Can i do AES encryption with Cryptography module and what is Fernet and is it safe like AES encryption?
Implementation. Fernet is built on top of a number of standard cryptographic primitives. Specifically it uses: AES in CBC mode with a 128-bit key for encryption; using PKCS7 padding.
However, fernet only uses 128-bit AES keys. 128-bit AES is considered more than secure enough for the vast majority of applications.
Fernet guarantees that a message encrypted using it cannot be manipulated or read without the key. Fernet is an implementation of symmetric (also known as “secret key”) authenticated cryptography.
ciphertext = aes. encrypt(plaintext. encode('utf-8')) and the ciphertext would need the decode('utf-8') to complete the str, bytes roundtrip.
Fernet made more sense before GCM came around, as correctly implementing CBC + HMAC by yourself is difficult, and the CBC mode requires padding to 16 byte blocks.
It is still safe but I would not recommend it for new systems because AES256-GCM combines encryption and authentication into the same standard protocol, which can be en/decrypted by browsers (Javascript subtle crypto API) and all other crypto libraries and tools, not just the Python cryptography module. The GCM mode is also a lot faster, reaching several gigabytes per second with AES-NI.
It is unfortunate that it is hidden deep inside the hazmat
module:
import secrets
from cryptography.hazmat.primitives.ciphers.aead import AESGCM
# Generate a random secret key (AES256 needs 32 bytes)
key = secrets.token_bytes(32)
# Encrypt a message
nonce = secrets.token_bytes(12) # GCM mode needs 12 fresh bytes every time
ciphertext = nonce + AESGCM(key).encrypt(nonce, b"Message", b"")
# Decrypt (raises InvalidTag if using wrong key or corrupted ciphertext)
msg = AESGCM(key).decrypt(ciphertext[:12], ciphertext[12:], b"")
Even with the same key and the same message, the ciphertext will always be completely different (because of a different nonce). Do note that ciphertext is always exactly 28 bytes longer than the message, so if the message length needs to be hidden, you could pad all messages to same length before encryption.
As Scott Arciszewski answered in a comment, Fernet is basically AES128 in CBC mode with a SHA256 HMAC message authentication code.
A full specification of the Fernet construction can be found here.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With