In this article, we will see how to use PyCrypto to encrypt and decrypt data using AES-256.
We will use the AES CBC mode which is a popular encryption algorithm used for secure communication and data protection to encrypt & decrypt the data.
Install the PyCrypto library using the following command
pip install pycrypto
Following is the example program for encrypting and decrypting the data using PyCrypto.
# Import the required modules from Crypto.Cipher import AES from Crypto.Util.Padding import pad, unpad from Crypto.Random import get_random_bytes from base64 import b64encode, b64decode # Define the encryption function def encrypt_AES_CBC_256(key, message): key_bytes = key.encode('utf-8') message_bytes = message.encode('utf-8') iv = get_random_bytes(AES.block_size) cipher = AES.new(key_bytes, AES.MODE_CBC, iv) padded_message = pad(message_bytes, AES.block_size) ciphertext_bytes = cipher.encrypt(padded_message) ciphertext = b64encode(iv + ciphertext_bytes).decode('utf-8') return ciphertext # Define the decryption function def decrypt_AES_CBC_256(key, ciphertext): key_bytes = key.encode('utf-8') ciphertext_bytes = b64decode(ciphertext) iv = ciphertext_bytes[:AES.block_size] cipher = AES.new(key_bytes, AES.MODE_CBC, iv) ciphertext_bytes = ciphertext_bytes[AES.block_size:] decrypted_bytes = cipher.decrypt(ciphertext_bytes) plaintext_bytes = unpad(decrypted_bytes, AES.block_size) plaintext = plaintext_bytes.decode('utf-8') return plaintext # Set the 256-bit key and plaintext message key = 'ThisIsASecretKeyForAES-256-CBCEncryption' message = 'This is a secret message that needs to be encrypted.' # Encrypt the message encrypted_message = encrypt_AES_CBC_256(key, message) # Decrypt the message decrypted_message = decrypt_AES_CBC_256(key, encrypted_message) # Print the original and decrypted messages print('Original Message:', message) print('Encrypted Message:', encrypted_message) print('Decrypted Message:', decrypted_message)
AES module provides the implementation of the AES encryption algorithm. The
Padding module provides functions for adding and removing padding from messages. The
get_random_bytes function generates cryptographically secure random bytes, which we will use to generate the IV (initialization vector) for CBC mode and the
base64 module provides functions for encoding and decoding messages in base64 format.
encrypt_AES_CBC_256 function takes two arguments: key and message. The key argument is the 256-bit key that will be used for encryption and the message is the plain text that we want to encrypt.
We first encode the key and message as bytes and generate the random IV (initialization vector) using the
get_random_bytes function. The AES cipher is created in CBC mode using the
AES.new method, with the IV as the initialization parameter. After encrypting the padded message, the resulting cipher text is combined with the IV and encoded using base64.
In the decryption function, we first decode the
ciphertext as bytes and then decode the IV from the ciphertext. Using the AES.new method, we create the AES cipher in the CBC mode using key_bytes and the IV and then pass the encrypted data to the
cipher.decrypt function to decrypt it.