Chilkat • HOME • Android™ • Classic ASP • C • C++ • C# • Mono C# • .NET Core C# • C# UWP/WinRT • DataFlex • Delphi ActiveX • Delphi DLL • Visual FoxPro • Java • Lianja • MFC • Objective-C • Perl • PHP ActiveX • PHP Extension • PowerBuilder • PowerShell • PureBasic • CkPython • Chilkat2-Python • Ruby • SQL Server • Swift 2 • Swift 3/4 • Tcl • Unicode C • Unicode C++ • Visual Basic 6.0 • VB.NET • VB.NET UWP/WinRT • VBScript • Xojo Plugin • Node.js • Excel • Go
| Discusses symmetric encryption key generation techniques for block encryption algorithms such as AES, Blowfish, and Twofish, or for other algorithms such as ChaCha20.
|
© 2000-2020 Chilkat Software, Inc. All Rights Reserved.
At the outset, asymmetric key cryptography was devised as an infrequent-use solution because of two important limitations: Creating an asymmetric key pair is mathematically intensive; Asymmetric key cryptography is not efficient on large amounts of data; It is this first limitation that I’m addressing in this blog. In brief, generating a useful key pair today is a nearly trivial.
Python Fast Generate Asymmetric Keys
- Getting a Key
Using the cryptography module in Python, this post will look into methods of generating keys, storing keys and using the asymmetric encryption method RSA to encrypt and decrypt messages and files. We will be using cryptography.hazmat.primitives.asymmetric.rsa to generate keys.
Installing cryptography
Since Python does not come with anything that can encrypt files, we will need to use a third party module.
PyCrypto is quite popular but since it does not offer built wheels, if you don't have Microsoft Visual C++ Build Tools installed, you will be told to install it. Instead of installing extra tools just to build this, I will be using the cryptography module. To install this, execute:
To make sure it installed correctly, open IDLE and execute:
If no errors appeared it has been installed correctly.
What is Asymmetric Encryption?
Asymmetric Key Vs Symmetric Key
If you read my article on Encryption and Decryption in Python, you will see that I only used one key to encrypt and decrypt.
Asymmetric Key Cryptography
Asymmetric encryption uses two keys - a private key and a public keys. Public keys are given out for anyone to use, you make them public information. Anyone can encrypt data with your public key and then only those with the private key can decrypt the message. This also works the other way around but it is convention to keep your private key secret.
Getting a Key
To generate the two keys, we can call rsa.generate_private_key with some general parameters. The public key will be found in the object that holds the creation of the private key.
Storing Keys
To store the keys in a file, they first need to be serialized and then written to a file. To store the private key, we need to use the following.
You can password protect the contents of this file using this top key serialization example.
To store the public key, we need to use a slightly modified version.
Remember that public and private keys are different so you will have to use these methods for each key.
Reading Keys
To get the keys out of the files, we need to read each file and then load them. To read the private key, use the following.
If you store the key with a password, set password to what you used.
The variable private_key will now have the private key. To read the public key, we need to use a slightly modified version.
The variable public_key will now have the public key.
Encrypting
Due to how asymmetric encryption algorithms like RSA work, encrypting with either one is fine, you just will need to use the other to decrypt. Applying a bit of logic to this can create some useful scenarios like signining and verification. For this example I will assume that you keep both keys safe and don't release them since this example is only for local encryption (can be applied to wider though when keys are exchanged).
This means you can use either key but I will demonstrate using the public key to encrypt, this will mean anyone with the private key can decrypt the message.
Decrypting
Assuming that the public key was used to encrypt, we can use the private key to decrypt.
Demonstration
To show this in action, here is a properly constructed example.
Encrypting and Decrypting Files
To encrypt and decrypt files, you will need to use read and write binary when opening files. You can simply substitute the values I previous used for message with the contents of a file. For example:
Using the variable message you can then encrypt it. To store, you can use the general Python method when encryption returns bytes.
Now to decrypt you can easily read the data from test.encrypted like the first bit of code in this section, decrypt it and then write it back out to test.txt using the second bit of code in this section.