Hello, everyone, my name is Jackpop. Today I will talk to you about the topic of privacy protection.
After using the computer for a long time, some private information will be accumulated over time, including but not limited to documents, audio, video and other forms.
Store it on a cloud disk... As we all know, the security of public cloud disks is poor, and maybe it will run away one day.
Store it on the computer....and worry about leaking privacy.
Today, I will teach you how to develop a proprietary content encryption tool!
generate key
First, as we know before, asymmetric encryption has two keys, and they are different from each other.
One is the public key, which is used to encrypt the information, and the other is the private key, which is used to decrypt the information.
'''
pip install pycryptodome
'''
from Crypto.PublicKey import RSA
key = RSA.generate(2048)
privateKey = key.export_key()
publicKey = key.publickey().export_key()
with open('private.pem', 'wb') as f:
f.write(privateKey)
with open('public.pem', 'wb') as f:
f.write(publicKey)
print('Private key saved to private.pem')
print('Public key saved to public.pem')
print('Done')
The above code is relatively simple, first import Cryptothe module in the toolkit RSAto generate the secret key. Then you will get two files: private.pem and public.pem.
Saving the public key will be used to encrypt the data later, and saving the private key will be used to decrypt the data.
encryption function
First, give the code for the encryption function:
def encrypt(dataFile, publicKeyFile):
'''
use EAX mode to allow detection of unauthorized modifications
'''
# read data from file
with open(dataFile, 'rb') as f:
data = f.read()
# convert data to bytes
data = bytes(data)
# read public key from file
with open(publicKeyFile, 'rb') as f:
publicKey = f.read()
# create public key object
key = RSA.import_key(publicKey)
sessionKey = os.urandom(16)
# encrypt the session key with the public key
cipher = PKCS1_OAEP.new(key)
encryptedSessionKey = cipher.encrypt(sessionKey)
# encrypt the data with the session key
cipher = AES.new(sessionKey, AES.MODE_EAX)
ciphertext, tag = cipher.encrypt_and_digest(data)
[]
# save the encrypted data to file
[ fileName, fileExtension ] = dataFile.split('.')
encryptedFile = fileName + '_encrypted.' + fileExtension
with open(encryptedFile, 'wb') as f:
[ f.write(x) for x in (encryptedSessionKey, cipher.nonce, tag, ciphertext) ]
print('Encrypted file saved to ' + encryptedFile)
Next, briefly explain this function.
This function has two input parameters, the path information of the file and the file path of the public key .
When this function runs, the program will open the message file and convert the data to bytes. Also open the public key, create a session key with a random value, and append it to the encrypted message file. This means that when someone tries to modify the file, then the file cannot be decrypted.
After we have the session key, then encrypt the session key with the public key.
Finally, the program will encrypt the data with the session key and save the encrypted session key, nonce, label and ciphertext.
decryption function
Similarly, first give the code of the decryption function:
def decrypt(dataFile, privateKeyFile):
'''
use EAX mode to allow detection of unauthorized modifications
'''
# read private key from file
with open(privateKeyFile, 'rb') as f:
privateKey = f.read()
# create private key object
key = RSA.import_key(privateKey)
# read data from file
with open(dataFile, 'rb') as f:
# read the session key
encryptedSessionKey, nonce, tag, ciphertext = [ f.read(x) for x in (key.size_in_bytes(), 16, 16, -1) ]
# decrypt the session key
cipher = PKCS1_OAEP.new(key)
sessionKey = cipher.decrypt(encryptedSessionKey)
# decrypt the data with the session key
cipher = AES.new(sessionKey, AES.MODE_EAX, nonce)
data = cipher.decrypt_and_verify(ciphertext, tag)
# save the decrypted data to file
[ fileName, fileExtension ] = dataFile.split('.')
decryptedFile = fileName + '_decrypted.' + fileExtension
with open(decryptedFile, 'wb') as f:
f.write(data)
print('Decrypted file saved to ' + decryptedFile)
The concept of decryption function and encryption function is the same, but the operation process of decryption function is opposite to that of encryption.
The file encryption and decryption process described in this article is relatively basic in asymmetric encryption. I hope this article will help you understand how some ransomware encrypts your data and how SSL encrypts communication. If you are interested, you can study it yourself, develop a more advanced encryption tool, and encrypt your little sister!
Hello, everyone, my name is Jackpop. I graduated from Harbin Institute of Technology with a master's degree. I have worked in big factories such as Huawei and Ali. If you have doubts about further education, employment, and technical improvement, you may wish to make friends: