialization.load_pem_private_key(
    private_key,
    password=None
)

signature = private_key.sign(
    message.encode(),
    padding.PSS(
        mgf=padding.MGF1(hashes.SHA256()),
        salt_length=padding.PSS.MAX_LENGTH
    ),
    hashes.SHA256()
)

print(signature)
``` ### Verifying a Message

To verify a message using a digital signature, follow these steps:

1. Import the necessary Python library, such as cryptography.
2. Convert the original message to bytes.
3. Retrieve the received message and its digital signature.
4. Load the signer’s public key.
5. Create a verifier object with the chosen asymmetric algorithm, public key, and received digital signature.
6. Use the verifier object to verify the message.
7. Print the verification result.

Here is an example of verifying a message using a digital signature: ```python import cryptography from cryptography.hazmat.primitives import serialization from cryptography.hazmat.primitives.asymmetric import rsa from cryptography.hazmat.primitives import hashes from cryptography.hazmat.primitives.asymmetric import padding

original_message = "Hello, World!"
received_message = "Hello, World!" # Could be modified
digital_signature = b'...'
public_key = b'...'

public_key = serialization.load_pem_public_key(public_key)

verifier = public_key.verify(
    digital_signature,
    received_message.encode(),
    padding.PSS(
        mgf=padding.MGF1(hashes.SHA256()),
        salt_length=padding.PSS.MAX_LENGTH
    ),
    hashes.SHA256()
)

if verifier:
    print("Message signature verified.")
else:
    print("Message signature is invalid!")
``` ## Conclusion

In this tutorial, you have learned about different cryptographic techniques and how to implement them using Python. You now understand the concepts of symmetric and asymmetric cryptography, and how to encrypt, decrypt, generate hash values, and create and verify digital signatures.

Cryptography is a vast field with various advanced topics. You can further explore topics like key management, hybrid encryption, and more to enhance your knowledge and skills in securing information.

Published: 19 December 2021

Related Articles

• Building Your Own CLI (Command Line Interface) Tool with Python on Linux
• How to Develop a Python Plugin for GIMP
• Using the Python Debugger (pdb) for Efficient Debugging
• Python and SQLite: Building an Inventory Management System Exercise
• How to Create and Use Dictionaries in Python
• Efficient Data Processing in Python: Using Pandas and Dask
• Python Programming: Building a REST API with Flask
• Python for Cryptography: Building a Password Manager
• Python for Geographic Data Analysis: A Practical Guide
• A Deep Dive into Python's Memory Management
• Python for Computational Fluid Dynamics: A Practical Guide
• Python and OpenCV: Image Processing in Python
• Working with Dates and Times in Python
• Intermediate Matplotlib: Customizing Plots, Subplots, and Figure Layouts
• Python for Satellite Imagery Analysis: Using rasterio
• Python for Graph Theory: A Practical Guide
• Python for Geospatial Analysis: Using Geopandas
• Building a Flight Tracker with Python and APIs
• Building a Command-Line App in Python
• Building a Python App for Internet of Things (IoT)