Usually we often need to transmit data, and the transmission of some sensitive information needs to be encrypted to prevent data leakage.
For example, the transmission of name, mobile phone number, ID number (referred to as the three elements), etc.
Now we want to test the three-party data. We need to provide the three elements to the other party, and the other party will feedback the corresponding labels to us.
At this time, the three elements need to be encrypted, and different third-party organizations have different requirements for encryption methods, and data must be provided according to the organization's requirements.
This article sorts out the common encryption methods for third-party data testing. No matter which one the organization needs, it can be quickly implemented.
Contents of this article
Common encryption methods in Python
Installation package
Implementation of different encryption methods
3.1 Generate three-factor data
3.2 MD5 encryption of three elements
3.3 SHA256 encryption of three elements
3.4 AES encryption of three elements
1. Common encryption methods in Python
Common encryption methods in Python include the following:
-
Hash encryption: such as MD5, SHA1, SHA256, etc. This encryption method converts raw data (usually a string) into a fixed-length hash value. This is a one-way process, i.e. once the data has been hashed, it cannot be "decrypted" back to the original data.
-
Symmetric encryption : such as AES, DES, etc. This encryption method uses the same key for encryption and decryption.
-
Asymmetric encryption : such as RSA, DSA, etc. This encryption method uses a pair of keys, one for encryption and one for decryption. Typically, one is a public key, which can be shared publicly, and the other is a private key, which needs to be kept secret.
-
Base64 encoding : Strictly speaking, Base64 is not an encryption algorithm, it is more of an encoding method. However, because it can convert information into a string of seemingly random characters, it is sometimes used for simple "encryption."
This article introduces MD5, SHA256, and AES encryption commonly used in third-party data testing.
2. Installation package
AES encryption requires the pycryptodome package to be installed. Open cmd and the installation statement is as follows:
pip install pycryptodome -i https://pypi.tuna.tsinghua.edu.cn/simple
If the installation is successful, the following will be displayed:
3. Implementation of different encryption methods
1Generate three-factor data
首先生成三要素数据(纯虚构)进行测试,具体代码如下:
import pandas as pd date = pd.DataFrame([['Yang Mi', '43052219980512', '13166456975'], ['Yang Zi', '43052219940413', '13166456976'], ['Liu Shiwen', '43052220010318', ' 13166456977']], columns=['name', 'ID number', 'mobile phone number'])``date
got the answer:
2 MD5 encryption of three elements
接着对三要素进行MD5加密,代码如下:
import hashlib as hb method = 'md5’column_list = ['姓名', '身份证号', '手机号']df = date.copy()for i in column_list:` `if method == 'md5':` `df[i + '_MD5'] = df[i].map(lambda x: hb.md5(str(x).encode('utf-8')).hexdigest())` `if method == 'sha256':` `df[i + '_SHA256'] = df[i].map(lambda x:hb.sha256(str(x).encode('utf-8')).hexdigest())df
其中,method中填入想加密的方式,选md5。
column\_list中填入数据框中想用method方法加密的列。
得到结果:
从结果知数据框中新增了对应加密的列。
**********************3** **对三要素进行SHA256加密**********************
Then perform SHA256 encryption on the three elements. The code is as follows:
import hashlib as hb`` ``method = 'sha256'``column_list = ['姓名', '身份证号', '手机号']``df = date.copy()``for i in column_list:` `if method == 'md5':` `df[i + '_MD5'] = df[i].map(lambda x: hb.md5(str(x).encode('utf-8')).hexdigest())` `if method == 'sha256':` `df[i + '_SHA256'] = df[i].map(lambda x:hb.sha256(str(x).encode('utf-8')).hexdigest())``df
Fill in the method you want to encrypt and select sha256.
Fill column_list with the columns in the data frame that you want to encrypt using the method method.
got the answer:
From the results, we know that a new column corresponding to encryption has been added to the data frame, and the data length is longer than MD5 encryption.
According to data statistics, it is found that the length of MD5 encryption is 32, and the length of SHA256 encryption is 64.
**********************4** **对三要素进行AES加密**********************
The most commonly used modes for AES encryption are ECB mode and CBC mode. The difference between the two is that ECB does not require an iv offset, while CBC does.
