Home > Backend Development > Python Tutorial > How Can I Securely Encrypt Password-Protected Strings in Python?

How Can I Securely Encrypt Password-Protected Strings in Python?

Susan Sarandon
Release: 2024-10-22 22:27:02
Original
254 people have browsed it

How Can I Securely Encrypt Password-Protected Strings in Python?

Secure Encryption for Password-Protected Strings

Problem:

Python lacks a built-in mechanism to encrypt and decrypt strings using a password. This can be problematic for scenarios requiring data obfuscation without strong security measures.

Solution:

Cryptography libraries, such as cryptography, provide secure encryption schemes.

Using Fernet for Symmetric Key Encryption

Fernet is a best-practice recipe for using cryptography. It combines AES CBC encryption with an HMAC signature, timestamp, and version information to protect data.

<code class="python">from cryptography.fernet import Fernet

# Generate a random 32-byte key (securely store it)
key = Fernet.generate_key()

# Encrypt and decrypt messages using the key
def encrypt(message, key):
    return Fernet(key).encrypt(message.encode())

def decrypt(token, key):
    return Fernet(key).decrypt(token).decode()</code>
Copy after login

Alternative Approaches:

Data Obscuring:

If data integrity is not a concern, base64 encoding can be used for obscuring.

<code class="python">import base64

def obscure(data):
    return base64.urlsafe_b64encode(data)

def unobscure(obscured):
    return base64.urlsafe_b64decode(obscured)</code>
Copy after login

Data Integrity:

HMAC signing can ensure data integrity by calculating a signature using a key and hashing algorithm.

<code class="python">import hmac
import hashlib

def sign(data, key, algorithm=hashlib.sha256):
    return hmac.new(key, data, algorithm).digest()

def verify(signature, data, key, algorithm=hashlib.sha256):
    return hmac.compare_digest(expected, signature)</code>
Copy after login

Using AES-GCM for Encryption with Integrity

Similar to Fernet, AES-GCM provides encryption and integrity using the Galois / Counter mode block cipher.

<code class="python">from cryptography.hazmat.primitives.ciphers import Cipher, algorithms, modes
from cryptography.hazmat.backends import default_backend

def aes_gcm_encrypt(message, key):
    # ... (Implementation omitted for brevity)

def aes_gcm_decrypt(token, key):
    # ... (Implementation omitted for brevity)</code>
Copy after login

The above is the detailed content of How Can I Securely Encrypt Password-Protected Strings in Python?. For more information, please follow other related articles on the PHP Chinese website!

source:php
Statement of this Website
The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn
Latest Articles by Author
Popular Tutorials
More>
Latest Downloads
More>
Web Effects
Website Source Code
Website Materials
Front End Template