Software Security: Basic Cryptography

Basic cryptography is a fundamental component of software security, used to protect information and ensure its confidentiality, integrity, and authenticity. Through cryptographic algorithms, such as symmetric and asymmetric encryption, data can be transformed into a format unreadable by any unauthorized person, thus protecting information during transmission or storage. Cryptography is also used to verify user identity through techniques such as digital signatures and certificates. In an increasingly interconnected world, understanding the basic principles of cryptography is crucial to ensuring that applications are secure and protect user privacy.

What is Cryptography?

Cryptography is the discipline that studies techniques for protecting information by using mathematical algorithms that convert data into an unreadable format without the appropriate key.

Main Cryptography Techniques

Symmetric Encryption: Uses the same key to encrypt and decrypt data. Example: AES.
Asymmetric Encryption: Uses a pair of keys (public and private) to encrypt and decrypt. Example: RSA.
Hashing: Converts data into a unique, unrepeatable value. Example: SHA-256.
Digital Signatures: Allows you to verify the authenticity of a message or document.

Example of Symmetric Encryption with AES in Python

This code shows how to encrypt and decrypt a message using the `pycryptodome` library:

from Crypto.Cipher import AES
import base64

# Key and text to encrypt (the key must be 16, 24, or 32 bytes)
key = b'this_is_a_secure_key!'
text = b'Secret message'

# Encryption with AES in ECB mode
cipher = AES.new(key[:16], AES.MODE_ECB)
encrypted_text = cipher.encrypt(text.ljust(16))  # Padding
encrypted_text_b64 = base64.b64encode(encrypted_text).decode()

print(f"Encrypted text: {encrypted_text_b64}")

In this example, the AES algorithm in ECB mode is used to securely encrypt a message.

Asymmetric Encryption Example with RSA in Python

This code shows how to encrypt and decrypt a message using the `pycryptodome` library with the RSA algorithm:

from Crypto.PublicKey import RSA
from Crypto.Cipher import PKCS1_OAEP
from Crypto.Random import get_random_bytes
import base64

# RSA key generation
private_key = RSA.generate(2048)
public_key = private_key.publickey()

# Export the keys
private_key_pem = private_key.export_key()
public_key_pem = public_key.export_key()

# Encrypt the message with the public key
message = b'Secret message for asymmetric encryption'
cipher = PKCS1_OAEP.new(public_key)
encrypted_message = cipher.encrypt(message)

# Base64 encoding of the encrypted message
encrypted_message_b64 = base64.b64encode(encrypted_message).decode()

# Decrypt the message with the private key
private_cipher = PKCS1_OAEP.new(private_key)
decrypted_message = private_cipher.decrypt(base64.b64decode(encrypted_message_b64))

print(f"Encrypted text: {encrypted_message_b64}")
print(f"Decrypted text: {decrypted_message.decode()}")

In this example, the RSA algorithm is used to securely encrypt and decrypt a message using public and private keys.

SHA-256 Hashing Example

This code shows how to generate a secure hash using the SHA-256 algorithm:

import hashlib

message = "Secure message"
hash_sha256 = hashlib.sha256(message.encode()).hexdigest()

print(f"SHA-256 Hash: {hash_sha256}")

Hashing allows you to store passwords and verify data integrity without having to decrypt them.

Conclusion

Cryptography is a fundamental pillar of software security, protecting data from unauthorized access and ensuring information privacy.