Securing Your Data Using Hashlib Library in Python

Have you ever come across words like encryption, decryption, hashing, security? If you have never heard about it or want to know more about it, it is for you. Today, we will discuss a fantastic library in python known as hashlib, which is generally used for encoding.  

Encoding means changing the value of the original string into another string, generally for security purposes. ‘hashlib’ library uses hashing functions to encode the strings. This Library consists of many different functions which perform transforms a string to other string in different ways. Let us now go through different hashing functions that can be used for encrypting the original value into some other value. 

Why to hashlib in python? 

The best thing about hashing is that it is a one-way function. It means that if we applied a hashing function on a particular string, it could not be converted into the original string. And this is how it is different from encryption. This is the reason why hashing is so widely used in storing the passwords. Let suppose you are signing up on a website, and you saved your password on that website, and that password is common to all your other accounts. If there were no such means as hashing, that website owner could have used your password and may have taken advantage of it. But due to hashing, that value has been changed, and the owner cannot even change it back to the original value. 

Syntax of hashlib python- 

Hashlib is a built-in library. So, you can use it directly in your system just by importing it. There are three main functions which you should know before knowing more about this Library. 

  1. Update()– The string that you want to encrypt should be used as the argument in update function.  
  2. encode()– update() function requires encoded string, so we first need to apply encode() on the string, otherwise we will get ‘typeerror unicode objects must be encoded before hashing python hashlib‘.
  3. hexdigest()– This function is used to get the encrypted string. We can also use the digest(), but that does not give us a clean output.   

Algorithms in hashlib Library in python- 

There are many different functions/ algorithms available in the hashlib Library. Some algorithms are there in all the systems, and some are specific to your system.  

To know what your system supports all algorithms, use the ‘hashlib.algorithms_available.’ Attribute. 

To know what all algorithms are there in every system, use ‘hashlib.algorithms_guaranteed’. attribute. 

Let’s see how we can do this- 

# To know the algorithms available in your system, use algorithms_available
print(hashlib.algorithms_available)
{'blake2b', 'blake2b512', 'blake2s', 'blake2s256', 'md4', 'md5', 'md5-sha1', 'mdc2', 'ripemd160', 'sha1', 'sha224', 'sha256', 'sha3-224', 'sha3-256', 'sha3-384', 'sha3-512', 'sha384', 'sha3_224', 'sha3_256', 'sha3_384', 'sha3_512', 'sha512', 'sha512-224', 'sha512-256', 'shake128', 'shake256', 'shake_128', 'shake_256', 'sm3', 'whirlpool'}

Note – The output will differ in your system.

# To know the algorithms available to all,
print(hashlib.algorithms_guaranteed)
{'blake2s', 'sha384', 'sha3_256', 'sha1', 'shake_128', 'sha3_512', 'sha512', 'sha224', 'sha3_384', 'sha256', 'sha3_224', 'md5', 'shake_256', 'blake2b'}

a. new()

It is a generic constructor that takes the string name of the desired algorithm as its first parameter. It is slower so it should not be preferred.

new1= hashlib.new('sha384')
# if we don't want to use encode(),we can use 'b' in front of string.
new1.update(b"Nobody inspects the spammish repetition")
print(new1.hexdigest())
213f861faafc19445f10c569f56c7540c5b6bbe10435353d930e351b49861d9a0f95f33efe355220c248b24d85e1e179

b. SHA1 hashlib hash functions

It produces a 160-bit hash value (message digest). It is not considered safe and hence should not be used.

import hashlib
# using the sha1 hashing algo
hash_func = hashlib.sha1()
# string that we want to change
string="Python is the best"
# encoding the string to pass into update()
encoded_string=string.encode()
# Passing the string into update()
hash_func.update(encoded_string)
# Saving the new string using hexdigest()
message=hash_func.hexdigest()
print(message)
da39a3ee5e6b4b0d3255bfef95601890afd80709
hashlib python

c. md5 hash

This hash function splits the string into equal parts and then computes a 128 bit hash value of the entire string through chaining.

import hashlib
#using the md5 hash function.
hash_func = hashlib.md5()
string="Python is the best"
encoded_string=string.encode()
m.update(encoded_string)
message=hash_func.hexdigest()
print(message)
d41d8cd98f00b204e9800998ecf8427e

d. Now let us look at all hash functions together

import hashlib

#blake2s offers high speed, security, and simplicity.
hash_func1 = hashlib.blake2s()
#sha256 offers 256-bit key and is one of the strongest hash function available. 
hash_func2 = hashlib.sha256()
#sha512 is a 512 bit (64 byte) hash function
hash_func3 = hashlib.sha512()
string="Python is the best"

encoded_string=string.encode()

hash_func1.update(encoded_string)
hash_func2.update(encoded_string)
hash_func3.update(encoded_string)

message1=hash_func1.hexdigest()
print("blake2s:",message1)
message2=hash_func2.hexdigest()
print("sha256:",message2)
message3=hash_func3.hexdigest()
print("sha512:",message3)
blake2s: b5eaf8a10673a974856a3faa500ab142a199e377e4f489ec67919166b4801cbc  
sha256: c651ccb2a90e0757f4d151f6d5583ce5fbf5171a0c31002d36a0776550ec95b6 
sha512:cf145d99611fa301d6ac712d8d57ad7e6f18c0352268ddb16222cafb1032b874763e971b87877ff676deab47132baeed13b22181be82a6f8741b62dcae4958bb

e. Using base64

Another way to encode binary hashes for non-binary environments.

import hashlib
import base64
string="Python"
encoded_string = base64.b64encode(string.encode('utf8'))
sha256_encoded_string=hashlib.sha256(encoded_string).hexdigest()
print(sha256_encoded_string)
777a87a9ae744e021bfe62c1e28068742213bcfd3594b1764f287bd342dc47e9

f. How to store the hashed data in a file?

import hashlib

def sha1(fname):
    hash_sha1 = hashlib.sha1()
    with open(fname, "rb") as f:
        # sometimes we cannot save the complete file and that is why we save 
        #the data in in chunks
        for chunk in iter(lambda: f.read(4096), b""):
            hash_sha1.update(chunk)
    return hash_sha1.hexdigest()

# create a file
file=open("ashwini.txt","w")
file.write(sha1("ashwini.txt"))
file.close()
python hashlib

g. Can we decrypt data generated using hashlib in python?

We have told you many times that hashing is a one way process. We cannot decrypt/decode the data generated by hashing functions in hashlib library, by any legal means. Though people have come out will different illegal means to crack the hashed data generated by functions like md5, sha1, but as that is illegal, we should not focus on decrypting this type of data.

Must Read:

Conclusion

To secure our data (string), we can use the hashlib library in python. There are many hash functions available like sha1, sha2, md5 and more. SHA2 is generally regarded as the strongest algorithm. Also, we cannot estimate the original string once it has been changed.

Try to run the programs on your side and let us know if you have any queries.

Happy Coding!

0 0 vote
Article Rating
Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments
x