Master Python Cryptography: Hashing, DES, RSA & Secure Coding with PyCryptodome
This article introduces Python's cryptographic capabilities, covering built‑in hashing with hashlib, key derivation with pbkdf2_hmac, and practical examples using third‑party libraries PyCryptodome and cryptography to perform MD5/SHA hashing, DES and RSA encryption/decryption, and secure file handling.
Introduction
Python's standard library provides limited cryptographic functions, but it includes hashlib for hashing. This article gives a brief overview and focuses on two third‑party packages: PyCryptodome and cryptography , showing how to encrypt and decrypt strings.
Hashing
1. Hashing Overview The hashlib module supports FIPS‑approved hash algorithms such as SHA‑1, SHA‑224, SHA‑256, SHA‑384, SHA‑512, and MD5, as well as adler32 and crc32 from zlib. Hashes are commonly used to store password digests or verify file integrity.
2. Practical Example
Create an MD5 hash object, add a byte string, and call digest() to obtain the hash value.
Obtain the hexadecimal representation of the hash.
Create a SHA‑1 hash in a similar way.
Key Derivation
Python's standard library offers pbkdf2_hmac for password‑based key derivation (PKCS#5). It supports salting and iteration (e.g., 100 000 iterations with a 16‑byte salt) to resist dictionary and rainbow‑table attacks.
PyCryptodome
PyCryptodome replaces the older PyCrypto library. Install it via pip install pycryptodome (Linux) or the appropriate Windows installer. It provides implementations for DES, RSA, and other algorithms.
DES Algorithm
1. DES Encryption Example
Set an 8‑character key (DES uses an 8‑byte key).
Define a padding function to make the plaintext length a multiple of 8.
Create a DES instance, encrypt padded plaintext, and obtain the ciphertext.
2. DES Decryption Example Decrypt the ciphertext with DES.decrypt() to retrieve the original byte string.
RSA Algorithm
Generate a 2048‑bit RSA key pair using Crypto.PublicKey.RSA, export the private key with a password, and write both private and public keys to disk.
File Encryption Use the public key to encrypt a randomly generated session key (AES‑256) with PKCS#1 OAEP, then encrypt the file data with AES, and store the ciphertext, session key, IV, and MAC.
Decryption Read the encrypted file, load the private key (providing the password), recover the session key, recreate the AES cipher, and decrypt the data.
cryptography Package
Install via pip install cryptography. The package offers high‑level primitives such as Fernet for symmetric encryption, which handles key generation, encryption, decryption, and automatic authentication.
Example Generate a Fernet key, encrypt a message, and then decrypt it back to plaintext.
Conclusion
This guide provides a concise introduction to using PyCryptodome and cryptography for hashing, symmetric and asymmetric encryption, and secure file handling in Python. For deeper exploration, consult the official documentation and practice with real‑world scenarios.
Signed-in readers can open the original source through BestHub's protected redirect.
This article has been distilled and summarized from source material, then republished for learning and reference. If you believe it infringes your rights, please contactand we will review it promptly.
MaGe Linux Operations
Founded in 2009, MaGe Education is a top Chinese high‑end IT training brand. Its graduates earn 12K+ RMB salaries, and the school has trained tens of thousands of students. It offers high‑pay courses in Linux cloud operations, Python full‑stack, automation, data analysis, AI, and Go high‑concurrency architecture. Thanks to quality courses and a solid reputation, it has talent partnerships with numerous internet firms.
How this landed with the community
Was this worth your time?
0 Comments
Thoughtful readers leave field notes, pushback, and hard-won operational detail here.