AES in Python | Encrypt & Decrypt | PyCryptodome

Introduction

Today, we will implement AES in Python for encryption and decryption in Python. Python has a Crypto Cipher package for securing the data i.e. PyCryptoDome, an almost drop-in replacement for the old PyCrypto library. It contains both symmetric and asymmetric key ciphers as well as some hybrid encryption algorithms. Use the command below to install pycryptodome-

pip install pycryptodome

We start by selecting our encryption algorithm. The new() function is called to create an instance of the cipher. It takes the key as a parameter along with additional parameters like nonce and mode of operation. The encrypt() function is used to perform the encryption and decrypt() for performing decryption.

AES in Python – Encryption

# importing AES
from Crypto.Cipher import AES

# encryption key
key = b'C&F)H@McQfTjWnZr'

# create new instance of cipher
cipher = AES.new(key, AES.MODE_EAX)

# data to be encrypted
data = "Welcome to violet-cat-415996.hostingersite.com!".encode()

# nonce is a random value generated each time we instantiate the cipher using new()
nonce = cipher.nonce

# encrypt the data
ciphertext = cipher.encrypt(data)

# print the encrypted data
print("Cipher text:", ciphertext)

Output:

AES in Python – Decryption

# generate new instance with the key and nonce same as encryption cipher
cipher = AES.new(key, AES.MODE_EAX, nonce=nonce)

# decrypt the data
plaintext = cipher.decrypt(ciphertext)
print("Plain text:", plaintext)

Output:

We implemented the AES algorithm in python in just a few lines of code. AES is much faster and safer than its predecessor DES algorithm and it is also implemented in hardware for faster processing.

Now, let’s understand, What are Encryption, Decryption, and AES in computer science?

What is Encryption?

Encryption is a technique of converting plain text data into cipher text. It is used for secure communications. Only the person with the decryption key is able to decrypt the cipher and view the actual contents of the data.

Types of Encryption

There are 2 types of encryption depending upon the nature of the key:

• Symmetric Key Encryption: In this type of encryption, the same key used for encrypting the data can be used for decrypting the data. This is a faster mode of encryption.
• Asymmetric Key Encryption: In this type of encryption, there are different keys for performing encryption and decryption. It is slower than symmetric key encryption. It can be used for authentication purposes as it is used in digital signatures.

There are 2 types of encryption based on the way the text is encrypted:

• Stream Cipher: In this mode, the text is encrypted one bit at a time. It is faster than block cipher and is more complex.
• Block Cipher: This mode encrypts the data one block at a time. The data is divided into many blocks and then the blocks are encrypted. Parallel encryption is possible.

Advanced Encryption Standard (AES)

AES is a symmetric key block cipher established by the US government in 2001. It supercedes the DES algorithm and is about 6 times faster than DES. DES had a small key size, this made it prone to brute-force attacks as the advancement in technology has made processor speeds very high. It takes in 128-bit plain text and a key of 128, 192, or 256 bits and outputs cipher text of 128 bits. It utilizes a substitution permutation network (SP). SP involves a series of linked operations including replacing certain bits (substitution) and interchanging bits’ positions or shuffling them (permutation).

AES is widely adopted around the world as the security standard. No cryptanalytic attacks against AES have been found. It is one of the safest and fastest encryption algorithms.

AES uses a key schedule process to generate n +1 128-bit keys from the given key, where n is the number of rounds.

Encryption Process

AES consists of 10, 12, or 14 rounds of encryption depending on key sizes as 128, 192, and 256 bits respectively. AES works using bytes instead of bits so a standard AES encryption takes 16 bytes or 128 bits of data as input. Each round of AES consists of four steps.

• SubBytes or Bytes Substitution: In this step, the input bytes are substituted with each other using a look-up table (S-Box ). During substitution, it is taken care that the byte is not substituted by itself or by the compliment of that byte. It results in a 4 X 4 matrix.
• Shift Rows: The rows of the matrix are substituted following a predefined order. The first row is not shifted and the remaining three rows are shifted left in incremental order i.e. the second row is left shifted by one byte, the third row is shifted by two bytes and the fourth row is shifted by three bytes. The output is a 4 X 4 matrix with shifted rows.
• MixColumns: This step consists of transforming the columns of the matrix. This is done by multiplying each column with a different function. Thus all column values are transformed. This step is not done in the last round.
• AddRoundKey: XOR operation is performed between the output of the previous step and the round key. In this step, the data is not treated as bytes but as bits and each bit of the previous step is XORed with each bit of the round key, resulting in a 128-bit output.

Decryption Process

The decryption process is the same as the encryption process but in reverse order. Here, first, we perform AddRoundKey, then MixColumns, then ShiftRows, and finally SubBytes.

If you have any questions/doubts in mind, please use the comments below.

Thank you for reading this article, click here to start learning Python in 2022.

We hope this article on AES in Python will help you.

Keep Learning, Keep Coding

---

Also Read: