Data Structure
Networking
RDBMS
Operating System
Java
MS Excel
iOS
HTML
CSS
Android
Python
C Programming
C++
C#
MongoDB
MySQL
Javascript
PHP
Physics
Chemistry
Biology
Mathematics
English
Economics
Psychology
Social Studies
Fashion Studies
Legal Studies
- Selected Reading
- UPSC IAS Exams Notes
- Developer's Best Practices
- Questions and Answers
- Effective Resume Writing
- HR Interview Questions
- Computer Glossary
- Who is Who
Fernet (Symmetric Encryption) using a Cryptography Module in Python
Symmetric encoding is a cryptographic technique, where the same key is used for both encryption and decryption of messages from client to server. In order to ensure no sensitive information is leaked while passing the network packets through vulnerable servers, where hackers may use this message for malicious intent, encrypting the message will be a good idea.
There are some steps followed in symmetric encryption:
Key generation: For both the client and server, in order to access the message, a secret key is generated first and sent to the receiver in order to decrypt the encrypted message. There are chances of compromise if in case, the key is leaked.
Encryption: The sender runs the unencrypted message through an encryption program, converting it into ciphertext, which is generally unintelligible to human eyes and won’t be of much use to hackers if the information cannot be understood.
Transmission: After the encryption is done, this ciphertext can be sent in any unsecured channels, with little fear of data being compromised, since it will be sent as ciphertext.
Decryption: When the ciphertext or message is received, the receiver would be able to decode the ciphertext into plaintext by using the key provided to them by the sender.
Fernet
Fernet is a symmetric encryption technique available to users in the cryptography module in Python that makes it easy to encrypt and decrypt text and provides an easy interface for beginners in cryptography.
Fernet uses the Advanced Encryption Standard(AES) algorithm to encode and decode messages. AES is a highly secure, widely used and popular cryptography algorithm used by developers.
The ciphertexts of Fernet are URL-safe, which means, we can send the ciphertexts through the World Wide Web, making data transmission more convenient.
Fernet generates a highly secure alphanumeric key using a random number generator. It is a 32-byte long key, making it highly resistant to brute-force attacks.
It also supports key rotation, that is, the ability to generate new keys and replace the old keys all the time.
Fernet supports time stamping and serialization of data to be attached along with the key. This is done in order to improve the security of the key since attaching a timestamp to the key will ensure that it has limited validity.
Example
Using the cryptography module in Python, we import the Fernet function from where we can generate a key used for both encryption and decryption. Encoding the message will change it into ciphertext which is then sent to the receiver who will then convert the message using the key to convert it back to plaintext.
from cryptography.fernet import Fernet
key=Fernet.generate_key()
fernet = Fernet(key)
msg="This is a sample message".encode()
encrypted_msg=fernet.encrypt(msg)
decrypted_msg=fernet.decrypt(encrypted_msg)
decrypted_msg=decrypted_msg.decode()
print("Original Message: ", msg.decode())
print("Encrypted Message: ", encrypted_msg)
print("Decrypted Message: ", decrypted_msg)
Output
Original Message: This is a sample message Encrypted Message: b'gAAAAABkXM2tcyWUdIY_vIXk1vbrPgELWu2v48RRohelbOrOUJIsECT4zUPaCkPqdd80Djf9t yqdxpbzaHBtG7hi0qle8me5BVlTv8VlJwW5scKKnnPsAAE=' Decrypted Message: This is a sample message
Conclusion
There are many advantages to symmetric encryption:
Efficiency: It consumes fewer computational resources and is faster as compared to asymmetric encryption.
Confidentiality: Unless the key to the encrypted code is known, data is in safe hands and even if the hacker procures the message, they cannot infer anything from it since they do not possess the key.
But, despite all its positives, it faces quite some challenges from the encryption side in general:
Key distribution: One of the important factors when it comes to symmetric encryption is the secret key passed between sender and receiver. The keys should be sent confidentially in order to ensure the safety of encrypted data. As the number of users in a network increases, so does the complexity of ensuring that all keys towards all receivers are relayed securely.
Key management: As the number of participants and encrypted messages increases, so does the complexity of handling and using multiple keys through the network as a whole in order to ensure data security.
There are ways to address these challenges, hybrid encryption schemes are used, where symmetric encryption is used to encrypt the data, while asymmetric encryption can ensure a secure exchange of symmetric keys from sender to receiver. This combines both the positive applications of symmetric and asymmetric encryption.
2K+ Views
