Introduction
In the realm of cybersecurity and data protection, encryption plays a vital role in securing sensitive information. One such encryption algorithm is Advanced Encryption Standard (AES), widely used for its efficiency and security. In this blog post, we'll delve into AES encryption in Python, exploring its fundamentals and providing practical examples to help you implement robust encryption in your projects.
What is AES Encryption?
AES, or Advanced Encryption Standard, is a symmetric encryption algorithm adopted as a standard by the U.S. government. It operates on fixed-size blocks of data (128 bits) and supports key sizes of 128, 192, or 256 bits. AES has become the de facto standard for encrypting data, ensuring confidentiality and data integrity.
Basics of AES Encryption in Python
To get started with AES encryption in Python, you need the pycryptodomex library. Install it using:
pip install pycryptodomex
Import Everything we need
Now lets create AESCipher class
Lets take a quick walk through the constructor, it receives a key which can be of any length. Then we proceed to generate a 256 bit hash from that key. A hash is basically a unique identifier of a given length, 32 characters in this case, of any input no matter its length. This enables that you can pass the constructor your name or a phrase, and it will generate an unique 256 bit key for your cipher. We also set block_size to 128, which is the block size of AES.
Now add pad and unpad function in AESCipher class
Pad
The pad method receives the plain_text to be encrypted and adds a number bytes for the text to be a multiple of 128 bits. This number is stored in number_of_bytes_to_pad. Then in ascii_string we generate our padding character, and padding_str will contain that character times number_of_bytes_to_pad. So we only have to add padding_str at the end of our plain_text so that it is now a multiple of 128 bits.
Unpad
In an opposite manner, unpad method will receive the decrypted text, also known as plain_text and will remove all the extra added characters in the pad method. For that we first must identify the last character and store in bytes_to_remove how many bytes we need to trim of the end of plain_text in order to unpad it.
Encrypt
The encrypt method receives the plain_text to be encrypted. First we pad that plain_text in order to be able to encrypt it. After we generate a new random iv with the size of an AES block, 128bits. We now create our AES cipher with AES.new with our key, in mode CBC and with our just generated iv. We now invoke the encrypt function of our cipher, passing it our plain_text converted to bits. The encrypted output is then placed after our iv and converted back from bits to readable characters.
Decrypt
In order to decrypt, we must backtrack all the steps done in the encrypt method. First we convert our encrypted_text to bits and extract the iv, which will be the first 128 bits of our encrypted_text. Much like before, we now create a new AES cipher with our key, in mode CBC and with the extracted iv. We now invoke the decrypt method of our cipher and convert it to text from bits. We remove the padding with unpad and that’s it!
The AESCipher class should end up looking as the following:
As we conclude this journey into the construction of the AESCipher class, remember that each encrypted fortress begins with a key – a key crafted uniquely for you. In the next segments of our exploration, we'll delve deeper into the encrypt and decrypt functionalities, unlocking the secrets of securing data with Python's AES encryption. Stay tuned for more revelations on the artistry of cryptography!
