In this article, we will see how to use PyCrypto to encrypt and decrypt data using AES-256.
We will use the AES CBC mode which is a popular encryption algorithm used for secure communication and data protection to encrypt & decrypt the data.
Install the PyCrypto library using the following command
pip install pycryptoFollowing is the example program for encrypting and decrypting the data using PyCrypto.
# Import the required modules
from Crypto.Cipher import AES
from Crypto.Util.Padding import pad, unpad
from Crypto.Random import get_random_bytes
from base64 import b64encode, b64decode
# Define the encryption function
def encrypt_AES_CBC_256(key, message):
key_bytes = key.encode('utf-8')
message_bytes = message.encode('utf-8')
iv = get_random_bytes(AES.block_size)
cipher = AES.new(key_bytes, AES.MODE_CBC, iv)
padded_message = pad(message_bytes, AES.block_size)
ciphertext_bytes = cipher.encrypt(padded_message)
ciphertext = b64encode(iv + ciphertext_bytes).decode('utf-8')
return ciphertext
# Define the decryption function
def decrypt_AES_CBC_256(key, ciphertext):
key_bytes = key.encode('utf-8')
ciphertext_bytes = b64decode(ciphertext)
iv = ciphertext_bytes[:AES.block_size]
cipher = AES.new(key_bytes, AES.MODE_CBC, iv)
ciphertext_bytes = ciphertext_bytes[AES.block_size:]
decrypted_bytes = cipher.decrypt(ciphertext_bytes)
plaintext_bytes = unpad(decrypted_bytes, AES.block_size)
plaintext = plaintext_bytes.decode('utf-8')
return plaintext
# Set the 256-bit key and plaintext message
key = 'ThisIsASecretKeyForAES-256-CBCEncryption'
message = 'This is a secret message that needs to be encrypted.'
# Encrypt the message
encrypted_message = encrypt_AES_CBC_256(key, message)
# Decrypt the message
decrypted_message = decrypt_AES_CBC_256(key, encrypted_message)
# Print the original and decrypted messages
print('Original Message:', message)
print('Encrypted Message:', encrypted_message)
print('Decrypted Message:', decrypted_message)Explanation:
The AES module provides the implementation of the AES encryption algorithm. The Padding module provides functions for adding and removing padding from messages. The get_random_bytes function generates cryptographically secure random bytes, which we will use to generate the IV (initialization vector) for CBC mode and the base64 module provides functions for encoding and decoding messages in base64 format.
Encryption:
The encrypt_AES_CBC_256 function takes two arguments: key and message. The key argument is the 256-bit key that will be used for encryption and the message is the plain text that we want to encrypt.
We first encode the key and message as bytes and generate the random IV (initialization vector) using the get_random_bytes function. The AES cipher is created in CBC mode using the AES.new method, with the IV as the initialization parameter. After encrypting the padded message, the resulting cipher text is combined with the IV and encoded using base64.
Decryption:
In the decryption function, we first decode the key and ciphertext as bytes and then decode the IV from the ciphertext. Using the AES.new method, we create the AES cipher in the CBC mode using key_bytes and the IV and then pass the encrypted data to the cipher.decrypt function to decrypt it.