Name | feistel-py JSON |
Version |
0.3.0
JSON |
| download |
home_page | None |
Summary | Feistel cipher implementation in Python for format-preserving encryption |
upload_time | 2024-10-10 16:38:55 |
maintainer | None |
docs_url | None |
author | None |
requires_python | >=3.10.2 |
license | MIT License Copyright (c) 2024 Cyril Dever Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions: The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software. THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. |
keywords |
feistel
cipher
format-preserving
encryption
fpe
|
VCS |
|
bugtrack_url |
|
requirements |
No requirements were recorded.
|
Travis-CI |
No Travis.
|
coveralls test coverage |
No coveralls.
|
# feistel-py
_Feistel cipher implementation in Python for format-preserving encryption_
![GitHub tag (latest by date)](https://img.shields.io/github/v/tag/cyrildever/feistel-py)
![GitHub last commit](https://img.shields.io/github/last-commit/cyrildever/feistel-py)
![GitHub issues](https://img.shields.io/github/issues/cyrildever/feistel-py)
![GitHub license](https://img.shields.io/github/license/cyrildever/feistel-py)
![PyPI - Version](https://img.shields.io/pypi/v/feistel-py)
This is a Python library implementing the Feistel cipher for Format-Preserving Encryption (FPE).
### Motivation
The main objective of this library is not to provide a secure encryption scheme but rather a safe obfuscation tool.
### Formal description
This library operates on the concept of the Feistel cipher described in [Wikipedia](https://en.wikipedia.org/wiki/Feistel_cipher) as:
> A Feistel network is subdivided into several rounds or steps. In its balanced version, the network processes the data in two parts of identical size. On each round, the two blocks are exchanged, then one of the blocks is combined with a transformed version of the other block.
> Half of the data is encoded with the key, then the result of this operation is added using an XOR operation to the other half of the data.
> Then in the next round, we reverse: it is the turn of the last half to be encrypted and then to be xored to the first half, except that we use the data previously encrypted.
> The diagram below shows the data flow (the ![${\oplus}$](https://render.githubusercontent.com/render/math?math={\oplus}) represents the XOR operation). Each round uses an intermediate key, usually taken from the main key via a generation called key schedule. The operations performed during encryption with these intermediate keys are specific to each algorithm.
![](assets/400px-Feistel_cipher_diagram_en.svg.png)
The algorithmic description (provided by Wikipedia) of the encryption is as follows:
* Let $n+1$ be the number of steps, $K_{0},K_{1},...,K_{n}$ the keys associated with each step and $F:\Omega\times\mathcal{K}\mapsto\Omega$ a function of the $(words{\times}keys)$ space to the $words$ space.
* For each step $i{\in}[0;n]$, note the encrypted word in step $i,m_{i}=L_{i}||R_{i}$:
* $L_{i+1}=R_{i}$
* $R_{i+1}=L_{i}{\oplus}F(L_{i},K_{i})$
* $m_{0}=L_{0}||R_{0}$ is the unciphered text, $m_{n+1}=L_{n+1}||R_{n+1}$ is the ciphered word.
There is no restriction on the $F$ function other than the XOR operation must be possible. For simplicity, we will choose $L_1$ of the same size as $R_1$ and the function $F$ shall transform a word of length $k$ into a word of length $k$ (and this for all $k$).
### Usage
```
pip install feistel-py
```
To get an obfuscated string from a source data using the SHA-256 hashing function at each round, first instantiate a `Cipher` object, passing it a key and a number of rounds. Then, use the `encrypt()` method with the source data as argument. The result will be a byte array. To ensure maximum security, I recommend you use a 256-bit key or longer and a minimum of 10 rounds.
The decryption process uses the obfuscated buffered data and pass it to the `decrypt()` method of the `Cipher`.
```python
from feistel import Cipher
source = "my-source-data"
# Encrypt
cipher = Cipher("some-32-byte-long-key-to-be-safe", 10)
obfuscated = cipher.encrypt(source)
# Decrypt
deciphered = cipher.decrypt(obfuscated)
assert deciphered == source, "deciphered should be 'my-source-data'"
```
_NB: This is the exact replica of my other implementations (see below)._
You may also use your own set of keys through a `CustomCipher` instance, eg.
```python
from feistel import CustomCipher
keys = [
"1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef",
"9876543210fedcba9876543210fedcba9876543210fedcba9876543210fedcba",
"abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789",
]
cipher = CustomCipher(keys)
```
In that case, the number of rounds depends on the number of provided keys.
Finally, you might want to use the latest cipher, providing true format-preserving encryption for strings:
```python
from feistel import FPECipher, SHA_256
cipher = FPECipher(SHA_256, "some-32-byte-long-key-to-be-safe", 128)
obfuscated = cipher.encrypt(source)
assert len(obfuscated) == len(source)
```
_NB: For stability and security purposes, the number `0` always returns itself._
You might also want to use it with the command line:
```
usage: python3 -m feistel [-h] [-c CIPHER] [-e ENGINE] [-k KEY] [-r ROUNDS] [-o OPERATION] input
positional arguments:
input The string to obfuscate (watch for quotes)
options:
-h, --help show this help message and exit
-c CIPHER, --cipher CIPHER
The type of cipher: feistel [default] | custom | fpe
-e ENGINE, --engine ENGINE
The hashing engine [default sha-256]
-k KEY, --key KEY The key(s) to use
-r ROUNDS, --rounds ROUNDS
The (optional) number of rounds [default 10]
-o OPERATION, --operation OPERATION
The operation to process : cipher | decipher
```
### Dependencies
The following libraries are necessary:
- `pycryptodome`;
- `py-utls`.
### Tests
```console
$ git clone https://github.com/cyrildever/feistel-py.git
$ cd feistel-py/
$ pip install -e .
$ python3 -m unittest discover
```
### Other implementations
For those interested, I also made two other implementations of these ciphers:
* In [Golang](https://github.com/cyrildever/feistel) as an executable;
* In [Typescript](https://github.com/cyrildever/feistel-cipher) for the browser;
* In [Scala](https://github.com/cyrildever/feistel-jar) for the JVM.
I also created a special library for redacting classified documents using the new FPE cipher. Feel free to [contact me](mailto:cdever@edgewhere.fr) about it.
### License
This module is distributed under a MIT license. \
See the [LICENSE](LICENSE) file.
<hr />
© 2024 Cyril Dever. All rights reserved.
Raw data
{
"_id": null,
"home_page": null,
"name": "feistel-py",
"maintainer": null,
"docs_url": null,
"requires_python": ">=3.10.2",
"maintainer_email": null,
"keywords": "feistel, cipher, format-preserving, encryption, fpe",
"author": null,
"author_email": "Cyril Dever <cdever@pep-s.com>",
"download_url": "https://files.pythonhosted.org/packages/76/18/dc1140b2f68038541925b5d8cbea2f1463ea04fcc269e23e3b2ee69aee66/feistel_py-0.3.0.tar.gz",
"platform": null,
"description": "# feistel-py\n_Feistel cipher implementation in Python for format-preserving encryption_\n\n![GitHub tag (latest by date)](https://img.shields.io/github/v/tag/cyrildever/feistel-py)\n![GitHub last commit](https://img.shields.io/github/last-commit/cyrildever/feistel-py)\n![GitHub issues](https://img.shields.io/github/issues/cyrildever/feistel-py)\n![GitHub license](https://img.shields.io/github/license/cyrildever/feistel-py)\n![PyPI - Version](https://img.shields.io/pypi/v/feistel-py)\n\nThis is a Python library implementing the Feistel cipher for Format-Preserving Encryption (FPE).\n\n### Motivation\n\nThe main objective of this library is not to provide a secure encryption scheme but rather a safe obfuscation tool.\n\n\n### Formal description\n\nThis library operates on the concept of the Feistel cipher described in [Wikipedia](https://en.wikipedia.org/wiki/Feistel_cipher) as:\n> A Feistel network is subdivided into several rounds or steps. In its balanced version, the network processes the data in two parts of identical size. On each round, the two blocks are exchanged, then one of the blocks is combined with a transformed version of the other block.\n> Half of the data is encoded with the key, then the result of this operation is added using an XOR operation to the other half of the data.\n> Then in the next round, we reverse: it is the turn of the last half to be encrypted and then to be xored to the first half, except that we use the data previously encrypted.\n> The diagram below shows the data flow (the ![${\\oplus}$](https://render.githubusercontent.com/render/math?math={\\oplus}) represents the XOR operation). Each round uses an intermediate key, usually taken from the main key via a generation called key schedule. The operations performed during encryption with these intermediate keys are specific to each algorithm.\n\n![](assets/400px-Feistel_cipher_diagram_en.svg.png)\n\nThe algorithmic description (provided by Wikipedia) of the encryption is as follows:\n* Let $n+1$ be the number of steps, $K_{0},K_{1},...,K_{n}$ the keys associated with each step and $F:\\Omega\\times\\mathcal{K}\\mapsto\\Omega$ a function of the $(words{\\times}keys)$ space to the $words$ space.\n* For each step $i{\\in}[0;n]$, note the encrypted word in step $i,m_{i}=L_{i}||R_{i}$:\n * $L_{i+1}=R_{i}$\n * $R_{i+1}=L_{i}{\\oplus}F(L_{i},K_{i})$\n* $m_{0}=L_{0}||R_{0}$ is the unciphered text, $m_{n+1}=L_{n+1}||R_{n+1}$ is the ciphered word. \n\nThere is no restriction on the $F$ function other than the XOR operation must be possible. For simplicity, we will choose $L_1$ of the same size as $R_1$ and the function $F$ shall transform a word of length $k$ into a word of length $k$ (and this for all $k$).\n\n\n### Usage\n\n```\npip install feistel-py\n```\n\nTo get an obfuscated string from a source data using the SHA-256 hashing function at each round, first instantiate a `Cipher` object, passing it a key and a number of rounds. Then, use the `encrypt()` method with the source data as argument. The result will be a byte array. To ensure maximum security, I recommend you use a 256-bit key or longer and a minimum of 10 rounds.\n\nThe decryption process uses the obfuscated buffered data and pass it to the `decrypt()` method of the `Cipher`.\n\n```python\nfrom feistel import Cipher\n\n\nsource = \"my-source-data\"\n\n# Encrypt\ncipher = Cipher(\"some-32-byte-long-key-to-be-safe\", 10)\nobfuscated = cipher.encrypt(source)\n\n# Decrypt\ndeciphered = cipher.decrypt(obfuscated)\n\nassert deciphered == source, \"deciphered should be 'my-source-data'\"\n```\n_NB: This is the exact replica of my other implementations (see below)._\n\nYou may also use your own set of keys through a `CustomCipher` instance, eg.\n```python\nfrom feistel import CustomCipher\n\n\nkeys = [\n \"1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef\",\n \"9876543210fedcba9876543210fedcba9876543210fedcba9876543210fedcba\",\n \"abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789\",\n]\ncipher = CustomCipher(keys)\n```\nIn that case, the number of rounds depends on the number of provided keys.\n\nFinally, you might want to use the latest cipher, providing true format-preserving encryption for strings:\n```python\nfrom feistel import FPECipher, SHA_256\n\n\ncipher = FPECipher(SHA_256, \"some-32-byte-long-key-to-be-safe\", 128)\nobfuscated = cipher.encrypt(source)\n\nassert len(obfuscated) == len(source)\n```\n_NB: For stability and security purposes, the number `0` always returns itself._\n\n\nYou might also want to use it with the command line:\n```\nusage: python3 -m feistel [-h] [-c CIPHER] [-e ENGINE] [-k KEY] [-r ROUNDS] [-o OPERATION] input\n\npositional arguments:\n input The string to obfuscate (watch for quotes)\n\noptions:\n -h, --help show this help message and exit\n -c CIPHER, --cipher CIPHER\n The type of cipher: feistel [default] | custom | fpe\n -e ENGINE, --engine ENGINE\n The hashing engine [default sha-256]\n -k KEY, --key KEY The key(s) to use\n -r ROUNDS, --rounds ROUNDS\n The (optional) number of rounds [default 10]\n -o OPERATION, --operation OPERATION\n The operation to process : cipher | decipher\n```\n\n\n### Dependencies\n\nThe following libraries are necessary:\n- `pycryptodome`;\n- `py-utls`.\n\n\n### Tests\n\n```console\n$ git clone https://github.com/cyrildever/feistel-py.git\n$ cd feistel-py/\n$ pip install -e .\n$ python3 -m unittest discover\n```\n\n\n### Other implementations\n\nFor those interested, I also made two other implementations of these ciphers:\n* In [Golang](https://github.com/cyrildever/feistel) as an executable;\n* In [Typescript](https://github.com/cyrildever/feistel-cipher) for the browser;\n* In [Scala](https://github.com/cyrildever/feistel-jar) for the JVM.\n\nI also created a special library for redacting classified documents using the new FPE cipher. Feel free to [contact me](mailto:cdever@edgewhere.fr) about it.\n\n\n### License\n\nThis module is distributed under a MIT license. \\\nSee the [LICENSE](LICENSE) file.\n\n\n<hr />\n© 2024 Cyril Dever. All rights reserved.\n",
"bugtrack_url": null,
"license": "MIT License Copyright (c) 2024 Cyril Dever Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the \"Software\"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions: The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software. THE SOFTWARE IS PROVIDED \"AS IS\", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. ",
"summary": "Feistel cipher implementation in Python for format-preserving encryption",
"version": "0.3.0",
"project_urls": {
"Homepage": "https://github.com/cyrildever/feistel-py"
},
"split_keywords": [
"feistel",
" cipher",
" format-preserving",
" encryption",
" fpe"
],
"urls": [
{
"comment_text": "",
"digests": {
"blake2b_256": "f8b51f9469c16db9b7c43312faa78bd849fbfc46a244bf294946776f42f7d018",
"md5": "c61b3c416484fa13c08025cd4c8bdb38",
"sha256": "3b7d5b95e6bb685141635c40e690c36e2f2a2e0a5830ded5c390b6fbf7cfac41"
},
"downloads": -1,
"filename": "feistel_py-0.3.0-py3-none-any.whl",
"has_sig": false,
"md5_digest": "c61b3c416484fa13c08025cd4c8bdb38",
"packagetype": "bdist_wheel",
"python_version": "py3",
"requires_python": ">=3.10.2",
"size": 13961,
"upload_time": "2024-10-10T16:38:54",
"upload_time_iso_8601": "2024-10-10T16:38:54.529451Z",
"url": "https://files.pythonhosted.org/packages/f8/b5/1f9469c16db9b7c43312faa78bd849fbfc46a244bf294946776f42f7d018/feistel_py-0.3.0-py3-none-any.whl",
"yanked": false,
"yanked_reason": null
},
{
"comment_text": "",
"digests": {
"blake2b_256": "7618dc1140b2f68038541925b5d8cbea2f1463ea04fcc269e23e3b2ee69aee66",
"md5": "729ebbda209a4aad15cfec65fdae8cbe",
"sha256": "0008f060f46467e1c0ed89164793c3c366e939af902137ff60fdec59498e382f"
},
"downloads": -1,
"filename": "feistel_py-0.3.0.tar.gz",
"has_sig": false,
"md5_digest": "729ebbda209a4aad15cfec65fdae8cbe",
"packagetype": "sdist",
"python_version": "source",
"requires_python": ">=3.10.2",
"size": 15390,
"upload_time": "2024-10-10T16:38:55",
"upload_time_iso_8601": "2024-10-10T16:38:55.493498Z",
"url": "https://files.pythonhosted.org/packages/76/18/dc1140b2f68038541925b5d8cbea2f1463ea04fcc269e23e3b2ee69aee66/feistel_py-0.3.0.tar.gz",
"yanked": false,
"yanked_reason": null
}
],
"upload_time": "2024-10-10 16:38:55",
"github": true,
"gitlab": false,
"bitbucket": false,
"codeberg": false,
"github_user": "cyrildever",
"github_project": "feistel-py",
"travis_ci": false,
"coveralls": false,
"github_actions": false,
"lcname": "feistel-py"
}