1.ECB mode encryption, the code is as follows:
from Crypto.Cipher import AES`` ``password = b'1234567812345678'` `text = b'abcdefghijklmnop'``aes = AES.new(password, AES.MODE_ECB)` `en_text = aes.encrypt(text)` `print("密文:",en_text)` `den_text = aes.decrypt(en_text)` `print("明文:",den_text)
password: key, b means converting the password to bytes type.
text: Content to be encrypted.
aes: Create an aes object and specify the encryption mode as ECB.
aes.encrypt: Encrypt text.
aes.decrypt: Decrypt encrypted content.
got the answer:
密文:b"^\x14\xf4nfb)\x10\xbf\xe9\xa9\xec'r\x85&"``明文:b'abcdefghijklmnop'
这里有两个需要注意的点,大家可以自行测试。
**注1:**密钥必须为16字节或16字节倍数的字节型数据。
**注2:**明文必须为16字节或者16字节倍数的字节型数据,如果不够16字节需要进行补全。
2.CBC mode encryption, the code is as follows:
from Crypto.Cipher import AES password = b’1234567812345678’ iv = b’1234567812345678’ text = b’abcdefghijklmnop’ aes = AES.new(password, AES.MODE_CBC, iv) en_text = aes.encrypt(text) print(“密文:”,en_text) aes = AES.new(password,AES.MODE_CBC, iv) den_text = aes.decrypt(en_text)``print(“明文:”,den_text)
password:密钥,b表示转换密码为bytes类型。
iv:偏移量。
text:需加密的内容。
aes.encrypt:对text进行加密。
aes.decrypt:对加密内容进行解密。
得到结果:
Encrypted text: b't\xe6\xbfy\xef\xd7\x83\x11G\x95\x9d_\xcd\xab\xc7\xf8'`` Plain text: b'abcdefghijklmnop'
**3.对三要素进行aes加密**
首先定义加密函数,代码如下:
from Crypto.Cipher import AES``import base64``import binascii`` ``# 数据类``class MData():` `def __init__(self, data = b"",characterSet='utf-8'):` `# data肯定为bytes` `self.data = data` `self.characterSet = characterSet` ` def saveData(self,FileName):` `with open(FileName,'wb') as f:` `f.write(self.data)`` ` `def fromString(self,data):` `self.data = data.encode(self.characterSet)` `return self.data`` ` `def fromBase64(self,data):` `self.data = base64.b64decode(data.encode(self.characterSet))` `return self.data`` ` `def fromHexStr(self,data):` `self.data = binascii.a2b_hex(data)` `return self.data`` ` `def toString(self):` `return self.data.decode(self.characterSet)`` ` `def toBase64(self):` `return base64.b64encode(self.data).decode()`` ` `def toHexStr(self):` `return binascii.b2a_hex(self.data).decode()`` ` `def toBytes(self):` `return self.data`` ` `def __str__(self):` `try:` `return self.toString()` `except Exception:` `return self.toBase64()`` `` ``### 封装类``class AEScryptor():` `def __init__(self,key,mode,iv = '',paddingMode= "NoPadding",characterSet ="utf-8"):` `'''` `构建一个AES对象` `key: 秘钥,字节型数据` `mode: 使用模式,只提供两种,AES.MODE_CBC, AES.MODE_ECB` `iv:iv偏移量,字节型数据` `paddingMode: 填充模式,默认为NoPadding, 可选NoPadding,ZeroPadding,PKCS5Padding,PKCS7Padding` `characterSet: 字符集编码` `'''` `self.key = key` `self.mode = mode` `self.iv = iv` `self.characterSet = characterSet` `self.paddingMode = paddingMode` `self.data = ""`` ` `def __ZeroPadding(self,data):` `data += b'\x00'` `while len(data) % 16 != 0:` `data += b'\x00'` `return data`` ` `def __StripZeroPadding(self,data):` `data = data[:-1]` `while len(data) % 16 != 0:` `data = data.rstrip(b'\x00')` `if data[-1] != b"\x00":` `break` `return data`` ` `def __PKCS5_7Padding(self,data):` `needSize = 16-len(data) % 16` `if needSize == 0:` `needSize = 16` `return data + needSize.to_bytes(1,'little')*needSize`` ` `def __StripPKCS5_7Padding(self,data):` `paddingSize = data[-1]` `return data.rstrip(paddingSize.to_bytes(1,'little'))`` ` `def __paddingData(self,data):` `if self.paddingMode == "NoPadding":` `if len(data) % 16 == 0:` `return data` `else:` `return self.__ZeroPadding(data)` `elif self.paddingMode == "ZeroPadding":` `return self.__ZeroPadding(data)` `elif self.paddingMode == "PKCS5Padding" or self.paddingMode == "PKCS7Padding":` `return self.__PKCS5_7Padding(data)` `else:` `print("不支持Padding")`` ` `def __stripPaddingData(self,data):` `if self.paddingMode == "NoPadding":` `return self.__StripZeroPadding(data)` `elif self.paddingMode == "ZeroPadding":` `return self.__StripZeroPadding(data)`` ` `elif self.paddingMode == "PKCS5Padding" or self.paddingMode == "PKCS7Padding":` `return self.__StripPKCS5_7Padding(data)` `else:` `print("不支持Padding")`` ` `def setCharacterSet(self,characterSet):` `'''` `设置字符集编码` `characterSet: 字符集编码` `'''` `self.characterSet = characterSet`` ` `def setPaddingMode(self,mode):` `'''` `设置填充模式` `mode: 可选NoPadding,ZeroPadding,PKCS5Padding,PKCS7Padding` `'''` `self.paddingMode = mode`` ` `def decryptFromBase64(self,entext):` `'''` `从base64编码字符串编码进行AES解密` `entext: 数据类型str` `'''` `mData = MData(characterSet=self.characterSet)` `self.data = mData.fromBase64(entext)` `return self.__decrypt()`` ` `def decryptFromHexStr(self,entext):` `'''` `从hexstr编码字符串编码进行AES解密` `entext: 数据类型str` `'''` `mData = MData(characterSet=self.characterSet)` `self.data = mData.fromHexStr(entext)` `return self.__decrypt()`` ` `def decryptFromString(self,entext):` `'''` `从字符串进行AES解密` `entext: 数据类型str` `'''` `mData = MData(characterSet=self.characterSet)` `self.data = mData.fromString(entext)` `return self.__decrypt()`` ` `def decryptFromBytes(self,entext):` `'''` `从二进制进行AES解密` `entext: 数据类型bytes` `'''` `self.data = entext` `return self.__decrypt()`` ` `def encryptFromString(self,data):` `'''` `对字符串进行AES加密` `data: 待加密字符串,数据类型为str` `'''` `self.data = data.encode(self.characterSet)` `return self.__encrypt()`` ` `def __encrypt(self):` `if self.mode == AES.MODE_CBC:` `aes = AES.new(self.key,self.mode,self.iv)`` elif self.mode == AES.MODE_ECB:` `aes = AES.new(self.key,self.mode)`` else:` `print("不支持这种模式")``return` ` ` `data = self.__paddingData(self.data)` `enData = aes.encrypt(data)` `return MData(enData)`` ` `def __decrypt(self):` `if self.mode == AES.MODE_CBC:` `aes = AES.new(self.key,self.mode,self.iv)`` elif self.mode == AES.MODE_ECB:` `aes = AES.new(self.key,self.mode)`` else:` `print("不支持这种模式")`` return `` data = aes.decrypt(self.data)` `mData = MData(self.__stripPaddingData(data),characterSet=self.characterSet)` `return mData
Then call the function to encrypt the three elements. The code is as follows:
password = b"1234567812345678"``iv = b'1111111122222222'` `aes = AEScryptor(password, AES.MODE_CBC, iv, paddingMode= "ZeroPadding", characterSet='utf-8')``df = date.copy()``def str_ase(wd):` `wd = wd` `rData = aes.encryptFromString(wd)` `return rData.toBase64()``df['姓名_ase'] = df['姓名'].apply(str_ase)``df['身份证号_ase'] = df['身份证号'].apply(str_ase)``df['手机号_ase'] = df['手机号'].apply(str_ase)``df
password:密钥,可自行更改。
iv:偏移量。
str\_aes:对字符进行ase加密的函数。
得到结果:
可以发现和MD5、SHA256一样,都在后面增加了aes加密的列。
最后测试对aes加密的姓名进行解密,看是否和明文一致,代码如下:
rData = aes.decryptFromBase64(df['Name_ase'][0])``print("Clear text:",rData)
得到结果:
Plain text: Yang Mi
可以发现结果是一致的。